1*33f37583SAndroid Build Coastguard Worker#!/bin/sh 2*33f37583SAndroid Build Coastguard Worker 3*33f37583SAndroid Build Coastguard Worker# Creates an apex stub in a subdirectory named after the input package name. 4*33f37583SAndroid Build Coastguard Worker 5*33f37583SAndroid Build Coastguard Worker# Exit early if any subcommands fail. 6*33f37583SAndroid Build Coastguard Workerset -e 7*33f37583SAndroid Build Coastguard Worker 8*33f37583SAndroid Build Coastguard Workerusage() { 9*33f37583SAndroid Build Coastguard Worker echo "Usage $0 [options] apex_package_name" 10*33f37583SAndroid Build Coastguard Worker echo " -v" 11*33f37583SAndroid Build Coastguard Worker echo " Whether this is a vendor APEX" 12*33f37583SAndroid Build Coastguard Worker echo " -k existing_apex_keyname" 13*33f37583SAndroid Build Coastguard Worker echo " Use existing key instead of creating a new key" 14*33f37583SAndroid Build Coastguard Worker echo " -m" 15*33f37583SAndroid Build Coastguard Worker echo " Whether this is a Mainline module" 16*33f37583SAndroid Build Coastguard Worker exit -1 17*33f37583SAndroid Build Coastguard Worker} 18*33f37583SAndroid Build Coastguard Worker 19*33f37583SAndroid Build Coastguard Workeris_vendor=0 20*33f37583SAndroid Build Coastguard Workermainline_module=0 21*33f37583SAndroid Build Coastguard Worker 22*33f37583SAndroid Build Coastguard Workerwhile getopts "vmk:" opt; do 23*33f37583SAndroid Build Coastguard Worker case $opt in 24*33f37583SAndroid Build Coastguard Worker v) 25*33f37583SAndroid Build Coastguard Worker is_vendor=1 26*33f37583SAndroid Build Coastguard Worker ;; 27*33f37583SAndroid Build Coastguard Worker k) 28*33f37583SAndroid Build Coastguard Worker APEX_KEY=${OPTARG} 29*33f37583SAndroid Build Coastguard Worker ;; 30*33f37583SAndroid Build Coastguard Worker m) 31*33f37583SAndroid Build Coastguard Worker mainline_module=1 32*33f37583SAndroid Build Coastguard Worker ;; 33*33f37583SAndroid Build Coastguard Worker *) 34*33f37583SAndroid Build Coastguard Worker usage 35*33f37583SAndroid Build Coastguard Worker esac 36*33f37583SAndroid Build Coastguard Workerdone 37*33f37583SAndroid Build Coastguard Worker 38*33f37583SAndroid Build Coastguard Workershift $((OPTIND-1)) 39*33f37583SAndroid Build Coastguard WorkerAPEX_NAME=$1 40*33f37583SAndroid Build Coastguard Workerif [ -z ${APEX_NAME} ] 41*33f37583SAndroid Build Coastguard Workerthen 42*33f37583SAndroid Build Coastguard Worker echo "Missing apex package name" 43*33f37583SAndroid Build Coastguard Worker usage 44*33f37583SAndroid Build Coastguard Workerfi 45*33f37583SAndroid Build Coastguard Worker 46*33f37583SAndroid Build Coastguard WorkerYEAR=$(date +%Y) 47*33f37583SAndroid Build Coastguard Worker 48*33f37583SAndroid Build Coastguard Worker# For Mainline module, add the apex at the root apex/ directory. 49*33f37583SAndroid Build Coastguard Workerif ((mainline_module == 0)); then 50*33f37583SAndroid Build Coastguard Workermkdir -p ${APEX_NAME} 51*33f37583SAndroid Build Coastguard Workercd ${APEX_NAME} 52*33f37583SAndroid Build Coastguard Workerfi 53*33f37583SAndroid Build Coastguard Worker 54*33f37583SAndroid Build Coastguard Workercat > Android.bp <<EOF 55*33f37583SAndroid Build Coastguard Worker// Copyright (C) ${YEAR} The Android Open Source Project 56*33f37583SAndroid Build Coastguard Worker// 57*33f37583SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 58*33f37583SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 59*33f37583SAndroid Build Coastguard Worker// You may obtain a copy of the License at 60*33f37583SAndroid Build Coastguard Worker// 61*33f37583SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 62*33f37583SAndroid Build Coastguard Worker// 63*33f37583SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 64*33f37583SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 65*33f37583SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 66*33f37583SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 67*33f37583SAndroid Build Coastguard Worker// limitations under the License. 