2009-03-04 04:28:42 +01:00
|
|
|
/*
|
|
|
|
* Copyright (C) 2008 The Android Open Source Project
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
|
|
|
package com.android.signapk;
|
|
|
|
|
2012-09-04 22:32:13 +02:00
|
|
|
import org.bouncycastle.asn1.ASN1InputStream;
|
|
|
|
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
|
|
|
|
import org.bouncycastle.asn1.DEROutputStream;
|
|
|
|
import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
|
|
|
|
import org.bouncycastle.cert.jcajce.JcaCertStore;
|
|
|
|
import org.bouncycastle.cms.CMSException;
|
|
|
|
import org.bouncycastle.cms.CMSProcessableByteArray;
|
|
|
|
import org.bouncycastle.cms.CMSSignedData;
|
|
|
|
import org.bouncycastle.cms.CMSSignedDataGenerator;
|
|
|
|
import org.bouncycastle.cms.CMSTypedData;
|
|
|
|
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
|
|
|
|
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
|
|
|
import org.bouncycastle.operator.ContentSigner;
|
|
|
|
import org.bouncycastle.operator.OperatorCreationException;
|
|
|
|
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
|
|
|
|
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
|
|
|
|
import org.bouncycastle.util.encoders.Base64;
|
2009-03-04 04:28:42 +01:00
|
|
|
|
|
|
|
import java.io.BufferedReader;
|
|
|
|
import java.io.ByteArrayOutputStream;
|
|
|
|
import java.io.DataInputStream;
|
|
|
|
import java.io.File;
|
|
|
|
import java.io.FileInputStream;
|
|
|
|
import java.io.FileOutputStream;
|
|
|
|
import java.io.FilterOutputStream;
|
|
|
|
import java.io.IOException;
|
|
|
|
import java.io.InputStream;
|
|
|
|
import java.io.InputStreamReader;
|
|
|
|
import java.io.OutputStream;
|
|
|
|
import java.io.PrintStream;
|
|
|
|
import java.security.DigestOutputStream;
|
|
|
|
import java.security.GeneralSecurityException;
|
|
|
|
import java.security.Key;
|
|
|
|
import java.security.KeyFactory;
|
|
|
|
import java.security.MessageDigest;
|
|
|
|
import java.security.PrivateKey;
|
2012-09-04 22:32:13 +02:00
|
|
|
import java.security.Provider;
|
|
|
|
import java.security.Security;
|
|
|
|
import java.security.cert.CertificateEncodingException;
|
2009-03-04 04:28:42 +01:00
|
|
|
import java.security.cert.CertificateFactory;
|
|
|
|
import java.security.cert.X509Certificate;
|
|
|
|
import java.security.spec.InvalidKeySpecException;
|
|
|
|
import java.security.spec.KeySpec;
|
|
|
|
import java.security.spec.PKCS8EncodedKeySpec;
|
|
|
|
import java.util.ArrayList;
|
|
|
|
import java.util.Collections;
|
|
|
|
import java.util.Enumeration;
|
|
|
|
import java.util.Map;
|
|
|
|
import java.util.TreeMap;
|
|
|
|
import java.util.jar.Attributes;
|
|
|
|
import java.util.jar.JarEntry;
|
|
|
|
import java.util.jar.JarFile;
|
|
|
|
import java.util.jar.JarOutputStream;
|
|
|
|
import java.util.jar.Manifest;
|
2009-06-08 19:46:55 +02:00
|
|
|
import java.util.regex.Pattern;
|
2009-03-04 04:28:42 +01:00
|
|
|
import javax.crypto.Cipher;
|
|
|
|
import javax.crypto.EncryptedPrivateKeyInfo;
|
|
|
|
import javax.crypto.SecretKeyFactory;
|
|
|
|
import javax.crypto.spec.PBEKeySpec;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Command line tool to sign JAR files (including APKs and OTA updates) in
|
|
|
|
* a way compatible with the mincrypt verifier, using SHA1 and RSA keys.
|
|
|
|
*/
|
|
|
|
class SignApk {
|
|
|
|
private static final String CERT_SF_NAME = "META-INF/CERT.SF";
|
|
|
|
private static final String CERT_RSA_NAME = "META-INF/CERT.RSA";
|
2012-10-16 02:10:13 +02:00
|
|
|
private static final String CERT_SF_MULTI_NAME = "META-INF/CERT%d.SF";
|
|
|
|
private static final String CERT_RSA_MULTI_NAME = "META-INF/CERT%d.RSA";
|
2009-03-04 04:28:42 +01:00
|
|
|
|
2012-05-11 18:20:50 +02:00
|
|
|
private static final String OTACERT_NAME = "META-INF/com/android/otacert";
|
|
|
|
|
2012-09-04 22:32:13 +02:00
|
|
|
private static Provider sBouncyCastleProvider;
|
|
|
|
|
2009-06-08 19:46:55 +02:00
|
|
|
// Files matching this pattern are not copied to the output.
