Examples with SigningConfiguration com.android.tools.build.bundletool.model.SigningConfiguration used on opensource projects

Search in sources :

Example 6 with SigningConfiguration

use of com.android.tools.build.bundletool.model.SigningConfiguration in project bundletool by google.

the class BuildApksManagerTest method apkWithSourceStamp.

@Test
public void apkWithSourceStamp() throws Exception {
    String stampSource = "https://www.example.com";
    SigningConfiguration signingConfiguration = SigningConfiguration.builder().setSignerConfig(privateKey, certificate).build();
    TestComponent.useTestModule(this, createTestModuleBuilder().withOutputPath(outputFilePath).withSigningConfig(signingConfiguration).withSourceStamp(SourceStamp.builder().setSource(stampSource).setSigningConfiguration(signingConfiguration).build()).build());
    buildApksManager.execute();
    ZipFile apkSetFile = openZipFile(outputFilePath.toFile());
    BuildApksResult result = extractTocFromApkSetFile(apkSetFile, outputDir);
    for (Variant variant : result.getVariantList()) {
        for (ApkSet apkSet : variant.getApkSetList()) {
            for (ApkDescription apkDescription : apkSet.getApkDescriptionList()) {
                File apk = extractFromApkSetFile(apkSetFile, apkDescription.getPath(), outputDir);
                ApkVerifier.Result verifierResult = new ApkVerifier.Builder(apk).build().verify();
                assertThat(verifierResult.isSourceStampVerified()).isTrue();
                assertThat(verifierResult.getSourceStampInfo().getCertificate()).isEqualTo(certificate);
                AndroidManifest manifest = extractAndroidManifest(apk, tmpDir);
                assertThat(manifest.getMetadataValue(STAMP_SOURCE_METADATA_KEY)).hasValue(stampSource);
                try (ZipFile apkZip = new ZipFile(apk)) {
                    ZipEntry sourceStampCertEntry = apkZip.getEntry("stamp-cert-sha256");
                    assertNotNull(sourceStampCertEntry);
                    byte[] sourceStampCertHash = ByteStreams.toByteArray(apkZip.getInputStream(sourceStampCertEntry));
                    assertThat(sourceStampCertHash).isEqualTo(CertificateHelper.getSha256Bytes(certificate.getEncoded()));
                }
            }
        }
    }
}
Also used : ApkSet(com.android.bundle.Commands.ApkSet) ApkDescription(com.android.bundle.Commands.ApkDescription) SigningConfiguration(com.android.tools.build.bundletool.model.SigningConfiguration) BuildApksResult(com.android.bundle.Commands.BuildApksResult) ResourceTableBuilder(com.android.tools.build.bundletool.testing.ResourceTableBuilder) AppBundleBuilder(com.android.tools.build.bundletool.testing.AppBundleBuilder) BundleConfigBuilder(com.android.tools.build.bundletool.testing.BundleConfigBuilder) ZipEntry(java.util.zip.ZipEntry) AndroidManifest(com.android.tools.build.bundletool.model.AndroidManifest) TestUtils.extractAndroidManifest(com.android.tools.build.bundletool.testing.TestUtils.extractAndroidManifest) Variant(com.android.bundle.Commands.Variant) ZipFile(java.util.zip.ZipFile) ApkVerifier(com.android.apksig.ApkVerifier) ApkSetUtils.parseTocFromFile(com.android.tools.build.bundletool.testing.ApkSetUtils.parseTocFromFile) CodeRelatedFile(com.android.bundle.CodeTransparencyOuterClass.CodeRelatedFile) ZipFile(java.util.zip.ZipFile) ApkSetUtils.extractTocFromApkSetFile(com.android.tools.build.bundletool.testing.ApkSetUtils.extractTocFromApkSetFile) File(java.io.File) ApkSetUtils.extractFromApkSetFile(com.android.tools.build.bundletool.testing.ApkSetUtils.extractFromApkSetFile) Test(org.junit.Test)

Example 7 with SigningConfiguration

use of com.android.tools.build.bundletool.model.SigningConfiguration in project bundletool by google.

the class CheckTransparencyCommandTest method setUp.