68*33f37583SAndroid Build Coastguard Worker 69*33f37583SAndroid Build Coastguard Workerpackage { 70*33f37583SAndroid Build Coastguard Worker default_applicable_licenses: ["Android-Apache-2.0"], 71*33f37583SAndroid Build Coastguard Worker} 72*33f37583SAndroid Build Coastguard Worker 73*33f37583SAndroid Build Coastguard WorkerEOF 74*33f37583SAndroid Build Coastguard Worker 75*33f37583SAndroid Build Coastguard Workerif [ -z ${APEX_KEY} ] 76*33f37583SAndroid Build Coastguard Workerthen 77*33f37583SAndroid Build Coastguard WorkerAPEX_KEY=${APEX_NAME} 78*33f37583SAndroid Build Coastguard Worker 79*33f37583SAndroid Build Coastguard Workeropenssl genrsa -out ${APEX_KEY}.pem 4096 80*33f37583SAndroid Build Coastguard Workeravbtool extract_public_key --key ${APEX_KEY}.pem --output ${APEX_KEY}.avbpubkey 81*33f37583SAndroid Build Coastguard Worker 82*33f37583SAndroid Build Coastguard Workercat > csr.conf <<EOF 83*33f37583SAndroid Build Coastguard Worker[req] 84*33f37583SAndroid Build Coastguard Workerdefault_bits = 4096 85*33f37583SAndroid Build Coastguard Workerdistinguished_name = dn 86*33f37583SAndroid Build Coastguard Workerprompt = no 87*33f37583SAndroid Build Coastguard Worker 88*33f37583SAndroid Build Coastguard Worker[dn] 89*33f37583SAndroid Build Coastguard WorkerC="US" 90*33f37583SAndroid Build Coastguard WorkerST="California" 91*33f37583SAndroid Build Coastguard WorkerL="Mountain View" 92*33f37583SAndroid Build Coastguard WorkerO="Android" 93*33f37583SAndroid Build Coastguard WorkerOU="Android" 94*33f37583SAndroid Build Coastguard WorkeremailAddress="[email protected]" 95*33f37583SAndroid Build Coastguard WorkerCN="${APEX_KEY}" 96*33f37583SAndroid Build Coastguard WorkerEOF 97*33f37583SAndroid Build Coastguard Worker 98*33f37583SAndroid Build Coastguard Workeropenssl req -x509 -config csr.conf -newkey rsa:4096 -nodes -days 999999 -keyout key.pem -out ${APEX_KEY}.x509.pem 99*33f37583SAndroid Build Coastguard Workerrm csr.conf 100*33f37583SAndroid Build Coastguard Workeropenssl pkcs8 -topk8 -inform PEM -outform DER -in key.pem -out ${APEX_KEY}.pk8 -nocrypt 101*33f37583SAndroid Build Coastguard Workerrm key.pem 102*33f37583SAndroid Build Coastguard Worker 103*33f37583SAndroid Build Coastguard Workercat >> Android.bp <<EOF 104*33f37583SAndroid Build Coastguard Workerapex_key { 105*33f37583SAndroid Build Coastguard Worker name: "${APEX_KEY}.key", 106*33f37583SAndroid Build Coastguard Worker public_key: "${APEX_KEY}.avbpubkey", 107*33f37583SAndroid Build Coastguard Worker private_key: "${APEX_KEY}.pem", 108*33f37583SAndroid Build Coastguard Worker} 109*33f37583SAndroid Build Coastguard Worker 110*33f37583SAndroid Build Coastguard Workerandroid_app_certificate { 111*33f37583SAndroid Build Coastguard Worker name: "${APEX_KEY}.certificate", 112*33f37583SAndroid Build Coastguard Worker certificate: "${APEX_KEY}", 113*33f37583SAndroid Build Coastguard Worker} 114*33f37583SAndroid Build Coastguard Worker 115*33f37583SAndroid Build Coastguard WorkerEOF 116*33f37583SAndroid Build Coastguard Worker 117*33f37583SAndroid Build Coastguard Workerfi 118*33f37583SAndroid Build Coastguard Worker 119*33f37583SAndroid Build Coastguard Workerif ((is_vendor == 0)); then 120*33f37583SAndroid Build Coastguard Worker 121*33f37583SAndroid Build Coastguard Workerif ((mainline_module == 1)); then 122*33f37583SAndroid Build Coastguard Worker 123*33f37583SAndroid Build Coastguard Workercat >> Android.bp <<EOF 124*33f37583SAndroid Build Coastguard Workerapex { 125*33f37583SAndroid Build Coastguard