|
|
|
|
private static Pattern stripPattern =
|
2012-10-16 02:10:13 +02:00
|
|
|
Pattern.compile("^(META-INF/((.*)[.](SF|RSA|DSA)|com/android/otacert))|(" +
|
|
|
|
Pattern.quote(JarFile.MANIFEST_NAME) + ")$");
|
2009-06-08 19:46:55 +02:00
|
|
|
|
2009-03-04 04:28:42 +01:00
|
|
|
private static X509Certificate readPublicKey(File file)
|
|
|
|
throws IOException, GeneralSecurityException {
|
|
|
|
FileInputStream input = new FileInputStream(file);
|
|
|
|
try {
|
|
|
|
CertificateFactory cf = CertificateFactory.getInstance("X.509");
|
|
|
|
return (X509Certificate) cf.generateCertificate(input);
|
|
|
|
} finally {
|
|
|
|
input.close();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Reads the password from stdin and returns it as a string.
|
|
|
|
*
|
|
|
|
* @param keyFile The file containing the private key. Used to prompt the user.
|
|
|
|
*/
|
|
|
|
private static String readPassword(File keyFile) {
|
|
|
|
// TODO: use Console.readPassword() when it's available.
|
|
|
|
System.out.print("Enter password for " + keyFile + " (password will not be hidden): ");
|
|
|
|
System.out.flush();
|
|
|
|
BufferedReader stdin = new BufferedReader(new InputStreamReader(System.in));
|
|
|
|
try {
|
|
|
|
return stdin.readLine();
|
|
|
|
} catch (IOException ex) {
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Decrypt an encrypted PKCS 8 format private key.
|
|
|
|
*
|
|
|
|
* Based on ghstark's post on Aug 6, 2006 at
|
|
|
|
* http://forums.sun.com/thread.jspa?threadID=758133&messageID=4330949
|
|
|
|
*
|
|
|
|
* @param encryptedPrivateKey The raw data of the private key
|
|
|
|
* @param keyFile The file containing the private key
|
|
|
|
*/
|
|
|
|
private static KeySpec decryptPrivateKey(byte[] encryptedPrivateKey, File keyFile)
|
|
|
|
throws GeneralSecurityException {
|
|
|
|
EncryptedPrivateKeyInfo epkInfo;
|
|
|
|
try {
|
|
|
|
epkInfo = new EncryptedPrivateKeyInfo(encryptedPrivateKey);
|
|
|
|
} catch (IOException ex) {
|
|
|
|
// Probably not an encrypted key.
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
char[] password = readPassword(keyFile).toCharArray();
|
|
|
|
|
|
|
|
SecretKeyFactory skFactory = SecretKeyFactory.getInstance(epkInfo.getAlgName());
|
|
|
|
Key key = skFactory.generateSecret(new PBEKeySpec(password));
|
|
|
|
|
|
|
|
Cipher cipher = Cipher.getInstance(epkInfo.getAlgName());
|
|
|
|
cipher.init(Cipher.DECRYPT_MODE, key, epkInfo.getAlgParameters());
|
|
|
|
|
|
|
|
try {
|
|
|
|
return epkInfo.getKeySpec(cipher);
|
|
|
|
} catch (InvalidKeySpecException ex) {
|
|
|
|
System.err.println("signapk: Password for " + keyFile + " may be bad.");
|
|
|
|
throw ex;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Read a PKCS 8 format private key. */
|
|
|
|
private static PrivateKey readPrivateKey(File file)
|
|
|
|
throws IOException, GeneralSecurityException {
|
|
|
|
DataInputStream input = new DataInputStream(new FileInputStream(file));
|
|
|
|
try {
|
|
|
|
byte[] bytes = new byte[(int) file.length()];
|
|
|
|
input.read(bytes);
|
|
|
|
|
|
|
|
KeySpec spec = decryptPrivateKey(bytes, file);
|
|
|
|
if (spec == null) {
|
|
|
|
spec = new PKCS8EncodedKeySpec(bytes);
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
return KeyFactory.getInstance("RSA").generatePrivate(spec);
|
|
|
|
} catch (InvalidKeySpecException ex) {
|
|
|
|
return KeyFactory.getInstance("DSA").generatePrivate(spec);
|
|
|
|
}
|
|
|
|
} finally {
|
|
|
|
input.close();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Add the SHA1 of every file to the manifest, creating it if necessary. */
|
|
|
|
private static Manifest addDigestsToManifest(JarFile jar)
|
|
|
|
throws IOException, GeneralSecurityException {
|
|
|
|
Manifest input = jar.getManifest();
|
|
|
|
Manifest output = new Manifest();
|
|
|
|
Attributes main = output.getMainAttributes();
|
|
|
|
if (input != null) {
|
|
|
|
main.putAll(input.getMainAttributes());
|
|
|
|
} else {
|
|
|
|
main.putValue("Manifest-Version", "1.0");
|
|
|
|
main.putValue("Created-By", "1.0 (Android SignApk)");
|
|
|
|
}
|
|
|
|
|
|
|
|
MessageDigest md = MessageDigest.getInstance("SHA1");
|
|
|
|
byte[] buffer = new byte[4096];
|
|
|
|
int num;
|
|
|
|
|
|
|
|
// We sort the input entries by name, and add them to the
|
|
|
|
// output manifest in sorted order. We expect that the output
|
|
|
|
// map will be deterministic.
