| Tao Bao | e7354ba | 2019-05-09 16:54:15 -0700 | [diff] [blame] | 1 | #!/usr/bin/env python |
| 2 | # |
| 3 | # Copyright (C) 2019 The Android Open Source Project |
| 4 | # |
| 5 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | # you may not use this file except in compliance with the License. |
| 7 | # You may obtain a copy of the License at |
| 8 | # |
| 9 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | # |
| 11 | # Unless required by applicable law or agreed to in writing, software |
| 12 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | # See the License for the specific language governing permissions and |
| 15 | # limitations under the License. |
| 16 | |
| 17 | """ |
| 18 | Signs a standalone APEX file. |
| 19 | |
| 20 | Usage: sign_apex [flags] input_apex_file output_apex_file |
| 21 | |
| 22 | --container_key <key> |
| 23 | Mandatory flag that specifies the container signing key. |
| 24 | |
| 25 | --payload_key <key> |
| 26 | Mandatory flag that specifies the payload signing key. |
| 27 | |
| 28 | --payload_extra_args <args> |
| 29 | Optional flag that specifies any extra args to be passed to payload signer |
| 30 | (e.g. --payload_extra_args="--signing_helper_with_files /path/to/helper"). |
| 31 | """ |
| 32 | |
| 33 | import logging |
| 34 | import shutil |
| 35 | import sys |
| 36 | |
| 37 | import apex_utils |
| 38 | import common |
| 39 | |
| 40 | logger = logging.getLogger(__name__) |
| 41 | |
| 42 | |
| Tao Bao | c9c1b86 | 2019-06-26 14:54:14 -0700 | [diff] [blame^] | 43 | def SignApexFile(apex_file, payload_key, container_key, signing_args=None): |
| 44 | """Signs the given apex file.""" |
| 45 | with open(apex_file, 'rb') as input_fp: |
| 46 | apex_data = input_fp.read() |
| 47 | |
| 48 | return apex_utils.SignApex( |
| 49 | apex_data, |
| 50 | payload_key=payload_key, |
| 51 | container_key=container_key, |
| 52 | container_pw=None, |
| 53 | codename_to_api_level_map=None, |
| 54 | signing_args=signing_args) |
| 55 | |
| 56 | |
| Tao Bao | e7354ba | 2019-05-09 16:54:15 -0700 | [diff] [blame] | 57 | def main(argv): |
| 58 | |
| 59 | options = {} |
| 60 | |
| 61 | def option_handler(o, a): |
| 62 | if o == '--container_key': |
| 63 | # Strip the suffix if any, as common.SignFile expects no suffix. |
| 64 | DEFAULT_CONTAINER_KEY_SUFFIX = '.x509.pem' |
| 65 | if a.endswith(DEFAULT_CONTAINER_KEY_SUFFIX): |
| 66 | a = a[:-len(DEFAULT_CONTAINER_KEY_SUFFIX)] |
| 67 | options['container_key'] = a |
| 68 | elif o == '--payload_key': |
| 69 | options['payload_key'] = a |
| 70 | elif o == '--payload_extra_args': |
| 71 | options['payload_extra_args'] = a |
| 72 | else: |
| 73 | return False |
| 74 | return True |
| 75 | |
| 76 | args = common.ParseOptions( |
| 77 | argv, __doc__, |
| 78 | extra_opts='', |
| 79 | extra_long_opts=[ |
| 80 | 'container_key=', |
| 81 | 'payload_extra_args=', |
| 82 | 'payload_key=', |
| 83 | ], |
| 84 | extra_option_handler=option_handler) |
| 85 | |
| 86 | if (len(args) != 2 or 'container_key' not in options or |
| 87 | 'payload_key' not in options): |
| 88 | common.Usage(__doc__) |
| 89 | sys.exit(1) |
| 90 | |
| 91 | common.InitLogging() |
| 92 | |
| Tao Bao | c9c1b86 | 2019-06-26 14:54:14 -0700 | [diff] [blame^] | 93 | signed_apex = SignApexFile( |
| 94 | args[0], |
| 95 | options['payload_key'], |
| 96 | options['container_key'], |
| 97 | options.get('payload_extra_args')) |
| 98 | shutil.copyfile(signed_apex, args[1]) |
| Tao Bao | e7354ba | 2019-05-09 16:54:15 -0700 | [diff] [blame] | 99 | logger.info("done.") |
| 100 | |
| 101 | |
| 102 | if __name__ == '__main__': |
| 103 | try: |
| 104 | main(sys.argv[1:]) |
| 105 | except common.ExternalError: |
| 106 | logger.exception("\n ERROR:\n") |
| 107 | sys.exit(1) |
| 108 | finally: |
| 109 | common.Cleanup() |