1#!/bin/sh 2 3# Creates an apex stub in a subdirectory named after the input package name. 4 5# Exit early if any subcommands fail. 6set -e 7 8usage() { 9 echo "Usage $0 [options] apex_package_name" 10 echo " -v" 11 echo " Whether this is a vendor APEX" 12 echo " -k existing_apex_keyname" 13 echo " Use existing key instead of creating a new key" 14 echo " -m" 15 echo " Whether this is a Mainline module" 16 exit -1 17} 18 19is_vendor=0 20mainline_module=0 21 22while getopts "vmk:" opt; do 23 case $opt in 24 v) 25 is_vendor=1 26 ;; 27 k) 28 APEX_KEY=${OPTARG} 29 ;; 30 m) 31 mainline_module=1 32 ;; 33 *) 34 usage 35 esac 36done 37 38shift $((OPTIND-1)) 39APEX_NAME=$1 40if [ -z ${APEX_NAME} ] 41then 42 echo "Missing apex package name" 43 usage 44fi 45 46YEAR=$(date +%Y) 47 48# For Mainline module, add the apex at the root apex/ directory. 49if ((mainline_module == 0)); then 50mkdir -p ${APEX_NAME} 51cd ${APEX_NAME} 52fi 53 54cat > Android.bp <<EOF 55// Copyright (C) ${YEAR} The Android Open Source Project 56// 57// Licensed under the Apache License, Version 2.0 (the "License"); 58// you may not use this file except in compliance with the License. 59// You may obtain a copy of the License at 60// 61// http://www.apache.org/licenses/LICENSE-2.0 62// 63// Unless required by applicable law or agreed to in writing, software 64// distributed under the License is distributed on an "AS IS" BASIS, 65// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 66// See the License for the specific language governing permissions and 67// limitations under the License. 68 69package { 70 default_applicable_licenses: ["Android-Apache-2.0"], 71} 72 73EOF 74 75if [ -z ${APEX_KEY} ] 76then 77APEX_KEY=${APEX_NAME} 78 79openssl genrsa -out ${APEX_KEY}.pem 4096 80avbtool extract_public_key --key ${APEX_KEY}.pem --output ${APEX_KEY}.avbpubkey 81 82cat > csr.conf <<EOF 83[req] 84default_bits = 4096 85distinguished_name = dn 86prompt = no 87 88[dn] 89C="US" 90ST="California" 91L="Mountain View" 92O="Android" 93OU="Android" 94emailAddress="[email protected]" 95CN="${APEX_KEY}" 96EOF 97 98openssl req -x509 -config csr.conf -newkey rsa:4096 -nodes -days 999999 -keyout key.pem -out ${APEX_KEY}.x509.pem 99rm csr.conf 100openssl pkcs8 -topk8 -inform PEM -outform DER -in key.pem -out ${APEX_KEY}.pk8 -nocrypt 101rm key.pem 102 103cat >> Android.bp <<EOF 104apex_key { 105 name: "${APEX_KEY}.key", 106 public_key: "${APEX_KEY}.avbpubkey", 107 private_key: "${APEX_KEY}.pem", 108} 109 110android_app_certificate { 111 name: "${APEX_KEY}.certificate", 112 certificate: "${APEX_KEY}", 113} 114 115EOF 116 117fi 118 119if ((is_vendor == 0)); then 120 121if ((mainline_module == 1)); then 122 123cat >> Android.bp <<EOF 124apex { 125 name: "${APEX_NAME}", 126 manifest: "manifest.json", 127 file_contexts: ":${APEX_NAME}-file_contexts", 128 key: "${APEX_KEY}.key", 129 certificate: ":${APEX_KEY}.certificate", 130} 131EOF 132 133else 134 135cat >> Android.bp <<EOF 136apex { 137 name: "${APEX_NAME}", 138 manifest: "manifest.json", 139 file_contexts: ":apex.test-file_contexts", // Default, please edit, see go/android-apex-howto 140 key: "${APEX_KEY}.key", 141 certificate: ":${APEX_KEY}.certificate", 142 updatable: false, 143} 144EOF 145 146fi 147 148cat > manifest.json << EOF 149{ 150 "name": "${APEX_NAME}", 151 152 // Placeholder module version to be replaced during build. 153 // Do not change! 154 "version": 0 155} 156EOF 157 158else 159 160cat >> Android.bp <<EOF 161apex { 162 name: "${APEX_NAME}", 163 manifest: "manifest.json", 164 file_contexts: "file_contexts", 165 key: "${APEX_KEY}.key", 166 certificate: ":${APEX_KEY}.certificate", 167 updatable: false, 168 vendor: true, 169} 170EOF 171 172cat > manifest.json << EOF 173{ 174 "name": "${APEX_NAME}", 175 "version": 1 176} 177EOF 178 179cat > file_contexts << EOF 180(/.*)? u:object_r:vendor_file:s0 181/etc(/.*)? u:object_r:vendor_configs_file:s0 182# Add more ... 183# /bin/hw/foo u:object_r:hal_foo_exec:s0 184EOF 185 186fi 187