159 lines
6.0 KiB
Python
159 lines
6.0 KiB
Python
#!/usr/bin/env python
|
|
# -*- coding: utf-8 -*-
|
|
|
|
#
|
|
# Copyright (c) 2020 Huawei Device Co., Ltd.
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
|
|
import sys
|
|
import os
|
|
import argparse
|
|
import subprocess
|
|
from utils import makedirs
|
|
import shutil
|
|
import zipfile
|
|
|
|
|
|
def cmd_popen(cmd):
|
|
proc = subprocess.Popen(cmd)
|
|
proc.wait()
|
|
ret_code = proc.returncode
|
|
if ret_code != 0:
|
|
print("hap warning: {} failed, return code is {}"
|
|
.format(cmd, ret_code))
|
|
|
|
|
|
def parse_args():
|
|
parser = argparse.ArgumentParser()
|
|
parser.add_argument('--packing-tool-path', help='packing tool path ')
|
|
parser.add_argument('--mode', help='package mode')
|
|
parser.add_argument('--json-path', help='profile')
|
|
parser.add_argument('--resources-path', help='resources')
|
|
parser.add_argument('--assets-path', help='assets')
|
|
parser.add_argument('--lib-path', help='lib')
|
|
parser.add_argument('--shared-libs-path', help='shared-libs')
|
|
parser.add_argument('--ability-so-path', help='ability so')
|
|
parser.add_argument('--index-path', help='index')
|
|
parser.add_argument('--unsignhap-path', help='unsignhap path')
|
|
parser.add_argument('--force', help='force')
|
|
parser.add_argument('--signtool-path', help='sign tool path')
|
|
parser.add_argument('--signhap-path', help='sign hap path')
|
|
parser.add_argument('--privatekey', help='privatekey')
|
|
parser.add_argument('--sign-server', help='sign_server')
|
|
parser.add_argument('--sign-algo', help='sign algo')
|
|
parser.add_argument('--cert-profile', help='cert profile')
|
|
parser.add_argument('--jks-path', help='jks path')
|
|
parser.add_argument('--cert-path', help='cert path')
|
|
parser.add_argument('--sign-by-server', help='sign mode')
|
|
args = parser.parse_args()
|
|
|
|
return args
|
|
|
|
|
|
def hap_packing(args):
|
|
if not args.packing_tool_path:
|
|
print('hap warning: packing tool path empty')
|
|
return
|
|
packing_tool_path = os.path.join(os.environ['HOME'],
|
|
args.packing_tool_path)
|
|
packing_cmd = ['java', '-jar', packing_tool_path]
|
|
cmd_dict = {'--mode': args.mode,
|
|
'--json-path': args.json_path,
|
|
'--resources-path': args.resources_path,
|
|
'--assets-path': args.assets_path,
|
|
'--lib-path': args.lib_path,
|
|
'--shared-libs-path': args.shared_libs_path,
|
|
'--ability-so-path': args.ability_so_path,
|
|
'--index-path': args.index_path,
|
|
'--out-path': args.unsignhap_path,
|
|
'--force': args.force,
|
|
'--sign-by-server': args.sign_by_server}
|
|
for key, value in cmd_dict.items():
|
|
if value:
|
|
packing_cmd.extend([key, value])
|
|
cmd_popen(packing_cmd)
|
|
|
|
|
|
def hap_signing(args):
|
|
user_name = ''
|
|
password = ''
|
|
if not args.signtool_path:
|
|
print('hap warning: signing tool path empty')
|
|
return
|
|
|
|
# sign by server
|
|
if args.sign_by_server == "True":
|
|
if 'ONLINE_USERNAME' in os.environ:
|
|
user_name = os.environ.get('ONLINE_USERNAME')
|
|
else:
|
|
print('hap warning: Environment variable ONLINE_USERNAME and ' +
|
|
'ONLINE_PASSWD are needed for app signning. ' +
|
|
'Please export it in bash.')
|
|
return
|
|
if 'ONLINE_PASSWD' in os.environ:
|
|
password = os.environ.get('ONLINE_PASSWD')
|
|
else:
|
|
print('hap warning: Environment variable ONLINE_USERNAME and ' +
|
|
'ONLINE_PASSWD are needed for app signning. ' +
|
|
'Please export it in bash.')
|
|
return
|
|
signing_cmd = ['java', '-jar', args.signtool_path, 'sign', '-mode',
|
|
'remote', '-profileSigned', '1']
|
|
cmd_dict = {'-privatekey': args.privatekey,
|
|
'-server': args.sign_server,
|
|
'-inputFile': args.unsignhap_path,
|
|
'-outputFile': args.signhap_path,
|
|
'-username': user_name,
|
|
'-password': password,
|
|
'-signAlg': args.sign_algo,
|
|
'-profile': args.cert_profile}
|
|
# sign by software.
|
|
else:
|
|
signtool_path = os.path.join(os.environ['HOME'], args.signtool_path)
|
|
#The default password of the key is 123456.
|
|
# You are advised to use a key and certificate management tool (
|
|
# such as keytool) to change the default password.
|
|
# For details, see section "Application Signature Verification
|
|
# Development Guide" in the Security Subsystem Development Guide.
|
|
signing_cmd = ['java', '-jar', signtool_path, 'sign', '-mode',
|
|
'localjks', '-profileSigned', '1', '-keystorepasswd',
|
|
'123456', '-keyaliaspasswd', '123456']
|
|
cmd_dict = {'-privatekey': args.privatekey,
|
|
'-inputFile': args.unsignhap_path,
|
|
'-outputFile': args.signhap_path,
|
|
'-signAlg': args.sign_algo,
|
|
'-profile': args.cert_profile,
|
|
'-keystore': args.jks_path,
|
|
'-certpath': args.cert_path}
|
|
for key, value in cmd_dict.items():
|
|
if value:
|
|
signing_cmd.extend([key, value])
|
|
cmd_popen(signing_cmd)
|
|
|
|
|
|
def main():
|
|
args = parse_args()
|
|
|
|
# Workaround: hap packing tools multi-thread contention issue.
|
|
makedirs(os.path.dirname(args.unsignhap_path), exist_ok=True)
|
|
|
|
hap_packing(args)
|
|
if os.path.exists(args.unsignhap_path):
|
|
hap_signing(args)
|
|
os.remove(args.unsignhap_path)
|
|
|
|
|
|
if __name__ == '__main__':
|
|
sys.exit(main())
|