Move signing code into main app sources

2020-12-26 17:03:10 -08:00 · 2020-12-26 17:03:10 -08:00 · 9a707236b8
commit 9a707236b8
parent e9e6ad3bb0
17 changed files with 5 additions and 119 deletions
--- a/app/build.gradle.kts
+++ b/app/build.gradle.kts
@ -74,13 +74,16 @@ dependencies {
    implementation(fileTree(mapOf("dir" to "libs", "include" to listOf("*.jar"))))
    implementation(kotlin("stdlib"))
    implementation(project(":app:shared"))
-    implementation(project(":app:signing"))

    implementation("com.github.topjohnwu:jtar:1.0.0")
    implementation("com.github.topjohnwu:indeterminate-checkbox:1.0.7")
    implementation("com.github.topjohnwu:lz4-java:1.7.1")
    implementation("com.jakewharton.timber:timber:4.7.1")

+    val vBC = "1.67"
+    implementation("org.bouncycastle:bcprov-jdk15on:${vBC}")
+    implementation("org.bouncycastle:bcpkix-jdk15on:${vBC}")
+
    val vBAdapt = "4.0.0"
    val bindingAdapter = "me.tatarka.bindingcollectionadapter2:bindingcollectionadapter"
    implementation("${bindingAdapter}:${vBAdapt}")
--- a/app/signing/.gitignore
+++ b/app/signing/.gitignore
@ -1 +0,0 @@
-/build
--- a/app/signing/build.gradle.kts
+++ b/app/signing/build.gradle.kts
@ -1,35 +0,0 @@
-import com.github.jengelman.gradle.plugins.shadow.tasks.ShadowJar
-
-plugins {
-    id("java-library")
-    id("java")
-    id("com.github.johnrengelman.shadow") version "6.0.0"
-}
-
-java {
-    sourceCompatibility = JavaVersion.VERSION_1_8
-    targetCompatibility = JavaVersion.VERSION_1_8
-}
-
-val jar by tasks.getting(Jar::class) {
-    manifest {
-        attributes["Main-Class"] = "com.topjohnwu.signing.ZipSigner"
-    }
-}
-
-val shadowJar by tasks.getting(ShadowJar::class) {
-    archiveBaseName.set("zipsigner")
-    archiveClassifier.set(null as String?)
-    archiveVersion.set("4.0")
-}
-
-repositories {
-    jcenter()
-}
-
-dependencies {
-    implementation(fileTree(mapOf("dir" to "libs", "include" to listOf("*.jar"))))
-
-    api("org.bouncycastle:bcprov-jdk15on:1.67")
-    api("org.bouncycastle:bcpkix-jdk15on:1.67")
-}
--- a/app/signing/src/main/java/com/topjohnwu/signing/ZipSigner.java
+++ b/app/signing/src/main/java/com/topjohnwu/signing/ZipSigner.java
@ -1,81 +0,0 @@
-package com.topjohnwu.signing;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.Security;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-
-public class ZipSigner {
-
-    private static void usage() {
-        System.err.println("ZipSigner usage:");
-        System.err.println("  zipsigner.jar input.jar output.jar");
-        System.err.println("    sign jar with AOSP test keys");
-        System.err.println("  zipsigner.jar x509.pem pk8 input.jar output.jar");
-        System.err.println("    sign jar with certificate / private key pair");
-        System.err.println("  zipsigner.jar keyStore keyStorePass alias keyPass input.jar output.jar");
-        System.err.println("    sign jar with Java KeyStore");
-        System.exit(2);
-    }
-
-    private static void sign(JarMap input, FileOutputStream output) throws Exception {
-        sign(SignApk.class.getResourceAsStream("/keys/testkey.x509.pem"),
-                SignApk.class.getResourceAsStream("/keys/testkey.pk8"), input, output);
-    }
-
-    private static void sign(InputStream certIs, InputStream keyIs,
-                             JarMap input, FileOutputStream output) throws Exception {
-        X509Certificate cert = CryptoUtils.readCertificate(certIs);
-        PrivateKey key = CryptoUtils.readPrivateKey(keyIs);
