Martchus
/
syncthing
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
syncthing/lib/upgrade/signingkey.go

19 lines
669 B
Go
Raw Normal View History

Only accept correctly signed upgrades
2015-08-21 10:13:31 +02:00
// Copyright (C) 2015 The Syncthing Authors.
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
all: Update license url to https (ref #3976)
2017-02-09 07:52:18 +01:00
// You can obtain one at https://mozilla.org/MPL/2.0/.
Only accept correctly signed upgrades
2015-08-21 10:13:31 +02:00
package upgrade
lib/upgrade: Extract signing key to embedded file (fixes #9247) (#9296) ### Purpose Instead of hardcoding `SigningKey` as text use `go:embed`. Fixes #9247. ### Testing * Building syncthing * Trying to upgrade (signature verification)
2023-12-18 20:47:57 +01:00
import _ "embed"
Comment pedantry
2015-10-31 11:15:49 +01:00
// SigningKey is the public key used to verify signed upgrades. It must match
// the private key used to sign binaries for the built in upgrade mechanism to
Only accept correctly signed upgrades
2015-08-21 10:13:31 +02:00
// accept an upgrade. Keys and signatures can be created and verified with the
// stsigtool utility. The build script creates signed binaries when given the
// -sign option.
lib/upgrade: Extract signing key to embedded file (fixes #9247) (#9296) ### Purpose Instead of hardcoding `SigningKey` as text use `go:embed`. Fixes #9247. ### Testing * Building syncthing * Trying to upgrade (signature verification)
2023-12-18 20:47:57 +01:00
//
//go:embed signingkey.pem
var SigningKey []byte