|
|
|
|
|
|
|
|
TreeMap<String, JarEntry> byName = new TreeMap<String, JarEntry>();
|
|
|
|
|
|
|
|
for (Enumeration<JarEntry> e = jar.entries(); e.hasMoreElements(); ) {
|
|
|
|
JarEntry entry = e.nextElement();
|
|
|
|
byName.put(entry.getName(), entry);
|
|
|
|
}
|
|
|
|
|
|
|
|
for (JarEntry entry: byName.values()) {
|
|
|
|
String name = entry.getName();
|
2012-10-16 02:10:13 +02:00
|
|
|
if (!entry.isDirectory() &&
|
|
|
|
(stripPattern == null || !stripPattern.matcher(name).matches())) {
|
2009-03-04 04:28:42 +01:00
|
|
|
InputStream data = jar.getInputStream(entry);
|
|
|
|
while ((num = data.read(buffer)) > 0) {
|
|
|
|
md.update(buffer, 0, num);
|
|
|
|
}
|
|
|
|
|
|
|
|
Attributes attr = null;
|
|
|
|
if (input != null) attr = input.getAttributes(name);
|
|
|
|
attr = attr != null ? new Attributes(attr) : new Attributes();
|
2012-09-04 22:32:13 +02:00
|
|
|
attr.putValue("SHA1-Digest",
|
|
|
|
new String(Base64.encode(md.digest()), "ASCII"));
|
2009-03-04 04:28:42 +01:00
|
|
|
output.getEntries().put(name, attr);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return output;
|
|
|
|
}
|
|
|
|
|
2012-05-11 18:20:50 +02:00
|
|
|
/**
|
|
|
|
* Add a copy of the public key to the archive; this should
|
|
|
|
* exactly match one of the files in
|
|
|
|
* /system/etc/security/otacerts.zip on the device. (The same
|
|
|
|
* cert can be extracted from the CERT.RSA file but this is much
|
|
|
|
* easier to get at.)
|
|
|
|
*/
|
|
|
|
private static void addOtacert(JarOutputStream outputJar,
|
|
|
|
File publicKeyFile,
|
|
|
|
long timestamp,
|
|
|
|
Manifest manifest)
|
|
|
|
throws IOException, GeneralSecurityException {
|
|
|
|
MessageDigest md = MessageDigest.getInstance("SHA1");
|
|
|
|
|
|
|
|
JarEntry je = new JarEntry(OTACERT_NAME);
|
|
|
|
je.setTime(timestamp);
|
|
|
|
outputJar.putNextEntry(je);
|
|
|
|
FileInputStream input = new FileInputStream(publicKeyFile);
|
|
|
|
byte[] b = new byte[4096];
|
|
|
|
int read;
|
|
|
|
while ((read = input.read(b)) != -1) {
|
|
|
|
outputJar.write(b, 0, read);
|
|
|
|
md.update(b, 0, read);
|
|
|
|
}
|
|
|
|
input.close();
|
|
|
|
|
|
|
|
Attributes attr = new Attributes();
|
2012-09-04 22:32:13 +02:00
|
|
|
attr.putValue("SHA1-Digest",
|
|
|
|
new String(Base64.encode(md.digest()), "ASCII"));
|
2012-05-11 18:20:50 +02:00
|
|
|
manifest.getEntries().put(OTACERT_NAME, attr);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2012-09-04 22:32:13 +02:00
|
|
|
/** Write to another stream and track how many bytes have been
|
|
|
|
* written.
