#!/bin/bash # # Copyright (C) 2016 The Android Open Source Project # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # Exit in error if we use an undefined variable (i.e. commit a typo). set -u usage () { #show usage and bail out echo "USAGE:" >&2 echo " $1 <app.napp> [-e <ENCR_KEY_NUM> <ENCR_KEY_FILE>] [-s <PRIV_KEY_FILE> <PUB_KEY_FILE> [<SIG_TO_CHAIN_1> [<SIG_TO_CHAIN_2> [...]]]]" >&2 exit 1 } if [ $# -ge 1 ] ; then app=${1%.napp} shift else usage $0 fi args=( $@ ) #get encryption key if it exists & encrypt app encr_key_num="" if [ ${#args[@]} -ge 1 ] then if [[ ${args[0]} = "-e" ]] then if [ ${#args[@]} -lt 3 ] then usage $0 fi encr_key_num=${args[1]} encr_key_file=${args[2]} args=("${args[@]:3}") if [ ! -f "$encr_key_file" ]; then usage $0 fi nanoapp_encr -e -i "$encr_key_num" -k "$encr_key_file" "${app}.napp" "${app}.encr.napp" app="${app}.encr" fi fi #handle signing if [ ${#args[@]} -ge 1 ] then if [[ ${args[0]} = "-s" ]] then if [ ${#args[@]} -lt 3 ] then usage $0 fi priv1=${args[1]} pub1=${args[2]} #make sure files exist i=1 while [ $i -lt ${#args[@]} ] do if [ ! -f "${args[$i]}" ]; then usage $0 fi i=$[$i+1] done nanoapp_sign -s -e "$priv1" -m "$pub1" "${app}.napp" "${app}.sign.napp" #append remaining chunks i=3 while [ $i -lt ${#args[@]} ] do cat "${args[$i]}" >> "${app}.sign.napp" i=$[$i+1] done else usage $0 fi fi