1 #!/usr/bin/env python 2 3 # 4 # Copyright (C) 2016 The Android Open Source Project 5 # 6 # Permission is hereby granted, free of charge, to any person 7 # obtaining a copy of this software and associated documentation 8 # files (the "Software"), to deal in the Software without 9 # restriction, including without limitation the rights to use, copy, 10 # modify, merge, publish, distribute, sublicense, and/or sell copies 11 # of the Software, and to permit persons to whom the Software is 12 # furnished to do so, subject to the following conditions: 13 # 14 # The above copyright notice and this permission notice shall be 15 # included in all copies or substantial portions of the Software. 16 # 17 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 18 # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 19 # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 20 # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 21 # BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 22 # ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 23 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 24 # SOFTWARE. 25 # 26 27 # This shell-script checks the symbols in libavb.a and fails 28 # if a reference not starting with avb_ is referenced. It's intended 29 # to catch mistakes where the standard C library is inadvertently 30 # used. 31 32 import subprocess 33 import sys 34 import errno 35 import os 36 37 def rsa_signer(argv): 38 if len(argv) != 3: 39 sys.stderr.write("Wrong number of arguments: {} <alg> <pub key>\n".format(argv[0])) 40 return errno.EINVAL 41 42 data = sys.stdin.read() 43 if len(data) == 0: 44 sys.stderr.write("There is not input data\n") 45 return errno.EINVAL 46 47 if os.environ.get('SIGNING_HELPER_GENERATE_WRONG_SIGNATURE'): 48 # We're only called with this algorithm which signature size is 256. 49 assert sys.argv[1] == 'SHA256_RSA2048' 50 sys.stdout.write('X'*256) 51 return 0 52 53 if 'SIGNING_HELPER_TEST' not in os.environ or os.environ['SIGNING_HELPER_TEST'] == "": 54 sys.stderr.write("env SIGNING_HELPER_TEST is not set or empty\n") 55 return errno.EINVAL 56 57 test_file_name = os.environ['SIGNING_HELPER_TEST'] 58 if os.path.isfile(test_file_name) and not os.access(test_file_name, os.W_OK): 59 sys.stderr.write("no permission to write into {} file\n".format(test_file_name)) 60 return errno.EACCESS 61 62 p = subprocess.Popen( 63 ['openssl', 'rsautl', '-sign', '-inkey', argv[2], '-raw'], 64 stdin=subprocess.PIPE) 65 66 p.communicate(data) 67 retcode = p.wait() 68 if retcode != 0: 69 return retcode 70 71 with open(test_file_name, "w") as f: 72 f.write("DONE") 73 74 return 0 75 76 if __name__ == '__main__': 77 sys.exit(rsa_signer(sys.argv)) 78