diff --git a/tools/releasetools/apex_utils.py b/tools/releasetools/apex_utils.py new file mode 100644 index 0000000000..d14c94f7dc --- /dev/null +++ b/tools/releasetools/apex_utils.py @@ -0,0 +1,147 @@ +#!/usr/bin/env python +# +# Copyright (C) 2019 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import logging +import os.path +import re +import shlex +import sys + +import common + +logger = logging.getLogger(__name__) + + +class ApexInfoError(Exception): + """An Exception raised during Apex Information command.""" + + def __init__(self, message): + Exception.__init__(self, message) + + +class ApexSigningError(Exception): + """An Exception raised during Apex Payload signing.""" + + def __init__(self, message): + Exception.__init__(self, message) + + +def SignApexPayload(payload_file, payload_key_path, payload_key_name, algorithm, + salt, signing_args=None): + """Signs a given payload_file with the payload key.""" + # Add the new footer. Old footer, if any, will be replaced by avbtool. + cmd = ['avbtool', 'add_hashtree_footer', + '--do_not_generate_fec', + '--algorithm', algorithm, + '--key', payload_key_path, + '--prop', 'apex.key:{}'.format(payload_key_name), + '--image', payload_file, + '--salt', salt] + if signing_args: + cmd.extend(shlex.split(signing_args)) + + try: + common.RunAndCheckOutput(cmd) + except common.ExternalError as e: + raise ApexSigningError, \ + 'Failed to sign APEX payload {} with {}:\n{}'.format( + payload_file, payload_key_path, e), sys.exc_info()[2] + + # Verify the signed payload image with specified public key. + logger.info('Verifying %s', payload_file) + VerifyApexPayload(payload_file, payload_key_path) + + +def VerifyApexPayload(payload_file, payload_key): + """Verifies the APEX payload signature with the given key.""" + cmd = ['avbtool', 'verify_image', '--image', payload_file, + '--key', payload_key] + try: + common.RunAndCheckOutput(cmd) + except common.ExternalError as e: + raise ApexSigningError, \ + 'Failed to validate payload signing for {} with {}:\n{}'.format( + payload_file, payload_key, e), sys.exc_info()[2] + + +def ParseApexPayloadInfo(payload_path): + """Parses the APEX payload info. + + Args: + payload_path: The path to the payload image. + + Raises: + ApexInfoError on parsing errors. + + Returns: + A dict that contains payload property-value pairs. The dict should at least + contain Algorithm, Salt and apex.key. + """ + if not os.path.exists(payload_path): + raise ApexInfoError('Failed to find image: {}'.format(payload_path)) + + cmd = ['avbtool', 'info_image', '--image', payload_path] + try: + output = common.RunAndCheckOutput(cmd) + except common.ExternalError as e: + raise ApexInfoError, \ + 'Failed to get APEX payload info for {}:\n{}'.format( + payload_path, e), sys.exc_info()[2] + + # Extract the Algorithm / Salt / Prop info from payload (i.e. an image signed + # with avbtool). For example, + # Algorithm: SHA256_RSA4096 + PAYLOAD_INFO_PATTERN = ( + r'^\s*(?PAlgorithm|Salt|Prop)\:\s*(?P.*?)