mirror of
https://gitlab.futo.org/videostreaming/grayjay.git
synced 2025-04-29 22:24:29 +02:00
31 lines
1.3 KiB
Markdown
31 lines
1.3 KiB
Markdown
# Script signing
|
|
|
|
The `scriptSignature` and `scriptPublicKey` should be set whenever you deploy your script (NOT REQUIRED DURING DEVELOPMENT). The purpose of these fields is to verify that a plugin update was made by the same individual that developed the original plugin. This prevents somebody from hijacking your plugin without having access to your public private keypair. When this value is not present, you can still use this plugin, however the user will be informed that these values are missing and that this is a security risk. Here is an example script showing you how to generate these values. See below for more details.
|
|
|
|
You can use this script to generate the `scriptSignature` and `scriptPublicKey` fields above:
|
|
|
|
`sign-script.sh`
|
|
```sh
|
|
#!/bin/sh
|
|
#Example usage:
|
|
#cat script.js | sign-script.sh
|
|
#sh sign-script.sh script.js
|
|
|
|
#Set your key paths here
|
|
PRIVATE_KEY_PATH=~/.ssh/id_rsa
|
|
PUBLIC_KEY_PATH=~/.ssh/id_rsa.pub
|
|
|
|
PUBLIC_KEY_PKCS8=$(ssh-keygen -f "$PUBLIC_KEY_PATH" -e -m pkcs8 | tail -n +2 | head -n -1 | tr -d '\n')
|
|
echo "This is your public key: '$PUBLIC_KEY_PKCS8'"
|
|
|
|
if [ $# -eq 0 ]; then
|
|
# No parameter provided, read from stdin
|
|
DATA=$(cat)
|
|
else
|
|
# Parameter provided, read from file
|
|
DATA=$(cat "$1")
|
|
fi
|
|
|
|
SIGNATURE=$(echo -n "$DATA" | openssl dgst -sha512 -sign ~/.ssh/id_rsa | base64 -w 0)
|
|
echo "This is your signature: '$SIGNATURE'"
|
|
``` |