|
|
|
|
*/
|
|
|
|
private static class CountOutputStream extends FilterOutputStream {
|
2010-09-24 07:57:05 +02:00
|
|
|
private int mCount;
|
2009-03-04 04:28:42 +01:00
|
|
|
|
2012-09-04 22:32:13 +02:00
|
|
|
public CountOutputStream(OutputStream out) {
|
2009-03-04 04:28:42 +01:00
|
|
|
super(out);
|
2010-09-24 07:57:05 +02:00
|
|
|
mCount = 0;
|
2009-03-04 04:28:42 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void write(int b) throws IOException {
|
|
|
|
super.write(b);
|
2010-09-24 07:57:05 +02:00
|
|
|
mCount++;
|
2009-03-04 04:28:42 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void write(byte[] b, int off, int len) throws IOException {
|
|
|
|
super.write(b, off, len);
|
2010-09-24 07:57:05 +02:00
|
|
|
mCount += len;
|
|
|
|
}
|
|
|
|
|
|
|
|
public int size() {
|
|
|
|
return mCount;
|
2009-03-04 04:28:42 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-08-13 03:20:24 +02:00
|
|
|
/** Write a .SF file with a digest of the specified manifest. */
|
2012-09-04 22:32:13 +02:00
|
|
|
private static void writeSignatureFile(Manifest manifest, OutputStream out)
|
|
|
|
throws IOException, GeneralSecurityException {
|
2009-03-04 04:28:42 +01:00
|
|
|
Manifest sf = new Manifest();
|
|
|
|
Attributes main = sf.getMainAttributes();
|
|
|
|
main.putValue("Signature-Version", "1.0");
|
|
|
|
main.putValue("Created-By", "1.0 (Android SignApk)");
|
|
|
|
|
|
|
|
MessageDigest md = MessageDigest.getInstance("SHA1");
|
|
|
|
PrintStream print = new PrintStream(
|
|
|
|
new DigestOutputStream(new ByteArrayOutputStream(), md),
|
|
|
|
true, "UTF-8");
|
|
|
|
|
|
|
|
// Digest of the entire manifest
|
|
|
|
manifest.write(print);
|
|
|
|
print.flush();
|
2012-09-04 22:32:13 +02:00
|
|
|
main.putValue("SHA1-Digest-Manifest",
|
|
|
|
new String(Base64.encode(md.digest()), "ASCII"));
|
2009-03-04 04:28:42 +01:00
|
|
|
|
|
|
|
Map<String, Attributes> entries = manifest.getEntries();
|
|
|
|
for (Map.Entry<String, Attributes> entry : entries.entrySet()) {
|
|
|
|
// Digest of the manifest stanza for this entry.
|
|
|
|
print.print("Name: " + entry.getKey() + "\r\n");
|
|
|
|
for (Map.Entry<Object, Object> att : entry.getValue().entrySet()) {
|
|
|
|
print.print(att.getKey() + ": " + att.getValue() + "\r\n");
|
|
|
|
}
|
|
|
|
print.print("\r\n");
|
|
|
|
print.flush();
|
|
|
|
|
|
|
|
Attributes sfAttr = new Attributes();
|
2012-09-04 22:32:13 +02:00
|
|
|
sfAttr.putValue("SHA1-Digest",
|
|
|
|
new String(Base64.encode(md.digest()), "ASCII"));
|
2009-03-04 04:28:42 +01:00
|
|
|
sf.getEntries().put(entry.getKey(), sfAttr);
|
|
|
|
}
|
|
|
|
|
2012-09-04 22:32:13 +02:00
|
|
|
CountOutputStream cout = new CountOutputStream(out);
|
|
|
|
sf.write(cout);
|
2010-09-24 07:57:05 +02:00
|
|
|
|
|
|
|
// A bug in the java.util.jar implementation of Android platforms
|
|
|
|
// up to version 1.6 will cause a spurious IOException to be thrown
|
|
|
|
// if the length of the signature file is a multiple of 1024 bytes.
|
|
|
|
// As a workaround, add an extra CRLF in this case.