@Before
public void setUp() throws Exception {
    tmpDir = tmp.getRoot().toPath();
    kpg = KeyPairGenerator.getInstance("RSA");
    kpg.initialize(/* keysize= */
    3072);
    KeyPair keyPair = kpg.genKeyPair();
    transparencyPrivateKey = keyPair.getPrivate();
    transparencyKeyCertificate = CertificateFactory.buildSelfSignedCertificate(keyPair, "CN=CheckTransparencyCommandTest_TransparencyKey");
    transparencyKeyCertificatePath = tmpDir.resolve("transparency-public.cert");
    Files.write(transparencyKeyCertificatePath, transparencyKeyCertificate.getEncoded());
    KeyPair apkSigningKeyPair = kpg.genKeyPair();
    apkSigningKeyCertificate = CertificateFactory.buildSelfSignedCertificate(apkSigningKeyPair, "CN=CheckTransparencyCommandTest_ApkSigningKey");
    apkSigningKeyCertificatePath = tmpDir.resolve("apk-signing-key-public.cert");
    Files.write(apkSigningKeyCertificatePath, apkSigningKeyCertificate.getEncoded());
    SigningConfiguration apkSigningConfig = SigningConfiguration.builder().setSignerConfig(SignerConfig.builder().setPrivateKey(apkSigningKeyPair.getPrivate()).setCertificates(ImmutableList.of(apkSigningKeyCertificate)).build()).build();
    TestComponent.useTestModule(this, TestModule.builder().withSigningConfig(apkSigningConfig).build());
    bundlePath = tmpDir.resolve("bundle.aab");
    apkZipPath = tmpDir.resolve("apks.zip");
}
Also used : KeyPair(java.security.KeyPair) SigningConfiguration(com.android.tools.build.bundletool.model.SigningConfiguration) Before(org.junit.Before)

Example 8 with SigningConfiguration

use of com.android.tools.build.bundletool.model.SigningConfiguration in project bundletool by google.

the class BuildApksCommandTest method buildingViaFlagsAndBuilderHasSameResult_stamp_separateKeystoreAndKeyAlias.

@Test
public void buildingViaFlagsAndBuilderHasSameResult_stamp_separateKeystoreAndKeyAlias() throws Exception {
    ByteArrayOutputStream output = new ByteArrayOutputStream();
    BuildApksCommand commandViaFlags = BuildApksCommand.fromFlags(new FlagParser().parse("--bundle=" + bundlePath, "--output=" + outputFilePath, "--aapt2=" + AAPT2_PATH, "--create-stamp=" + true, "--stamp-ks=" + stampKeystorePath, "--stamp-key-alias=" + STAMP_KEY_ALIAS, "--stamp-ks-pass=pass:" + STAMP_KEYSTORE_PASSWORD, "--stamp-key-pass=pass:" + STAMP_KEY_PASSWORD), new PrintStream(output), systemEnvironmentProvider, fakeAdbServer);
    SigningConfiguration stampSigningConfiguration = SigningConfiguration.builder().setSignerConfig(stampPrivateKey, stampCertificate).build();
    BuildApksCommand.Builder commandViaBuilder = BuildApksCommand.builder().setBundlePath(bundlePath).setOutputFile(outputFilePath).setSourceStamp(SourceStamp.builder().setSigningConfiguration(stampSigningConfiguration).build()).setAapt2Command(commandViaFlags.getAapt2Command().get()).setExecutorServiceInternal(commandViaFlags.getExecutorService()).setExecutorServiceCreatedByBundleTool(true).setOutputPrintStream(commandViaFlags.getOutputPrintStream().get());
    DebugKeystoreUtils.getDebugSigningConfiguration(systemEnvironmentProvider).ifPresent(commandViaBuilder::setSigningConfiguration);
    assertThat(commandViaBuilder.build()).isEqualTo(commandViaFlags);
}
Also used : PrintStream(java.io.PrintStream) ApksigSigningConfiguration(com.android.tools.build.bundletool.model.ApksigSigningConfiguration) SigningConfiguration(com.android.tools.build.bundletool.model.SigningConfiguration) ByteArrayOutputStream(java.io.ByteArrayOutputStream) FlagParser(com.android.tools.build.bundletool.flags.FlagParser) Test(org.junit.Test)

