Merge pull request #48715 from akien-mga/script-encryption-abort-if-invalid

SCons: Abort if SCRIPT_AES256_ENCRYPTION_KEY is invalid
2021-05-14 12:03:41 +02:00 · 2021-05-14 12:03:41 +02:00 · e41bdd4c3e
commit e41bdd4c3e
parent 99626d5b57 08b4383e3f
1 changed files with 10 additions and 7 deletions
--- a/core/SCsub
+++ b/core/SCsub
@ -12,25 +12,28 @@ import os

 txt = "0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0"
 if "SCRIPT_AES256_ENCRYPTION_KEY" in os.environ:
-    e = os.environ["SCRIPT_AES256_ENCRYPTION_KEY"]
-    txt = ""
+    key = os.environ["SCRIPT_AES256_ENCRYPTION_KEY"]
    ec_valid = True
-    if len(e) != 64:
+    if len(key) != 64:
        ec_valid = False
    else:
-
+        txt = ""
        for i in range(len(e) >> 1):
            if i > 0:
                txt += ","
-            txts = "0x" + e[i * 2 : i * 2 + 2]
+            txts = "0x" + key[i * 2 : i * 2 + 2]
            try:
                int(txts, 16)
            except Exception:
                ec_valid = False
            txt += txts
    if not ec_valid:
-        txt = "0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0"
-        print("Invalid AES256 encryption key, not 64 bits hex: " + e)
+        print("Error: Invalid AES256 encryption key, not 64 hexadecimal characters: '" + key + "'.")
+        print(
+            "Unset 'SCRIPT_AES256_ENCRYPTION_KEY' in your environment "
+            "or make sure that it contains exactly 64 hexadecimal characters."
+        )
+        Exit(255)

 # NOTE: It is safe to generate this file here, since this is still executed serially
 with open("script_encryption_key.gen.cpp", "w") as f: