diff options
author | Mattias Nissler <mnissler@google.com> | 2016-02-26 10:57:31 +0100 |
---|---|---|
committer | Mattias Nissler <mnissler@google.com> | 2016-02-26 11:03:15 +0100 |
commit | a637c84616777404a4ee2e65682a1dabced69f04 (patch) | |
tree | f35edfe310f61c29b300c720979e6e67a2b7734c | |
parent | 2c8e54b0ac9d70c7f1824be18b00b1fe1151851a (diff) | |
download | libmincrypt-a637c84616777404a4ee2e65682a1dabced69f04.tar.gz |
Remove libmincrypt/tools after move to bootable/recovery
Bug: 27326256
Change-Id: Ife119db4cda9905b66a1ab5b6f018de85547c0f3
-rw-r--r-- | Android.mk | 3 | ||||
-rw-r--r-- | tools/Android.mk | 32 | ||||
-rw-r--r-- | tools/DumpPublicKey.java | 270 | ||||
-rw-r--r-- | tools/DumpPublicKey.mf | 1 |
4 files changed, 1 insertions, 305 deletions
@@ -14,5 +14,4 @@ LOCAL_SRC_FILES := dsa_sig.c p256.c p256_ec.c p256_ecdsa.c rsa.c sha.c sha256.c LOCAL_CFLAGS := -Wall -Werror include $(BUILD_HOST_STATIC_LIBRARY) -include $(LOCAL_PATH)/tools/Android.mk \ - $(LOCAL_PATH)/test/Android.mk +include $(LOCAL_PATH)/test/Android.mk diff --git a/tools/Android.mk b/tools/Android.mk deleted file mode 100644 index f403621..0000000 --- a/tools/Android.mk +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright (C) 2008 The Android Open Source Project -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -LOCAL_PATH := $(call my-dir) - -# Determine whether to build dumpkey from system/core/libmincrypt or from -# bootable/recovery/tools. The dumpkey source is temporarily present in both -# locations during the process of moving the tool to the recovery repository. -# TODO(mnissler): Remove the guard after the transition is complete. -ifndef BUILD_DUMPKEY_FROM_RECOVERY -BUILD_DUMPKEY_FROM_RECOVERY := false -endif - -ifeq ($(BUILD_DUMPKEY_FROM_RECOVERY),false) -include $(CLEAR_VARS) -LOCAL_MODULE := dumpkey -LOCAL_SRC_FILES := DumpPublicKey.java -LOCAL_JAR_MANIFEST := DumpPublicKey.mf -LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-host -include $(BUILD_HOST_JAVA_LIBRARY) -endif diff --git a/tools/DumpPublicKey.java b/tools/DumpPublicKey.java deleted file mode 100644 index 3eb1398..0000000 --- a/tools/DumpPublicKey.java +++ /dev/null @@ -1,270 +0,0 @@ -/* - * Copyright (C) 2008 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.android.dumpkey; - -import org.bouncycastle.jce.provider.BouncyCastleProvider; - -import java.io.FileInputStream; -import java.math.BigInteger; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.security.KeyStore; -import java.security.Key; -import java.security.PublicKey; -import java.security.Security; -import java.security.interfaces.ECPublicKey; -import java.security.interfaces.RSAPublicKey; -import java.security.spec.ECPoint; - -/** - * Command line tool to extract RSA public keys from X.509 certificates - * and output source code with data initializers for the keys. - * @hide - */ -class DumpPublicKey { - /** - * @param key to perform sanity checks on - * @return version number of key. Supported versions are: - * 1: 2048-bit RSA key with e=3 and SHA-1 hash - * 2: 2048-bit RSA key with e=65537 and SHA-1 hash - * 3: 2048-bit RSA key with e=3 and SHA-256 hash - * 4: 2048-bit RSA key with e=65537 and SHA-256 hash - * @throws Exception if the key has the wrong size or public exponent - */ - static int checkRSA(RSAPublicKey key, boolean useSHA256) throws Exception { - BigInteger pubexp = key.getPublicExponent(); - BigInteger modulus = key.getModulus(); - int version; - - if (pubexp.equals(BigInteger.valueOf(3))) { - version = useSHA256 ? 3 : 1; - } else if (pubexp.equals(BigInteger.valueOf(65537))) { - version = useSHA256 ? 4 : 2; - } else { - throw new Exception("Public exponent should be 3 or 65537 but is " + - pubexp.toString(10) + "."); - } - - if (modulus.bitLength() != 2048) { - throw new Exception("Modulus should be 2048 bits long but is " + - modulus.bitLength() + " bits."); - } - - return version; - } - - /** - * @param key to perform sanity checks on - * @return version number of key. Supported versions are: - * 5: 256-bit EC key with curve NIST P-256 - * @throws Exception if the key has the wrong size or public exponent - */ - static int checkEC(ECPublicKey key) throws Exception { - if (key.getParams().getCurve().getField().getFieldSize() != 256) { - throw new Exception("Curve must be NIST P-256"); - } - - return 5; - } - - /** - * Perform sanity check on public key. - */ - static int check(PublicKey key, boolean useSHA256) throws Exception { - if (key instanceof RSAPublicKey) { - return checkRSA((RSAPublicKey) key, useSHA256); - } else if (key instanceof ECPublicKey) { - if (!useSHA256) { - throw new Exception("Must use SHA-256 with EC keys!"); - } - return checkEC((ECPublicKey) key); - } else { - throw new Exception("Unsupported