### Purpose Instead of hardcoding `SigningKey` as text use `go:embed`. Fixes #9247. ### Testing * Building syncthing * Trying to upgrade (signature verification)
This commit is contained in:
gudvinr
GitHub
parent
5360e7153b
commit
91084b83b4
|
|
@ -6,14 +6,13 @@
|
|||
|
||||
package upgrade
|
||||
|
||||
import _ "embed"
|
||||
|
||||
// SigningKey is the public key used to verify signed upgrades. It must match
|
||||
// the private key used to sign binaries for the built in upgrade mechanism to
|
||||
// accept an upgrade. Keys and signatures can be created and verified with the
|
||||
// stsigtool utility. The build script creates signed binaries when given the
|
||||
// -sign option.
|
||||
var SigningKey = []byte(`-----BEGIN EC PUBLIC KEY-----
|
||||
MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA1iRk+p+DsmolixxVKcpEVlMDPOeQ
|
||||
1dWthURMqsjxoJuDAe5I98P/A0kXSdBI7avm5hXhX2opJ5TAyBZLHPpDTRoBg4WN
|
||||
7jUpeAjtPoVVxvOh37qDeDVcjCgJbbDTPKbjxq/Ae3SHlQMRcoes7lVY1+YJ8dPk
|
||||
2oPfjA6jtmo9aVbf/uo=
|
||||
-----END EC PUBLIC KEY-----`)
|
||||
//
|
||||
//go:embed signingkey.pem
|
||||
var SigningKey []byte
|
||||
|
|
|
|||
|
|
@ -0,0 +1,6 @@
|
|||
-----BEGIN EC PUBLIC KEY-----
|
||||
MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA1iRk+p+DsmolixxVKcpEVlMDPOeQ
|
||||
1dWthURMqsjxoJuDAe5I98P/A0kXSdBI7avm5hXhX2opJ5TAyBZLHPpDTRoBg4WN
|
||||
7jUpeAjtPoVVxvOh37qDeDVcjCgJbbDTPKbjxq/Ae3SHlQMRcoes7lVY1+YJ8dPk
|
||||
2oPfjA6jtmo9aVbf/uo=
|
||||
-----END EC PUBLIC KEY-----
|
||||
Loading…
Reference in New Issue