Example 9 with SigningConfiguration

use of com.android.tools.build.bundletool.model.SigningConfiguration in project bundletool by google.

the class ApkSigner method signApk.

public void signApk(Path apkPath, ModuleSplit split) {
    if (!signingConfigProvider.isPresent()) {
        return;
    }
    ApksigSigningConfiguration signingConfig = signingConfigProvider.get().getSigningConfiguration(ApkDescription.fromModuleSplit(split));
    try (TempDirectory tempDirectory = new TempDirectory(getClass().getSimpleName())) {
        Path signedApkPath = tempDirectory.getPath().resolve("signed.apk");
        com.android.apksig.ApkSigner.Builder apkSigner = new com.android.apksig.ApkSigner.Builder(signingConfig.getSignerConfigs().stream().map(ApkSigner::convertToApksigSignerConfig).collect(toImmutableList())).setInputApk(apkPath.toFile()).setOutputApk(signedApkPath.toFile()).setV1SigningEnabled(signingConfig.getV1SigningEnabled()).setV2SigningEnabled(signingConfig.getV2SigningEnabled()).setV3SigningEnabled(signingConfig.getV3SigningEnabled()).setOtherSignersSignaturesPreserved(false).setMinSdkVersion(split.getAndroidManifest().getEffectiveMinSdkVersion());
        signingConfig.getSigningCertificateLineage().ifPresent(apkSigner::setSigningCertificateLineage);
        sourceStampSigningConfig.map(SigningConfiguration::getSignerConfig).map(ApkSigner::convertToApksigSignerConfig).ifPresent(apkSigner::setSourceStampSignerConfig);
        apkSigner.build().sign();
        Files.move(signedApkPath, apkPath, REPLACE_EXISTING);
    } catch (IOException | ApkFormatException | NoSuchAlgorithmException | InvalidKeyException | SignatureException e) {
        throw CommandExecutionException.builder().withCause(e).withInternalMessage("Unable to sign APK.").build();
    }
}
Also used : ZipPath(com.android.tools.build.bundletool.model.ZipPath) Path(java.nio.file.Path) ApksigSigningConfiguration(com.android.tools.build.bundletool.model.ApksigSigningConfiguration) SigningConfiguration(com.android.tools.build.bundletool.model.SigningConfiguration) IOException(java.io.IOException) UncheckedIOException(java.io.UncheckedIOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SignatureException(java.security.SignatureException) InvalidKeyException(java.security.InvalidKeyException) ApksigSigningConfiguration(com.android.tools.build.bundletool.model.ApksigSigningConfiguration) ApkFormatException(com.android.apksig.apk.ApkFormatException)

Example 10 with SigningConfiguration

use of com.android.tools.build.bundletool.model.SigningConfiguration in project bundletool by google.

the class BuildApksCommand method populateSigningConfigurationFromFlags.