$') + payload_info_matcher = re.compile(PAYLOAD_INFO_PATTERN) + + payload_info = {} + for line in output.split('\n'): + line_info = payload_info_matcher.match(line) + if not line_info: + continue + + key, value = line_info.group('key'), line_info.group('value') + + if key == 'Prop': + # Further extract the property key-value pair, from a 'Prop:' line. For + # example, + # Prop: apex.key -> 'com.android.runtime' + # Note that avbtool writes single or double quotes around values. + PROPERTY_DESCRIPTOR_PATTERN = r'^\s*(?P.*?)\s->\s*(?P.*?)$' + + prop_matcher = re.compile(PROPERTY_DESCRIPTOR_PATTERN) + prop = prop_matcher.match(value) + if not prop: + raise ApexInfoError( + 'Failed to parse prop string {}'.format(value)) + + prop_key, prop_value = prop.group('key'), prop.group('value') + if prop_key == 'apex.key': + # avbtool dumps the prop value with repr(), which contains single / + # double quotes that we don't want. + payload_info[prop_key] = prop_value.strip('\"\'') + + else: + payload_info[key] = value + + # Sanity check. + for key in ('Algorithm', 'Salt', 'apex.key'): + if key not in payload_info: + raise ApexInfoError( + 'Failed to find {} prop in {}'.format(key, payload_path)) + + return payload_info diff --git a/tools/releasetools/test_apex_utils.py b/tools/releasetools/test_apex_utils.py new file mode 100644 index 0000000000..2f8ee49823 --- /dev/null +++ b/tools/releasetools/test_apex_utils.py @@ -0,0 +1,87 @@ +# +# Copyright (C) 2019 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +import os +import os.path + +import apex_utils +import common +import test_utils + + +class ApexUtilsTest(test_utils.ReleaseToolsTestCase): + + # echo "foo" | sha256sum + SALT = 'b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c' + + def setUp(self): + self.testdata_dir = test_utils.get_testdata_dir() + # The default payload signing key. + self.payload_key = os.path.join(self.testdata_dir, 'testkey.key') + + @staticmethod + def _GetTestPayload(): + payload_file = common.MakeTempFile(prefix='apex-', suffix='.img') + with open(payload_file, 'wb') as payload_fp: + payload_fp.write(os.urandom(8192)) + return payload_file + + def test_ParseApexPayloadInfo(self): + payload_file = self._GetTestPayload() + apex_utils.SignApexPayload( + payload_file, self.payload_key, 'testkey', 'SHA256_RSA2048', self.SALT) + payload_info = apex_utils.ParseApexPayloadInfo(payload_file) + self.assertEqual('SHA256_RSA2048', payload_info['Algorithm']) + self.assertEqual(self.SALT, payload_info['Salt']) + self.assertEqual('testkey', payload_info['apex.key']) + + def test_SignApexPayload(self): + payload_file = self._GetTestPayload() + apex_utils.SignApexPayload( + payload_file, self.payload_key, 'testkey', 'SHA256_RSA2048', self.SALT) + apex_utils.VerifyApexPayload(payload_file, self.payload_key) + + def test_SignApexPayload_withSignerHelper(self): + payload_file = self._GetTestPayload() + payload_signer_args = '--signing_helper_with_files {}'.format( + os.path.join(self.testdata_dir, 'signing_helper.sh')) + apex_utils.SignApexPayload( + payload_file, + self.payload_key, + 'testkey', 'SHA256_RSA2048', self.SALT, + payload_signer_args) + apex_utils.VerifyApexPayload(payload_file, self.payload_key) + + def