Rename the PGP certificates

2023-09-18 11:17:31 +08:00 · 2023-09-18 11:17:31 +08:00 · 5dbcca216a
commit 5dbcca216a
parent f6fa0b3832
4 changed files with 15 additions and 12 deletions
--- a/RPM-GPG-KEY-openEuler-22.03-SP1
+++ b/RPM-GPG-KEY-openEuler-22.03-SP1
--- a/RPM-GPG-KEY-openEuler-22.03
+++ b/RPM-GPG-KEY-openEuler-22.03
--- a/kernel.spec
+++ b/kernel.spec
@ -12,7 +12,7 @@
 %global upstream_sublevel   0
 %global devel_release       146
 %global maintenance_release .0.0
-%global pkg_release         .76
+%global pkg_release         .77
 %define with_debuginfo 1
 # Do not recompute the build-id of vmlinux in find-debuginfo.sh
@ -53,9 +53,9 @@ Source11: x509.genkey
 Source12: extra_certificates
 # openEuler RPM PGP certificates:
 # 1. openeuler <openeuler@compass-ci.com>
-Source13: RPM-GPG-KEY-openEuler-22.03-SP1
+Source13: RPM-GPG-KEY-openEuler-compass-ci
 # 2. private OBS <defaultkey@localobs>
-Source14: RPM-GPG-KEY-openEuler-22.03
+Source14: RPM-GPG-KEY-openEuler-localobs
 Source15: process_pgp_certs.sh
 %if 0%{?with_kabichk}
@ -889,6 +889,9 @@ fi
 %endif
 %changelog
 * Mon Sep 18 2023 luhuaxin <luhuxin1@huawei.com> - 5.10.0-146.0.0.77
 - Rename the PGP certificates
 * Tue Jun 06 2023 zhoushuiqing <zhoushuiqing2@huawei.com> - 5.10.0-146.0.0.76
 - Process PGP certs before kernel building
--- a/process_pgp_certs.sh
+++ b/process_pgp_certs.sh
@ -2,35 +2,35 @@
 # from: https://repo.openeuler.org/openEuler-22.03-LTS/source/RPM-GPG-KEY-openEuler
 # sh256: b09bf8bf7dae9aa6b24b170b6b85dd1717e14e674f270d14da0436e8dfc4260e
-CERT_2203="RPM-GPG-KEY-openEuler-22.03"
+CERT_2203="RPM-GPG-KEY-openEuler-localobs"
-# from: https://repo.openeuler.org/openEuler-22.03-LTS-SP1/source/RPM-GPG-KEY-openEuler
+# from: https://repo.openeuler.org/openEuler-22.03-LTS-SPx/source/RPM-GPG-KEY-openEuler
 # sha256: 006e79d37c10e74c24df6d07c4efc4176515cec009daa5ed493b06f5b6ef39c1
-CERT_2203_SP1="RPM-GPG-KEY-openEuler-22.03-SP1"
+CERT_2203_SPx="RPM-GPG-KEY-openEuler-compass-ci"
 # process result for kernel building
 CERT_OUT="pubring.gpg"
 # base64 decode with removing prefix and suffix
-for cert in $CERT_2203 $CERT_2203_SP1; do
+for cert in $CERT_2203 $CERT_2203_SPx; do
 	cat $cert | head -n -2 | tail -n +2 | base64 -d > $cert.gpg
 done
-# 22.03 SP1 use subkey to sign, but kernel can only parse main key. So we need to
+# 22.03 SPx use subkey to sign, but kernel can only parse main key. So we need to
 # extract subkey information and wrap to a main key format.
 # The PGP data can be parsered with https://cirw.in/gpg-decoder/
 # Extra User ID Packet
 # start: 400; length: 38
-dd if=$CERT_2203_SP1.gpg of=$CERT_2203_SP1.userid.gpg skip=400 bs=1c count=38
+dd if=$CERT_2203_SPx.gpg of=$CERT_2203_SPx.userid.gpg skip=400 bs=1c count=38
 # Extra Public-Subkey Packet
 # start: 902 + 1(wrap cipherTypeByte); length: 400 - 1
 # cipherTypeByte: 0x99 = 10 0110(wrap to a main key) 01
-echo -en "\x99" > $CERT_2203_SP1.subkey.gpg
+echo -en "\x99" > $CERT_2203_SPx.subkey.gpg
-dd if=$CERT_2203_SP1.gpg of=$CERT_2203_SP1.subkey.gpg skip=903 bs=1c count=399 seek=1
+dd if=$CERT_2203_SPx.gpg of=$CERT_2203_SPx.subkey.gpg skip=903 bs=1c count=399 seek=1
 # 22.03 use main key to sign, so we dont need to deal it.
 # merge all cert information
-cat $CERT_2203_SP1.subkey.gpg $CERT_2203_SP1.userid.gpg $CERT_2203.gpg > $CERT_OUT
+cat $CERT_2203_SPx.subkey.gpg $CERT_2203_SPx.userid.gpg $CERT_2203.gpg > $CERT_OUT
 # cleanup
 rm -f RPM-GPG-KEY-openEuler-*