private static void populateSigningConfigurationFromFlags(Builder buildApksCommand, ParsedFlags flags, PrintStream out, SystemEnvironmentProvider systemEnvironmentProvider) {
    // Signing-related arguments.
    Optional<Path> keystorePath = KEYSTORE_FLAG.getValue(flags);
    Optional<String> keyAlias = KEY_ALIAS_FLAG.getValue(flags);
    Optional<Password> keystorePassword = KEYSTORE_PASSWORD_FLAG.getValue(flags);
    Optional<Password> keyPassword = KEY_PASSWORD_FLAG.getValue(flags);
    Optional<Integer> minV3RotationApi = MINIMUM_V3_ROTATION_API_VERSION_FLAG.getValue(flags);
    Optional<Integer> rotationMinSdkVersion = ROTATION_MINIMUM_SDK_VERSION_FLAG.getValue(flags);
    if (keystorePath.isPresent() && keyAlias.isPresent()) {
        SignerConfig signerConfig = SignerConfig.extractFromKeystore(keystorePath.get(), keyAlias.get(), keystorePassword, keyPassword);
        SigningConfiguration.Builder builder = SigningConfiguration.builder().setSignerConfig(signerConfig).setMinimumV3RotationApiVersion(minV3RotationApi).setRotationMinSdkVersion(rotationMinSdkVersion);
        populateLineageFromFlags(builder, flags);
        buildApksCommand.setSigningConfiguration(builder.build());
    } else if (keystorePath.isPresent() && !keyAlias.isPresent()) {
        throw InvalidCommandException.builder().withInternalMessage("Flag --ks-key-alias is required when --ks is set.").build();
    } else if (!keystorePath.isPresent() && keyAlias.isPresent()) {
        throw InvalidCommandException.builder().withInternalMessage("Flag --ks is required when --ks-key-alias is set.").build();
    } else {
        // Try to use debug keystore if present.
        Optional<SigningConfiguration> debugConfig = DebugKeystoreUtils.getDebugSigningConfiguration(systemEnvironmentProvider);
        if (debugConfig.isPresent()) {
            out.printf("INFO: The APKs will be signed with the debug keystore found at '%s'.%n", DebugKeystoreUtils.DEBUG_KEYSTORE_CACHE.getUnchecked(systemEnvironmentProvider).get());
            buildApksCommand.setSigningConfiguration(debugConfig.get());
        } else {
            out.println("WARNING: The APKs won't be signed and thus not installable unless you also pass a " + "keystore via the flag --ks. See the command help for more information.");
        }
    }
}
Also used : Path(java.nio.file.Path) SigningConfiguration(com.android.tools.build.bundletool.model.SigningConfiguration) SignerConfig(com.android.tools.build.bundletool.model.SignerConfig) Password(com.android.tools.build.bundletool.model.Password)

Aggregations

SigningConfiguration (com.android.tools.build.bundletool.model.SigningConfiguration)17 ApksigSigningConfiguration (com.android.tools.build.bundletool.model.ApksigSigningConfiguration)12 Test (org.junit.Test)12 FlagParser (com.android.tools.build.bundletool.flags.FlagParser)10 ByteArrayOutputStream (java.io.ByteArrayOutputStream)8 PrintStream (java.io.PrintStream)8 Path (java.nio.file.Path)5 SignerConfig (com.android.tools.build.bundletool.model.SignerConfig)4 CodeRelatedFile (com.android.bundle.CodeTransparencyOuterClass.CodeRelatedFile)3 Password (com.android.tools.build.bundletool.model.Password)3 File (java.io.File)3 SigningCertificateLineage (com.android.apksig.SigningCertificateLineage)2 ZipPath (com.android.tools.build.bundletool.model.ZipPath)2 DeviceFactory.createDeviceSpecFile (com.android.tools.build.bundletool.testing.DeviceFactory.createDeviceSpecFile)2 ApkVerifier (com.android.apksig.ApkVerifier)1 ApkFormatException (com.android.apksig.apk.ApkFormatException)1 ApkDescription (com.android.bundle.Commands.ApkDescription)1 ApkSet (com.android.bundle.Commands.ApkSet)1 BuildApksResult (com.android.bundle.Commands.BuildApksResult)1 Variant (com.android.bundle.Commands.Variant)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial