commit cee5bfdf119104b8ebce56d54dfcdcca1f537075
author Geremy Condra <gcondra@google.com> Wed Jun 11 13:38:45 2014 -0700
committer Geremy Condra <gcondra@google.com> Tue Jul 08 21:36:25 2014 -0700
tree 5b7cb9e9f885f7c5a197dca184fc5d473d03e901
parent a2b7dbef923dbc1652fbb71969416cdd7adb40df

verity: Add tools to help OEMs generate signed boot images.

Change-Id: Iea200def2fdd8a0d366888bb7b1ae401297063f1

verity/VeritySigner.java

diff --git a/verity/VeritySigner.java b/verity/VeritySigner.java
index 2ab94cb..44c5602 100644
--- a/verity/VeritySigner.java
+++ b/verity/VeritySigner.java
@@ -16,63 +16,18 @@
 
 package com.android.verity;
 
-import org.bouncycastle.util.encoders.Base64;
-
-import java.io.DataInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.InputStream;
-import java.security.KeyFactory;
 import java.security.PrivateKey;
-import java.security.Signature;
-import java.security.spec.PKCS8EncodedKeySpec;
 
-class VeritySigner {
-
-    private static byte[] sign(PrivateKey privateKey, byte[] input) throws Exception {
-        Signature signer = Signature.getInstance("SHA1withRSA");
-        signer.initSign(privateKey);
-        signer.update(input);
-        return signer.sign();
-    }
-
-    private static PKCS8EncodedKeySpec pemToDer(String pem) throws Exception {
-        pem = pem.replaceAll("^-.*", "");
-        String base64_der = pem.replaceAll("-.*$", "");
-        byte[] der = Base64.decode(base64_der);
-        return new PKCS8EncodedKeySpec(der);
-    }
-
-    private static PrivateKey loadPrivateKey(String pem) throws Exception {
-        PKCS8EncodedKeySpec keySpec = pemToDer(pem);
-        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
-        return (PrivateKey) keyFactory.generatePrivate(keySpec);
-    }
-
-    private static byte[] read(String path) throws Exception {
-        File contentFile = new File(path);
-        byte[] content = new byte[(int)contentFile.length()];
-        FileInputStream fis = new FileInputStream(contentFile);
-        fis.read(content);
-        fis.close();
-        return content;
-    }
-
-    private static void writeOutput(String path, byte[] output) throws Exception {
-        FileOutputStream fos = new FileOutputStream(path);
-        fos.write(output);
-        fos.close();
-    }
+public class VeritySigner {
 
     // USAGE:
     //     VeritySigner <contentfile> <key.pem> <sigfile>
     // To verify that this has correct output:
     //     openssl rsautl -raw -inkey <key.pem> -encrypt -in <sigfile> > /tmp/dump
     public static void main(String[] args) throws Exception {
-        byte[] content = read(args[0]);
-        PrivateKey privateKey = loadPrivateKey(new String(read(args[1])));
-        byte[] signature = sign(privateKey, content);
-        writeOutput(args[2], signature);
+        byte[] content = Utils.read(args[0]);
+        PrivateKey privateKey = Utils.loadPEMPrivateKey(Utils.read(args[1]));
+        byte[] signature = Utils.sign(privateKey, content);
+        Utils.write(signature, args[2]);
     }
 }