Worker name: "${APEX_NAME}", 126*33f37583SAndroid Build Coastguard Worker manifest: "manifest.json", 127*33f37583SAndroid Build Coastguard Worker file_contexts: ":${APEX_NAME}-file_contexts", 128*33f37583SAndroid Build Coastguard Worker key: "${APEX_KEY}.key", 129*33f37583SAndroid Build Coastguard Worker certificate: ":${APEX_KEY}.certificate", 130*33f37583SAndroid Build Coastguard Worker} 131*33f37583SAndroid Build Coastguard WorkerEOF 132*33f37583SAndroid Build Coastguard Worker 133*33f37583SAndroid Build Coastguard Workerelse 134*33f37583SAndroid Build Coastguard Worker 135*33f37583SAndroid Build Coastguard Workercat >> Android.bp <<EOF 136*33f37583SAndroid Build Coastguard Workerapex { 137*33f37583SAndroid Build Coastguard Worker name: "${APEX_NAME}", 138*33f37583SAndroid Build Coastguard Worker manifest: "manifest.json", 139*33f37583SAndroid Build Coastguard Worker file_contexts: ":apex.test-file_contexts", // Default, please edit, see go/android-apex-howto 140*33f37583SAndroid Build Coastguard Worker key: "${APEX_KEY}.key", 141*33f37583SAndroid Build Coastguard Worker certificate: ":${APEX_KEY}.certificate", 142*33f37583SAndroid Build Coastguard Worker updatable: false, 143*33f37583SAndroid Build Coastguard Worker} 144*33f37583SAndroid Build Coastguard WorkerEOF 145*33f37583SAndroid Build Coastguard Worker 146*33f37583SAndroid Build Coastguard Workerfi 147*33f37583SAndroid Build Coastguard Worker 148*33f37583SAndroid Build Coastguard Workercat > manifest.json << EOF 149*33f37583SAndroid Build Coastguard Worker{ 150*33f37583SAndroid Build Coastguard Worker "name": "${APEX_NAME}", 151*33f37583SAndroid Build Coastguard Worker 152*33f37583SAndroid Build Coastguard Worker // Placeholder module version to be replaced during build. 153*33f37583SAndroid Build Coastguard Worker // Do not change! 154*33f37583SAndroid Build Coastguard Worker "version": 0 155*33f37583SAndroid Build Coastguard Worker} 156*33f37583SAndroid Build Coastguard WorkerEOF 157*33f37583SAndroid Build Coastguard Worker 158*33f37583SAndroid Build Coastguard Workerelse 159*33f37583SAndroid Build Coastguard Worker 160*33f37583SAndroid Build Coastguard Workercat >> Android.bp <<EOF 161*33f37583SAndroid Build Coastguard Workerapex { 162*33f37583SAndroid Build Coastguard Worker name: "${APEX_NAME}", 163*33f37583SAndroid Build Coastguard Worker manifest: "manifest.json", 164*33f37583SAndroid Build Coastguard Worker file_contexts: "file_contexts", 165*33f37583SAndroid Build Coastguard Worker key: "${APEX_KEY}.key", 166*33f37583SAndroid Build Coastguard Worker certificate: ":${APEX_KEY}.certificate", 167*33f37583SAndroid Build Coastguard Worker updatable: false, 168*33f37583SAndroid Build Coastguard Worker vendor: true, 169*33f37583SAndroid Build Coastguard Worker} 170*33f37583SAndroid Build Coastguard WorkerEOF 171*33f37583SAndroid Build Coastguard Worker 172*33f37583SAndroid Build Coastguard Workercat > manifest.json << EOF 173*33f37583SAndroid Build Coastguard Worker{ 174*33f37583SAndroid Build Coastguard Worker "name": "${APEX_NAME}", 175*33f37583SAndroid Build Coastguard Worker "version": 1 176*33f37583SAndroid Build Coastguard Worker} 177*33f37583SAndroid Build Coastguard WorkerEOF 178*33f37583SAndroid Build Coastguard Worker 179*33f37583SAndroid Build Coastguard Workercat > file_contexts << EOF 180*33f37583SAndroid Build Coastguard Worker(/.*)? u:object_r:vendor_file:s0 181*33f37583SAndroid Build Coastguard Worker/etc(/.*)? u:object_r:vendor_configs_file:s0 182*33f37583SAndroid Build Coastguard Worker# Add more ... 183*33f37583SAndroid Build Coastguard Worker# /bin/hw/foo u:object_r:hal_foo_exec:s0 184*33f37583SAndroid Build Coastguard WorkerEOF 185*33f37583SAndroid Build Coastguard Worker 186*33f37583SAndroid Build Coastguard Workerfi 187