|
2012-09-04 22:32:13 +02:00
|
|
|
if ((cout.size() % 1024) == 0) {
|
|
|
|
cout.write('\r');
|
|
|
|
cout.write('\n');
|
2010-09-24 07:57:05 +02:00
|
|
|
}
|
2009-03-04 04:28:42 +01:00
|
|
|
}
|
|
|
|
|
2012-09-04 22:32:13 +02:00
|
|
|
private static class CMSByteArraySlice implements CMSTypedData {
|
|
|
|
private final ASN1ObjectIdentifier type;
|
|
|
|
private final byte[] data;
|
|
|
|
private final int offset;
|
|
|
|
private final int length;
|
|
|
|
public CMSByteArraySlice(byte[] data, int offset, int length) {
|
|
|
|
this.data = data;
|
|
|
|
this.offset = offset;
|
|
|
|
this.length = length;
|
|
|
|
this.type = new ASN1ObjectIdentifier(CMSObjectIdentifiers.data.getId());
|
|
|
|
}
|
|
|
|
|
|
|
|
public Object getContent() {
|
|
|
|
throw new UnsupportedOperationException();
|
|
|
|
}
|
|
|
|
|
|
|
|
public ASN1ObjectIdentifier getContentType() {
|
|
|
|
return type;
|
|
|
|
}
|
|
|
|
|
|
|
|
public void write(OutputStream out) throws IOException {
|
|
|
|
out.write(data, offset, length);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Sign data and write the digital signature to 'out'. */
|
2009-03-04 04:28:42 +01:00
|
|
|
private static void writeSignatureBlock(
|
2012-09-04 22:32:13 +02:00
|
|
|
CMSTypedData data, X509Certificate publicKey, PrivateKey privateKey,
|
|
|
|
OutputStream out)
|
|
|
|
throws IOException,
|
|
|
|
CertificateEncodingException,
|
|
|
|
OperatorCreationException,
|
|
|
|
CMSException {
|
|
|
|
ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(1);
|
|
|
|
certList.add(publicKey);
|
|
|
|
JcaCertStore certs = new JcaCertStore(certList);
|
|
|
|
|
|
|
|
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
|
|
|
|
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA")
|
|
|
|
.setProvider(sBouncyCastleProvider)
|
|
|
|
.build(privateKey);
|
|
|
|
gen.addSignerInfoGenerator(
|
|
|
|
new JcaSignerInfoGeneratorBuilder(
|
|
|
|
new JcaDigestCalculatorProviderBuilder()
|
|
|
|
.setProvider(sBouncyCastleProvider)
|
|
|
|
.build())
|
|
|
|
.setDirectSignature(true)
|
|
|
|
.build(sha1Signer, publicKey));
|
|
|
|
gen.addCertificates(certs);
|
|
|
|
CMSSignedData sigData = gen.generate(data, false);
|
|
|
|
|
|
|
|
ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded());
|
|
|
|
DEROutputStream dos = new DEROutputStream(out);
|
|
|
|
dos.writeObject(asn1.readObject());
|
2009-03-04 04:28:42 +01:00
|
|
|
}
|
|
|
|
|
2009-08-13 03:20:24 +02:00
|
|
|
private static void signWholeOutputFile(byte[] zipData,
|
|
|
|
OutputStream outputStream,
|
|
|
|
X509Certificate publicKey,
|
|
|
|
PrivateKey privateKey)
|
2012-09-04 22:32:13 +02:00
|
|
|
throws IOException,
|
|
|
|
CertificateEncodingException,
|
|
|
|
OperatorCreationException,
|
|
|
|
CMSException {
|
2009-08-13 03:20:24 +02:00
|
|
|
// For a zip with no archive comment, the
|
|
|
|
// end-of-central-directory record will be 22 bytes long, so
|
|
|
|
// we expect to find the EOCD marker 22 bytes from the end.
|
|
|
|
if (zipData[zipData.length-22] != 0x50 ||
|
|
|
|
zipData[zipData.length-21] != 0x4b ||
|
|
|
|
zipData[zipData.length-20] != 0x05 ||
|
|
|
|
zipData[zipData.length-19] != 0x06) {
|
|
|
|
throw new IllegalArgumentException("zip data already has an archive comment");
|
|
|
|
}
|
|
|
|
|
|
|
|
ByteArrayOutputStream temp = new ByteArrayOutputStream();
|
|
|
|
|
|
|
|
// put a readable message and a null char at the start of the
|
|
|
|
// archive comment, so that tools that display the comment
|
|
|
|
// (hopefully) show something sensible.
|
|
|
|
// TODO: anything more useful we can put in this message?
