Finalize bootsigner commandline

2025-06-12 13:17:39 +02:00 · 2017-10-31 02:55:50 +08:00
parent 05f41928cd
commit adf930f126
2 changed files with 81 additions and 72 deletions
--- a/app/src/main/java/com/topjohnwu/magisk/utils/BootSigner.java
+++ b/app/src/main/java/com/topjohnwu/magisk/utils/BootSigner.java
@ -1,46 +1,56 @@
 package com.topjohnwu.magisk.utils;

-import android.content.res.AssetManager;
+import android.support.annotation.Keep;

 import com.topjohnwu.crypto.SignBoot;

 import java.io.FileInputStream;
 import java.io.InputStream;
+import java.util.jar.JarEntry;
+import java.util.jar.JarFile;

 public class BootSigner {

+    @Keep
    public static void main(String[] args) throws Exception {
-        if ("-verify".equals(args[0])) {
+        if (args.length > 0 && "-verify".equals(args[0])) {
            String certPath = "";
-            if (args.length >= 4 && "-certificate".equals(args[2])) {
-                /* args[3] is the path to a public key certificate */
-                certPath = args[3];
+            if (args.length >= 3 && "-certificate".equals(args[1])) {
+                /* args[2] is the path to a public key certificate */
+                certPath = args[2];
            }
            /* args[1] is the path to a signed boot image */
-            boolean signed = SignBoot.verifySignature(args[1],
+            boolean signed = SignBoot.verifySignature(System.in,
                    certPath.isEmpty() ? null : new FileInputStream(certPath));
            System.exit(signed ? 0 : 1);
-        } else {
-            /* args[0] is the target name, typically /boot
-               args[1] is the path to a boot image to sign
-               args[2] is the path where to output the signed boot image
-               args[3] is the path to a private key
-               args[4] is the path to the matching public key certificate
-            */
-            InputStream keyIn, sigIn;
-            if (args.length >= 5) {
-                keyIn = new FileInputStream(args[3]);
-                sigIn = new FileInputStream(args[4]);
+        } else if (args.length > 0 && "-sign".equals(args[0])) {
+            InputStream keyIn, certIn;
+            if (args.length >= 3) {
+                keyIn = new FileInputStream(args[1]);
+                certIn = new FileInputStream(args[2]);
            } else {
                /* Use internal test keys */
-                AssetManager asset = Utils.getAssets(System.getProperty("java.class.path"));
-                if (asset == null)
-                    System.exit(1);
-                keyIn = asset.open(ZipUtils.PRIVATE_KEY_NAME);
-                sigIn = asset.open(ZipUtils.PUBLIC_KEY_NAME);
+                JarFile apk = new JarFile(System.getProperty("java.class.path"));
+                JarEntry keyEntry = apk.getJarEntry("assets/" + ZipUtils.PRIVATE_KEY_NAME);
+                JarEntry sigEntry = apk.getJarEntry("assets/" + ZipUtils.PUBLIC_KEY_NAME);
+
+                keyIn = apk.getInputStream(keyEntry);
+                certIn = apk.getInputStream(sigEntry);
            }

-            SignBoot.doSignature(args[0], args[1], args[2], keyIn, sigIn);
+            boolean success = SignBoot.doSignature("/boot", System.in, System.out, keyIn, certIn);
+            System.exit(success ? 0 : 1);
+        } else {
+            System.err.println(
+                    "BootSigner <actions> [args]\n" +
+                    "Input from stdin, outputs to stdout\n" +
+                    "\n" +
+                    "Actions:\n" +
+                    "   -verify [x509.pem]\n" +
+                    "      verify image, cert is optional\n" +
+                    "   -sign [pk8] [x509.pem]\n" +
+                    "      sign image, key and cert are optional\n"
+            );
        }
    }
 }