-        SignApk.sign(cert, key, input, output);
-    }
-
-    private static void sign(String keyStore, String keyStorePass, String alias, String keyPass,
-                             JarMap in, FileOutputStream out) throws Exception {
-        KeyStore ks;
-        try {
-            ks = KeyStore.getInstance("JKS");
-            try (InputStream is = new FileInputStream(keyStore)) {
-                ks.load(is, keyStorePass.toCharArray());
-            }
-        } catch (KeyStoreException|IOException|CertificateException|NoSuchAlgorithmException e) {
-            ks = KeyStore.getInstance("PKCS12");
-            try (InputStream is = new FileInputStream(keyStore)) {
-                ks.load(is, keyStorePass.toCharArray());
-            }
-        }
-        X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
-        PrivateKey key = (PrivateKey) ks.getKey(alias, keyPass.toCharArray());
-        SignApk.sign(cert, key, in, out);
-    }
-
-    public static void main(String[] args) throws Exception {
-        if (args.length != 2 && args.length != 4 && args.length != 6)
-            usage();
-
-        Security.insertProviderAt(new BouncyCastleProvider(), 1);
-
-        try (JarMap in = JarMap.open(args[args.length - 2], false);
-             FileOutputStream out = new FileOutputStream(args[args.length - 1])) {
-            if (args.length == 2) {
-                sign(in, out);
-            } else if (args.length == 4) {
-                try (InputStream cert = new FileInputStream(args[0]);
-                     InputStream key = new FileInputStream(args[1])) {
-                    sign(cert, key, in, out);
-                }
-            } else if (args.length == 6) {
-                sign(args[0], args[1], args[2], args[3], in, out);
-            }
-        }
-    }
-}
--- a/app/signing/src/main/java/com/topjohnwu/signing/ApkSignerV2.java
+++ b/app/signing/src/main/java/com/topjohnwu/signing/ApkSignerV2.java
--- a/app/signing/src/main/java/com/topjohnwu/signing/BootSigner.java
+++ b/app/signing/src/main/java/com/topjohnwu/signing/BootSigner.java
--- a/app/signing/src/main/java/com/topjohnwu/signing/ByteArrayStream.java
+++ b/app/signing/src/main/java/com/topjohnwu/signing/ByteArrayStream.java
--- a/app/signing/src/main/java/com/topjohnwu/signing/CryptoUtils.java
+++ b/app/signing/src/main/java/com/topjohnwu/signing/CryptoUtils.java
--- a/app/signing/src/main/java/com/topjohnwu/signing/JarMap.java
+++ b/app/signing/src/main/java/com/topjohnwu/signing/JarMap.java
--- a/app/signing/src/main/java/com/topjohnwu/signing/SignApk.java
+++ b/app/signing/src/main/java/com/topjohnwu/signing/SignApk.java
--- a/app/signing/src/main/java/com/topjohnwu/signing/SignBoot.java
+++ b/app/signing/src/main/java/com/topjohnwu/signing/SignBoot.java
--- a/app/signing/src/main/java/com/topjohnwu/signing/ZipUtils.java
+++ b/app/signing/src/main/java/com/topjohnwu/signing/ZipUtils.java
--- a/app/signing/src/main/resources/keys/testkey.pk8
+++ b/app/signing/src/main/resources/keys/testkey.pk8
--- a/app/signing/src/main/resources/keys/testkey.x509.pem
+++ b/app/signing/src/main/resources/keys/testkey.x509.pem
--- a/app/signing/src/main/resources/keys/verity.pk8
+++ b/app/signing/src/main/resources/keys/verity.pk8
--- a/app/signing/src/main/resources/keys/verity.x509.pem
+++ b/app/signing/src/main/resources/keys/verity.x509.pem
--- a/settings.gradle.kts
+++ b/settings.gradle.kts
@ -1 +1 @@
-include(":app", ":app:signing", ":app:shared", ":native", ":stub")
+include(":app", ":app:shared", ":native", ":stub")