|
|
|
|
byte[] message = "signed by SignApk".getBytes("UTF-8");
|
|
|
|
temp.write(message);
|
|
|
|
temp.write(0);
|
2012-09-04 22:32:13 +02:00
|
|
|
|
|
|
|
writeSignatureBlock(new CMSByteArraySlice(zipData, 0, zipData.length-2),
|
|
|
|
publicKey, privateKey, temp);
|
2009-08-13 03:20:24 +02:00
|
|
|
int total_size = temp.size() + 6;
|
|
|
|
if (total_size > 0xffff) {
|
|
|
|
throw new IllegalArgumentException("signature is too big for ZIP file comment");
|
|
|
|
}
|
|
|
|
// signature starts this many bytes from the end of the file
|
|
|
|
int signature_start = total_size - message.length - 1;
|
|
|
|
temp.write(signature_start & 0xff);
|
|
|
|
temp.write((signature_start >> 8) & 0xff);
|
2009-08-15 01:42:35 +02:00
|
|
|
// Why the 0xff bytes? In a zip file with no archive comment,
|
|
|
|
// bytes [-6:-2] of the file are the little-endian offset from
|
|
|
|
// the start of the file to the central directory. So for the
|
|
|
|
// two high bytes to be 0xff 0xff, the archive would have to
|
2012-09-04 22:32:13 +02:00
|
|
|
// be nearly 4GB in size. So it's unlikely that a real
|
2009-08-15 01:42:35 +02:00
|
|
|
// commentless archive would have 0xffs here, and lets us tell
|
|
|
|
// an old signed archive from a new one.
|
|
|
|
temp.write(0xff);
|
|
|
|
temp.write(0xff);
|
2009-08-13 03:20:24 +02:00
|
|
|
temp.write(total_size & 0xff);
|
|
|
|
temp.write((total_size >> 8) & 0xff);
|
|
|
|
temp.flush();
|
|
|
|
|
2009-08-15 01:42:35 +02:00
|
|
|
// Signature verification checks that the EOCD header is the
|
|
|
|
// last such sequence in the file (to avoid minzip finding a
|
|
|
|
// fake EOCD appended after the signature in its scan). The
|
|
|
|
// odds of producing this sequence by chance are very low, but
|
|
|
|
// let's catch it here if it does.
|
|
|
|
byte[] b = temp.toByteArray();
|
|
|
|
for (int i = 0; i < b.length-3; ++i) {
|
|
|
|
if (b[i] == 0x50 && b[i+1] == 0x4b && b[i+2] == 0x05 && b[i+3] == 0x06) {
|
|
|
|
throw new IllegalArgumentException("found spurious EOCD header at " + i);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-08-13 03:20:24 +02:00
|
|
|
outputStream.write(zipData, 0, zipData.length-2);
|
|
|
|
outputStream.write(total_size & 0xff);
|
|
|
|
outputStream.write((total_size >> 8) & 0xff);
|
|
|
|
temp.writeTo(outputStream);
|
|
|
|
}
|
|
|
|
|
2009-07-16 00:43:39 +02:00
|
|
|
/**
|
|
|
|
* Copy all the files in a manifest from input to output. We set
|
|
|
|
* the modification times in the output to a fixed time, so as to
|
|
|
|
* reduce variation in the output file and make incremental OTAs
|
|
|
|
* more efficient.
|
|
|
|
*/
|
2009-03-04 04:28:42 +01:00
|
|
|
private static void copyFiles(Manifest manifest,
|
2009-07-16 00:43:39 +02:00
|
|
|
JarFile in, JarOutputStream out, long timestamp) throws IOException {
|
2009-03-04 04:28:42 +01:00
|
|
|
byte[] buffer = new byte[4096];
|
|
|
|
int num;
|
|
|
|
|
|
|
|
Map<String, Attributes> entries = manifest.getEntries();
|
2012-09-04 22:32:13 +02:00
|
|
|
ArrayList<String> names = new ArrayList<String>(entries.keySet());
|
2009-03-04 04:28:42 +01:00
|
|
|
Collections.sort(names);
|
|
|
|
for (String name : names) {
|
|
|
|
JarEntry inEntry = in.getJarEntry(name);
|
2009-07-16 00:43:39 +02:00
|
|
|
JarEntry outEntry = null;
|
2009-03-04 04:28:42 +01:00
|
|
|
if (inEntry.getMethod() == JarEntry.STORED) {
|
|
|
|
// Preserve the STORED method of the input entry.
|
2009-07-16 00:43:39 +02:00
|
|
|
outEntry = new JarEntry(inEntry);
|
2009-03-04 04:28:42 +01:00
|
|
|
} else {
|
|
|
|
// Create a new entry so that the compressed len is recomputed.
