1*d289c2baSAndroid Build Coastguard Worker#!/usr/bin/env python3 2*d289c2baSAndroid Build Coastguard Worker 3*d289c2baSAndroid Build Coastguard Worker# 4*d289c2baSAndroid Build Coastguard Worker# Copyright (C) 2016-2020 The Android Open Source Project 5*d289c2baSAndroid Build Coastguard Worker# 6*d289c2baSAndroid Build Coastguard Worker# Permission is hereby granted, free of charge, to any person 7*d289c2baSAndroid Build Coastguard Worker# obtaining a copy of this software and associated documentation 8*d289c2baSAndroid Build Coastguard Worker# files (the "Software"), to deal in the Software without 9*d289c2baSAndroid Build Coastguard Worker# restriction, including without limitation the rights to use, copy, 10*d289c2baSAndroid Build Coastguard Worker# modify, merge, publish, distribute, sublicense, and/or sell copies 11*d289c2baSAndroid Build Coastguard Worker# of the Software, and to permit persons to whom the Software is 12*d289c2baSAndroid Build Coastguard Worker# furnished to do so, subject to the following conditions: 13*d289c2baSAndroid Build Coastguard Worker# 14*d289c2baSAndroid Build Coastguard Worker# The above copyright notice and this permission notice shall be 15*d289c2baSAndroid Build Coastguard Worker# included in all copies or substantial portions of the Software. 16*d289c2baSAndroid Build Coastguard Worker# 17*d289c2baSAndroid Build Coastguard Worker# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 18*d289c2baSAndroid Build Coastguard Worker# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 19*d289c2baSAndroid Build Coastguard Worker# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 20*d289c2baSAndroid Build Coastguard Worker# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 21*d289c2baSAndroid Build Coastguard Worker# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 22*d289c2baSAndroid Build Coastguard Worker# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 23*d289c2baSAndroid Build Coastguard Worker# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 24*d289c2baSAndroid Build Coastguard Worker# SOFTWARE. 25*d289c2baSAndroid Build Coastguard Worker# 26*d289c2baSAndroid Build Coastguard Worker 27*d289c2baSAndroid Build Coastguard Worker# This shell-script checks the symbols in libavb.a and fails 28*d289c2baSAndroid Build Coastguard Worker# if a reference not starting with avb_ is referenced. It's intended 29*d289c2baSAndroid Build Coastguard Worker# to catch mistakes where the standard C library is inadvertently 30*d289c2baSAndroid Build Coastguard Worker# used. 31*d289c2baSAndroid Build Coastguard Worker 32*d289c2baSAndroid Build Coastguard Workerimport errno 33*d289c2baSAndroid Build Coastguard Workerimport os 34*d289c2baSAndroid Build Coastguard Workerimport subprocess 35*d289c2baSAndroid Build Coastguard Workerimport sys 36*d289c2baSAndroid Build Coastguard Worker 37*d289c2baSAndroid Build Coastguard Worker 38*d289c2baSAndroid Build Coastguard Workerdef rsa_signer(argv): 39*d289c2baSAndroid Build Coastguard Worker if len(argv) != 3: 40*d289c2baSAndroid Build Coastguard Worker sys.stderr.write('Wrong number of arguments: {} <alg> <pub key>\n' 41*d289c2baSAndroid Build Coastguard Worker .format(argv[0])) 42*d289c2baSAndroid Build Coastguard Worker return errno.EINVAL 43*d289c2baSAndroid Build Coastguard Worker 44*d289c2baSAndroid Build Coastguard Worker data = sys.stdin.buffer.read() 45*d289c2baSAndroid Build Coastguard Worker if not data: 46*d289c2baSAndroid Build Coastguard Worker sys.stderr.write('There is not input data\n') 47*d289c2baSAndroid Build Coastguard Worker return errno.EINVAL 48*d289c2baSAndroid Build Coastguard Worker 49*d289c2baSAndroid Build Coastguard Worker if os.environ.get('SIGNING_HELPER_GENERATE_WRONG_SIGNATURE'): 50*d289c2baSAndroid Build Coastguard Worker # We're only called with this algorithm which signature size is 256. 51*d289c2baSAndroid Build Coastguard Worker assert sys.argv[1] == 'SHA256_RSA2048' 52*d289c2baSAndroid Build Coastguard Worker sys.stdout.buffer.write(b'X' * 256) 53*d289c2baSAndroid Build Coastguard Worker return 0 54*d289c2baSAndroid Build Coastguard Worker 55*d289c2baSAndroid Build Coastguard Worker if not os.getenv('SIGNING_HELPER_TEST'): 56*d289c2baSAndroid Build Coastguard Worker sys.stderr.write('env SIGNING_HELPER_TEST is not set or empty\n') 57*d289c2baSAndroid Build Coastguard Worker return errno.EINVAL 58*d289c2baSAndroid Build Coastguard Worker 59*d289c2baSAndroid Build Coastguard Worker test_file_name = os.environ['SIGNING_HELPER_TEST'] 60*d289c2baSAndroid Build Coastguard Worker if os.path.isfile(test_file_name) and not os.access(test_file_name, os.W_OK): 61*d289c2baSAndroid Build Coastguard Worker sys.stderr.write('no permission to write into {} file\n' 62*d289c2baSAndroid Build Coastguard Worker .format(test_file_name)) 63*d289c2baSAndroid Build Coastguard Worker return errno.EACCES 64*d289c2baSAndroid Build Coastguard Worker 65*d289c2baSAndroid Build Coastguard Worker p = subprocess.Popen( 66*d289c2baSAndroid Build Coastguard Worker ['openssl', 'rsautl', '-sign', '-inkey', argv[2], '-raw'], 67*d289c2baSAndroid Build Coastguard Worker stdin=subprocess.PIPE) 68*d289c2baSAndroid Build Coastguard Worker 69*d289c2baSAndroid Build Coastguard Worker p.communicate(data) 70*d289c2baSAndroid Build Coastguard Worker retcode = p.wait() 71*d289c2baSAndroid Build Coastguard Worker if retcode != 0: 72*d289c2baSAndroid Build Coastguard Worker return retcode 73*d289c2baSAndroid Build Coastguard Worker 74*d289c2baSAndroid Build Coastguard Worker with open(test_file_name, 'w') as f: 75*d289c2baSAndroid Build Coastguard Worker f.write('DONE') 76*d289c2baSAndroid Build Coastguard Worker 77*d289c2baSAndroid Build Coastguard Worker return 0 78*d289c2baSAndroid Build Coastguard Worker 79*d289c2baSAndroid Build Coastguard Workerif __name__ == '__main__': 80*d289c2baSAndroid Build Coastguard Worker sys.exit(rsa_signer(sys.argv)) 81