test_SignApexPayload_invalidKey(self): + self.assertRaises( + apex_utils.ApexSigningError, + apex_utils.SignApexPayload, + self._GetTestPayload(), + os.path.join(self.testdata_dir, 'testkey.x509.pem'), + 'testkey', + 'SHA256_RSA2048', + self.SALT) + + def test_VerifyApexPayload_wrongKey(self): + payload_file = self._GetTestPayload() + apex_utils.SignApexPayload( + payload_file, self.payload_key, 'testkey', 'SHA256_RSA2048', self.SALT) + apex_utils.VerifyApexPayload(payload_file, self.payload_key) + self.assertRaises( + apex_utils.ApexSigningError, + apex_utils.VerifyApexPayload, + payload_file, + os.path.join(self.testdata_dir, 'testkey_with_passwd.key')) diff --git a/tools/releasetools/testdata/signing_helper.sh b/tools/releasetools/testdata/signing_helper.sh new file mode 100755 index 0000000000..364e0238b6 --- /dev/null +++ b/tools/releasetools/testdata/signing_helper.sh @@ -0,0 +1,21 @@ +#!/bin/sh +# +# Copyright (C) 2019 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +tmpfile=$(mktemp) +cat $3 | openssl rsautl -sign -inkey $2 -raw > $tmpfile +cat $tmpfile > $3 +rm $tmpfile diff --git a/tools/releasetools/testdata/testkey_with_passwd.key b/tools/releasetools/testdata/testkey_with_passwd.key new file mode 100644 index 0000000000..2f0a199645 --- /dev/null +++ b/tools/releasetools/testdata/testkey_with_passwd.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCwaAOHPqgkCmqU +AFRnJW6LrAuSfy9EzWSRHSkltp811ByMIE0N6/Nttu8ZCL456lzArHNKt/zdoBik +eLB6gN9CTvQ8n4LMdSEmkRl3uXBtOPJuVObJ6ZUILz6L7WofWcr8DT81j2At7nHi +Wg8SkCsFXbFfpjljOlpqUG3Szt+48X8rcgG82s97BuRwNxUgfK1/8QzOiH9fDbMU +h6XI2jo2VwuBYOsJadJJWOf6oRRHZonrts0FXpV46CXykpLvLT2u5GXg1Pxd7i1K +v1P8bxZOzVbEVfkL2DnUCtUBAnP98r9UyjQDd4blk4Mwl+mzB5otPTacNzEGhmNK +Et+HB/cdAgMBAAECggEATsn2IXa7tHUuivHmwLb4O8vY01KY8xrleubSVPTPAUS+ +h1t57ujerbcR7VV5WPay/J9JUyr/9qClwPfioqRikwQek+EOk3ERIF+YR1/8tdvE +c8DZ337DQIeRYP/l8SCyx4bHH43tADbKiLV+m+TmQhxJt5XPdeE/NtK7andZdwkv +xEoG9l2aONE4z9pY1x+c1SdDSsq92/iLHLgSkQJmWo+lrfeh6gshXgQgDY8n6rgY +GsCgSawLphvd8Tvo86CL04l0pWtY1gEW3s6sdYo1YDkpWQzSRCtGm0GlhEt2fyq5 +coTK2sLHguE7NL5VZo4zlGtM3QBdvRksTO1mJOt6JQKBgQDaT4oGjZp1rtKdObvn +ElaUo5EOyJjmXkRBBndrbiG3078eOqTJHXx45DJUv8hj9+g6vSULiIeFk1FiiMQD +vcnsBEaGaSc886wXY6TQgIIzvVfzDHGYTuQydiYQbLClH6S28HLqdlZjUIlHwxb9 +wBm8JwmTiVeAEvO8LTzeEqfkLwKBgQDO3He8Ei8XDeqtIK0lzcZ83yw9OGP23/gK +8GDaf8J+cOtOyYkDlcV0rBNFvE8+TzIpIUlo47b2RSaART3iPSfRJTaySZjKWCVo +s2A0/zQcrj7GgD2gaHRrgI9bmnWW1j95a9n/6AUEyEIJ6K8tYK819Vl4GAyhNHEQ +sRbxa69qcwKBgQC5F8jxx2tXLdM6JLIQtzabLZcWTrN8Vh5Od3oWpriF0EzxB02h +ipN3OBsISdZQE+dcrfNTtP0aHo5ZGZX/ihFCP1nAKjVvczXMWtppQRujXHzOABXr +ya+mrQ+Wy2B1j7+qr3DvI0gZSjYqltjOaeon4X04DrEWUHtAZ6Z8rpqUVwKBgQCB +o8mmI/8/A4m/Vmss9fke6P5gn6aGYXah5GPOi6Loevv9NHCZvpMwu2aYnZtMAXX+ +MM5A3fUcAdpPKRXPY2RAvoG42kbXCMbpBwGUNRwDnW/aFySIEu5jMP6m+fYXwc2l +2uGUb2Q1ywsYCqs+VQl5V3nquaewn5z8SP+H7WTR4QKBgQCO5CRpyNOjEwMxTPR1 +GYUKAEiVtmzknHAxUE6drTgGEZSquAXiau0B5+7+/G5gwqxCLGpnstMByI+dhkR6 ++ybAc/bzb2aoGK4pZf/PuwxQQsHBnG0oaSFU6RZlbVV20j7FZ04+cYnKHwCYkKjN +DwA1Ae+H+u95raB4vYhk7IzD4A== +-----END PRIVATE KEY-----