2019-01-30 09:10:12 +01:00
|
|
|
package com.topjohnwu.signing;
|
2017-10-29 20:45:22 +01:00
|
|
|
|
|
|
|
import java.io.FileInputStream;
|
|
|
|
import java.io.InputStream;
|
|
|
|
|
|
|
|
public class BootSigner {
|
|
|
|
|
|
|
|
public static void main(String[] args) throws Exception {
|
2017-10-30 19:55:50 +01:00
|
|
|
if (args.length > 0 && "-verify".equals(args[0])) {
|
2017-10-29 20:45:22 +01:00
|
|
|
String certPath = "";
|
2018-01-26 17:17:43 +01:00
|
|
|
if (args.length >= 2) {
|
|
|
|
/* args[1] is the path to a public key certificate */
|
|
|
|
certPath = args[1];
|
2017-10-29 20:45:22 +01:00
|
|
|
}
|
2017-10-30 19:55:50 +01:00
|
|
|
boolean signed = SignBoot.verifySignature(System.in,
|
2017-10-29 20:45:22 +01:00
|
|
|
certPath.isEmpty() ? null : new FileInputStream(certPath));
|
|
|
|
System.exit(signed ? 0 : 1);
|
2017-10-30 19:55:50 +01:00
|
|
|
} else if (args.length > 0 && "-sign".equals(args[0])) {
|
2018-01-26 17:17:43 +01:00
|
|
|
InputStream cert = null;
|
|
|
|
InputStream key = null;
|
2019-07-04 08:17:14 +02:00
|
|
|
String name = "/boot";
|
2017-10-30 19:55:50 +01:00
|
|
|
|
2018-01-26 17:17:43 +01:00
|
|
|
if (args.length >= 3) {
|
|
|
|
cert = new FileInputStream(args[1]);
|
|
|
|
key = new FileInputStream(args[2]);
|
2017-10-29 20:45:22 +01:00
|
|
|
}
|
2019-07-04 21:06:45 +02:00
|
|
|
if (args.length == 2) {
|
|
|
|
name = args[1];
|
|
|
|
} else if (args.length >= 4) {
|
2019-07-04 08:17:14 +02:00
|
|
|
name = args[3];
|
|
|
|
}
|
2017-10-29 20:45:22 +01:00
|
|
|
|
2019-07-04 08:17:14 +02:00
|
|
|
boolean success = SignBoot.doSignature(name, System.in, System.out, cert, key);
|
2017-10-30 19:55:50 +01:00
|
|
|
System.exit(success ? 0 : 1);
|
|
|
|
} else {
|
|
|
|
System.err.println(
|
|
|
|
"BootSigner <actions> [args]\n" +
|
|
|
|
"Input from stdin, outputs to stdout\n" +
|
|
|
|
"\n" +
|
|
|
|
"Actions:\n" +
|
|
|
|
" -verify [x509.pem]\n" +
|
|
|
|
" verify image, cert is optional\n" +
|
2019-07-04 08:17:14 +02:00
|
|
|
" -sign [x509.pem] [pk8] [name]\n" +
|
|
|
|
" sign image, name, cert and key pair are optional\n" +
|
|
|
|
" name should be /boot (default) or /recovery\n"
|
2017-10-30 19:55:50 +01:00
|
|
|
);
|
2017-10-29 20:45:22 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|