|
2009-07-16 00:43:39 +02:00
|
|
|
outEntry = new JarEntry(name);
|
2009-03-04 04:28:42 +01:00
|
|
|
}
|
2009-07-16 00:43:39 +02:00
|
|
|
outEntry.setTime(timestamp);
|
|
|
|
out.putNextEntry(outEntry);
|
2009-03-04 04:28:42 +01:00
|
|
|
|
|
|
|
InputStream data = in.getInputStream(inEntry);
|
|
|
|
while ((num = data.read(buffer)) > 0) {
|
|
|
|
out.write(buffer, 0, num);
|
|
|
|
}
|
|
|
|
out.flush();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-10-16 02:10:13 +02:00
|
|
|
private static void usage() {
|
|
|
|
System.err.println("Usage: signapk [-w] " +
|
|
|
|
"publickey.x509[.pem] privatekey.pk8 " +
|
|
|
|
"[publickey2.x509[.pem] privatekey2.pk8 ...] " +
|
|
|
|
"input.jar output.jar");
|
|
|
|
System.exit(2);
|
|
|
|
}
|
|
|
|
|
2009-03-04 04:28:42 +01:00
|
|
|
public static void main(String[] args) {
|
2012-10-16 02:10:13 +02:00
|
|
|
if (args.length < 4) usage();
|
2009-03-04 04:28:42 +01:00
|
|
|
|
2012-09-04 22:32:13 +02:00
|
|
|
sBouncyCastleProvider = new BouncyCastleProvider();
|
|
|
|
Security.addProvider(sBouncyCastleProvider);
|
|
|
|
|
2009-08-13 03:20:24 +02:00
|
|
|
boolean signWholeFile = false;
|
|
|
|
int argstart = 0;
|
|
|
|
if (args[0].equals("-w")) {
|
|
|
|
signWholeFile = true;
|
|
|
|
argstart = 1;
|
|
|
|
}
|
|
|
|
|
2012-10-16 02:10:13 +02:00
|
|
|
if ((args.length - argstart) % 2 == 1) usage();
|
|
|
|
int numKeys = ((args.length - argstart) / 2) - 1;
|
|
|
|
if (signWholeFile && numKeys > 1) {
|
|
|
|
System.err.println("Only one key may be used with -w.");
|
|
|
|
System.exit(2);
|
|
|
|
}
|
|
|
|
|
|
|
|
String inputFilename = args[args.length-2];
|
|
|
|
String outputFilename = args[args.length-1];
|
|
|
|
|
2009-03-04 04:28:42 +01:00
|
|
|
JarFile inputJar = null;
|
|
|
|
JarOutputStream outputJar = null;
|
2009-08-13 03:20:24 +02:00
|
|
|
FileOutputStream outputFile = null;
|
2009-03-04 04:28:42 +01:00
|
|
|
|
|
|
|
try {
|
2012-10-16 02:10:13 +02:00
|
|
|
File firstPublicKeyFile = new File(args[argstart+0]);
|
2009-03-04 04:28:42 +01:00
|
|
|
|
2012-10-16 02:10:13 +02:00
|
|
|
X509Certificate[] publicKey = new X509Certificate[numKeys];
|
|
|
|
for (int i = 0; i < numKeys; ++i) {
|
|
|
|
int argNum = argstart + i*2;
|
|
|
|
publicKey[i] = readPublicKey(new File(args[argNum]));
|
|
|
|
}
|
2009-03-04 04:28:42 +01:00
|
|
|
|
2012-10-16 02:10:13 +02:00
|
|
|
// Set the ZIP file timestamp to the starting valid time
|
|
|
|
// of the 0th certificate plus one hour (to match what
|
|
|
|
// we've historically done).
|
|
|
|
long timestamp = publicKey[0].getNotBefore().getTime() + 3600L * 1000;
|
|
|
|
|
|
|
|
PrivateKey[] privateKey = new PrivateKey[numKeys];
|
|
|
|
for (int i = 0; i < numKeys; ++i) {
|
|
|
|
int argNum = argstart + i*2 + 1;
|
|
|
|
privateKey[i] = readPrivateKey(new File(args[argNum]));
|
|
|
|
}
|
|
|
|
inputJar = new JarFile(new File(inputFilename), false); // Don't verify.
|
2009-08-13 03:20:24 +02:00
|
|
|
|
|
|
|
OutputStream outputStream = null;
|
|
|
|
if (signWholeFile) {
|
|
|
|
outputStream = new ByteArrayOutputStream();
|
|
|
|
} else {
|
2012-10-16 02:10:13 +02:00
|
|
|
outputStream = outputFile = new FileOutputStream(outputFilename);
|
2009-08-13 03:20:24 +02:00
|
|
|
}
|
|
|
|
outputJar = new JarOutputStream(outputStream);
|
2012-07-04 00:03:04 +02:00
|
|
|
|
|
|
|
// For signing .apks, use the maximum compression to make
|
|
|
|
// them as small as possible (since they live forever on
|
|
|
|
// the system partition). For OTA packages, use the
|
|
|
|
// default compression level, which is much much faster
|
|
|
|
// and produces output that is only a tiny bit larger
|
|
|
|
// (~0.1% on full OTA packages I tested).