key class: " + key.getClass().getName()); - } - } - - /** - * @param key to output - * @return a String representing this public key. If the key is a - * version 1 key, the string will be a C initializer; this is - * not true for newer key versions. - */ - static String printRSA(RSAPublicKey key, boolean useSHA256) throws Exception { - int version = check(key, useSHA256); - - BigInteger N = key.getModulus(); - - StringBuilder result = new StringBuilder(); - - int nwords = N.bitLength() / 32; // # of 32 bit integers in modulus - - if (version > 1) { - result.append("v"); - result.append(Integer.toString(version)); - result.append(" "); - } - - result.append("{"); - result.append(nwords); - - BigInteger B = BigInteger.valueOf(0x100000000L); // 2^32 - BigInteger N0inv = B.subtract(N.modInverse(B)); // -1 / N[0] mod 2^32 - - result.append(",0x"); - result.append(N0inv.toString(16)); - - BigInteger R = BigInteger.valueOf(2).pow(N.bitLength()); - BigInteger RR = R.multiply(R).mod(N); // 2^4096 mod N - - // Write out modulus as little endian array of integers. - result.append(",{"); - for (int i = 0; i < nwords; ++i) { - long n = N.mod(B).longValue(); - result.append(n); - - if (i != nwords - 1) { - result.append(","); - } - - N = N.divide(B); - } - result.append("}"); - - // Write R^2 as little endian array of integers. - result.append(",{"); - for (int i = 0; i < nwords; ++i) { - long rr = RR.mod(B).longValue(); - result.append(rr); - - if (i != nwords - 1) { - result.append(","); - } - - RR = RR.divide(B); - } - result.append("}"); - - result.append("}"); - return result.toString(); - } - - /** - * @param key to output - * @return a String representing this public key. If the key is a - * version 1 key, the string will be a C initializer; this is - * not true for newer key versions. - */ - static String printEC(ECPublicKey key) throws Exception { - int version = checkEC(key); - - StringBuilder result = new StringBuilder(); - - result.append("v"); - result.append(Integer.toString(version)); - result.append(" "); - - BigInteger X = key.getW().getAffineX(); - BigInteger Y = key.getW().getAffineY(); - int nbytes = key.getParams().getCurve().getField().getFieldSize() / 8; // # of 32 bit integers in X coordinate - - result.append("{"); - result.append(nbytes); - - BigInteger B = BigInteger.valueOf(0x100L); // 2^8 - - // Write out Y coordinate as array of characters. - result.append(",{"); - for (int i = 0; i < nbytes; ++i) { - long n = X.mod(B).longValue(); - result.append(n); - - if (i != nbytes - 1) { - result.append(","); - } - - X = X.divide(B); - } - result.append("}"); - - // Write out Y coordinate as array of characters. - result.append(",{"); - for (int i = 0; i < nbytes; ++i) { - long n = Y.mod(B).longValue(); - result.append(n); - - if (i != nbytes - 1) { - result.append(","); - } - - Y = Y.divide(B); - } - result.append("}"); - - result.append("}"); - return result.toString(); - } - - static String print(PublicKey key, boolean useSHA256) throws Exception { - if (key instanceof RSAPublicKey) { - return printRSA((RSAPublicKey) key, useSHA256); - } else if (key instanceof ECPublicKey) { - return printEC((ECPublicKey) key); - } else { - throw new Exception("Unsupported key class: " + key.getClass().getName()); - } - } - - public static void main(String[] args) { - if (args.length < 1) { - System.err.println("Usage: DumpPublicKey certfile ... > source.c"); - System.exit(1); - } - Security.addProvider(new BouncyCastleProvider()); - try { - for (int i = 0; i < args.length; i++) { - FileInputStream input = new FileInputStream(args[i]); - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - X509Certificate cert = (X509Certificate) cf.generateCertificate(input); - - boolean useSHA256 = false; - String sigAlg = cert.getSigAlgName(); - if ("SHA1withRSA".equals(sigAlg) || "MD5withRSA".equals(sigAlg)) { - // SignApk has historically accepted "MD5withRSA" - // certificates, but treated them as "SHA1withRSA" - // anyway. Continue to do so for backwards - // compatibility. - useSHA256 = false; - } else if ("SHA256withRSA".equals(sigAlg) || "SHA256withECDSA".equals(sigAlg)) { - useSHA256 = true; - } else { - System.err.println(args[i] + ": unsupported signature algorithm \"" + - sigAlg + "\""); - System.exit(1); - } - - PublicKey key = cert.getPublicKey(); - check(key, useSHA256); - System.out.print(print(key, useSHA256)); - System.out.println(i < args.length - 1 ? "," : ""); - } - } catch (Exception e) { - e.printStackTrace(); - System.exit(1); - } - System.exit(0); - } -} diff --git a/tools/DumpPublicKey.mf b/tools/DumpPublicKey.mf deleted file mode 100644 index 7bb3bc8..0000000 --- a/tools/DumpPublicKey.mf +++ /dev/null @@ -1 +0,0 @@ -Main-Class: com.android.dumpkey.DumpPublicKey |