Zip always try to generate new encryption header depending on execution
time and process id, which is far from being reproducible. This commit
changes the zip srand() seed to a predictable value to generate
reproducible random bytes for the encryption header. This will compromise
the goal of secure archive encryption, but it would not be a big problem
for our purpose.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Remove "--mtime" option introduced in commit 18c9faa032 ("tools: zip:
add option for reproducible archives") and instead fetch SOURCE_DATE_EPOCH
environment variable directly in the code.
Ref: https://sourceforge.net/p/infozip/patches/25/
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Add the option -mt/--mtime to pass a timestamp which is used as filedate
for the containing files.
So far, it isn't used for anything written to the extra fields,
therefore requires the -X (eXclude eXtra file attributes) parameter to
be effective.
Signed-off-by: Mathias Kresin <dev@kresin.me>
One image requires a zip compressed image, so add the zip util found in
the packages feed, and extend it with some useful debian patches.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Sungbo Eo