|
|
|
|
if (!signWholeFile) {
|
|
|
|
outputJar.setLevel(9);
|
|
|
|
}
|
2009-03-04 04:28:42 +01:00
|
|
|
|
|
|
|
JarEntry je;
|
|
|
|
|
|
|
|
Manifest manifest = addDigestsToManifest(inputJar);
|
2012-05-11 18:20:50 +02:00
|
|
|
|
|
|
|
// Everything else
|
|
|
|
copyFiles(manifest, inputJar, outputJar, timestamp);
|
|
|
|
|
|
|
|
// otacert
|
|
|
|
if (signWholeFile) {
|
2012-10-16 02:10:13 +02:00
|
|
|
addOtacert(outputJar, firstPublicKeyFile, timestamp, manifest);
|
2012-05-11 18:20:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// MANIFEST.MF
|
2009-03-04 04:28:42 +01:00
|
|
|
je = new JarEntry(JarFile.MANIFEST_NAME);
|
|
|
|
je.setTime(timestamp);
|
|
|
|
outputJar.putNextEntry(je);
|
|
|
|
manifest.write(outputJar);
|
|
|
|
|
2012-10-16 02:10:13 +02:00
|
|
|
// In the case of multiple keys, all the .SF files will be
|
|
|
|
// identical, but as far as I can tell the jarsigner docs
|
|
|
|
// don't allow there to be just one copy in the zipfile;
|
|
|
|
// there hase to be one per .RSA file.
|
|
|
|
|
2012-09-04 22:32:13 +02:00
|
|
|
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
|
|
|
writeSignatureFile(manifest, baos);
|
|
|
|
byte[] signedData = baos.toByteArray();
|
2009-03-04 04:28:42 +01:00
|
|
|
|
2012-10-16 02:10:13 +02:00
|
|
|
for (int k = 0; k < numKeys; ++k) {
|
|
|
|
// CERT.SF / CERT#.SF
|
|
|
|
je = new JarEntry(numKeys == 1 ? CERT_SF_NAME :
|
|
|
|
(String.format(CERT_SF_MULTI_NAME, k)));
|
|
|
|
je.setTime(timestamp);
|
|
|
|
outputJar.putNextEntry(je);
|
|
|
|
outputJar.write(signedData);
|
|
|
|
|
|
|
|
// CERT.RSA / CERT#.RSA
|
|
|
|
je = new JarEntry(numKeys == 1 ? CERT_RSA_NAME :
|
|
|
|
(String.format(CERT_RSA_MULTI_NAME, k)));
|
|
|
|
je.setTime(timestamp);
|
|
|
|
outputJar.putNextEntry(je);
|
|
|
|
writeSignatureBlock(new CMSProcessableByteArray(signedData),
|
|
|
|
publicKey[k], privateKey[k], outputJar);
|
|
|
|
}
|
2009-03-04 04:28:42 +01:00
|
|
|
|
2009-08-13 03:20:24 +02:00
|
|
|
outputJar.close();
|
|
|
|
outputJar = null;
|
|
|
|
outputStream.flush();
|
|
|
|
|
|
|
|
if (signWholeFile) {
|
2012-10-16 02:10:13 +02:00
|
|
|
outputFile = new FileOutputStream(outputFilename);
|
2009-08-13 03:20:24 +02:00
|
|
|
signWholeOutputFile(((ByteArrayOutputStream)outputStream).toByteArray(),
|
2012-10-16 02:10:13 +02:00
|
|
|
outputFile, publicKey[0], privateKey[0]);
|
2009-08-13 03:20:24 +02:00
|
|
|
}
|
2009-03-04 04:28:42 +01:00
|
|
|
} catch (Exception e) {
|
|
|
|
e.printStackTrace();
|
|
|
|
System.exit(1);
|
|
|
|
} finally {
|
|
|
|
try {
|
|
|
|
if (inputJar != null) inputJar.close();
|
2009-08-13 03:20:24 +02:00
|
|
|
if (outputFile != null) outputFile.close();
|
2009-03-04 04:28:42 +01:00
|
|
|
} catch (IOException e) {
|
|
|
|
e.printStackTrace();
|
|
|
|
System.exit(1);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|