Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / extras / refs/tags/fp2-sibon-17.12.1 / . / verity / VeritySigner.java
blob: 9d857473455b9a8292a9601eb0e2e9c58d529a4e [file] [log] [blame]
Geremy Condra649fd552013-10-21 20:34:13 +0000[diff] [blame]1/*
2 * Copyright (C) 2013 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.verity;
18
Sami Tolvanen241f9642014-11-14 14:51:25 +0000[diff] [blame]19import java.security.PublicKey;
Geremy Condra649fd552013-10-21 20:34:13 +0000[diff] [blame]20import java.security.PrivateKey;
Sami Tolvanenf0f33ad2014-11-06 20:29:22 -0800[diff] [blame]21import java.security.Security;
Sami Tolvanen241f9642014-11-14 14:51:25 +0000[diff] [blame]22import java.security.cert.X509Certificate;
Sami Tolvanenf0f33ad2014-11-06 20:29:22 -0800[diff] [blame]23import org.bouncycastle.jce.provider.BouncyCastleProvider;
Geremy Condra649fd552013-10-21 20:34:13 +0000[diff] [blame]24
Geremy Condracee5bfd2014-06-11 13:38:45 -0700[diff] [blame]25public class VeritySigner {
Geremy Condra649fd552013-10-21 20:34:13 +0000[diff] [blame]26
Sami Tolvanen241f9642014-11-14 14:51:25 +0000[diff] [blame]27 private static void usage() {
28 System.err.println("usage: VeritySigner <contentfile> <key.pk8> " +
29 "<sigfile> | <contentfile> <certificate.x509.pem> <sigfile> " +
30 "-verify");
31 System.exit(1);
32 }
33
Geremy Condra649fd552013-10-21 20:34:13 +0000[diff] [blame]34 public static void main(String[] args) throws Exception {
Sami Tolvanen241f9642014-11-14 14:51:25 +0000[diff] [blame]35 if (args.length < 3) {
36 usage();
37 return;
38 }
39
Sami Tolvanenf0f33ad2014-11-06 20:29:22 -0800[diff] [blame]40 Security.addProvider(new BouncyCastleProvider());
Sami Tolvanen241f9642014-11-14 14:51:25 +0000[diff] [blame]41
Geremy Condracee5bfd2014-06-11 13:38:45 -0700[diff] [blame]42 byte[] content = Utils.read(args[0]);
Sami Tolvanen241f9642014-11-14 14:51:25 +0000[diff] [blame]43
44 if (args.length > 3 && "-verify".equals(args[3])) {
45 X509Certificate cert = Utils.loadPEMCertificate(args[1]);
46 PublicKey publicKey = cert.getPublicKey();
47
48 byte[] signature = Utils.read(args[2]);
49
50 try {
51 if (Utils.verify(publicKey, content, signature,
52 Utils.getSignatureAlgorithmIdentifier(publicKey))) {
53 System.err.println("Signature is VALID");
54 System.exit(0);
55 } else {
56 System.err.println("Signature is INVALID");
57 }
58 } catch (Exception e) {
59 e.printStackTrace(System.err);
60 }
61
62 System.exit(1);
63 } else {
64 PrivateKey privateKey = Utils.loadDERPrivateKey(Utils.read(args[1]));
65 byte[] signature = Utils.sign(privateKey, content);
66 Utils.write(signature, args[2]);
67 }
Geremy Condra649fd552013-10-21 20:34:13 +0000[diff] [blame]68 }
69}