def _set_install_locations_for_sec_image_policies(install_policies, sec_image_policies, install_base_dir): logger.debug( "Getting the install policy install locations for the enabled secimage policies..." ) # loop though sec image policies for selected build policy for sec_image_policy in sec_image_policies: # initialize the sec_image_policy's install location list if the list doesn't exist yet if not hasattr(sec_image_policy, 'install_locations'): sec_image_policy.install_locations = [] # loop through install policies for selected build policy for install_policy in install_policies: # loop through directories of each install policy for directory in install_policy.directory: # if the directory's sec_image_policy matches the current sec_image_policy # then add the directory's path value to the sec_image_policy's list of install locations if directory.sec_image_policy == sec_image_policy.id: # add the new install location to the sec_image_policy's list of locations substituting in the value for install_base_dir if directory.value not in sec_image_policy.install_locations: directory_path = c_path.normalize( directory.value[:].replace( "${sectools_install_base_dir}", install_base_dir)) sec_image_policy.install_locations.append( directory_path) logger.debug( "Added {0} to the install locations for secimage policy {1}" .format( c_path.normalize( directory.value[:].replace( "${sectools_install_base_dir}", install_base_dir)), sec_image_policy.id))
def read(self, xml_path, config_xml_path=None): import auto_gen_fm_config import auto_gen_fmconf_config try: self.path = c_path.normalize(xml_path) self.config_path = c_path.normalize(config_xml_path) # load the FM config data if (self.config_path is not None): c_config.CoreConfig.__init__(self.core_fmconfig, auto_gen_fmconf_config, self.config_path) self.filtermethod = self.core_fmconfig.root.filterType.method else: # TODO: change default to None or error out, check with Maria self.filtermethod = 'all' # populate the FM data model self._populate(self.path, auto_gen_fm_config, self.core_config) except Exception: logger.debug('fuseMasterData: Exception raised') raise
def validate_args(arguments, err_strings, init_logging): # configure logger to log to filesystem if init_logging: if arguments.target_base_dir: folder = c_path.normalize(arguments.target_base_dir) try: c_path.create_dir(folder) except Exception as e: raise RuntimeError('Unable to create directory for logging: ' + folder + '\n' + 'Error: ' + str(e)) if arguments.sign_id: logging_file_name = SECTOOLS_BUILDER_TOOL_NAME.replace( " ", "_") + "_" + arguments.sign_id else: logging_file_name = SECTOOLS_BUILDER_TOOL_NAME.replace( " ", "_") logger.enable_file_logging(logging_file_name, num_logs=1, log_dir=folder) else: raise RuntimeError(err_strings[0]) err = [] # validate that the required fields were provided if not arguments.target_base_dir: err.append(err_strings[0]) if not arguments.source: err.append(err_strings[1]) if not arguments.sign_id: err.append(err_strings[2]) if arguments.jtag_id and arguments.soc_hw_version: err.append(err_strings[3]) if hasattr(arguments, "config_type") and arguments.config_type is not None: logger.info("Sectools Builder config was provided using new api") config = c_path.normalize(arguments.config_type) if config not in CONFIGS: err.append(err_strings[8]) else: logger.info( "Sectools Builder config was provided using deprecated api") config = c_path.normalize(arguments.config) if config not in CONFIGS: logger.warning( "Sectools Builder received custom Secimage config file") sectools_builder_core.validate_file(config, err_strings[4], err) validate_bool(arguments.qti_sign, err_strings[5], err) validate_bool(arguments.relocatable, err_strings[6], err) if hasattr( arguments, "target_image_type_filter" ) and arguments.target_image_type_filter is not None and arguments.target_image_type_filter not in [ sectools_builder_core.INTEGRITY, sectools_builder_core.SIGN, sectools_builder_core.ENCRYPT, sectools_builder_core.SIGN_AND_ENCRYPT ]: err.append(err_strings[7]) return error_list_to_str(err)
def __init__(self, image_path, img_config_parser, parsegen_config, authority, sign_id=None, gen_multi_image=False, multi_image_path=None): from sectools.features.isc.parsegen.config.parser import ParsegenCfgParser assert isinstance(image_path, str) assert isinstance(img_config_parser, ConfigParser) assert isinstance(parsegen_config, ParsegenCfgParser) if sign_id is not None: assert isinstance(sign_id, str) # Initialize the BaseStager BaseStager.__init__(self, authority) # Validate that the image path exists image_path = c_path.normalize(image_path) if not c_path.validate_file(image_path): raise RuntimeError('No read access to the image path: ' + image_path) # Put the image info object into the list imageinfo = self._create_imageinfo(img_config_parser, parsegen_config, sign_id, image_path, False) self._image_info_list.append(imageinfo) # Validate that the Multi-Image Sign & Integrity image path exists if multi_image_path is not None: multi_image_path = c_path.normalize(multi_image_path) if not c_path.validate_file(multi_image_path): raise RuntimeError('No read access to the ' + multi_image_string() + ' image path: ' + multi_image_path) # Set sign id to Multi-Image image's sign id sign_id = MULTI_IMAGE_SIGN_ID[authority] # Set the Multi-Image Signing & Integrity image's imageinfo multi_image_imageinfo = self._create_imageinfo( img_config_parser, parsegen_config, sign_id, multi_image_path, False) self._multi_image_imageinfo_dict[ multi_image_imageinfo.chipset] = multi_image_imageinfo # Create image info object for to-be-created Multi-Image Signing and Integrity image elif gen_multi_image: # Set sign id to Multi-Image Sign & Integrity image's sign id sign_id = MULTI_IMAGE_SIGN_ID[authority] # Set the Multi-Image Signing & Integrity image's imageinfo multi_image_imageinfo = self._create_imageinfo( img_config_parser, parsegen_config, sign_id, None, gen_multi_image) self._multi_image_imageinfo_dict[ multi_image_imageinfo.chipset] = multi_image_imageinfo
def generateMetaBuild(self, timer=1200, interval=5): """ generate new meta build with given image build :param str meta_build_path: meta build directory, require write access :param str image_build_path: image build directory, require read access """ if self.run: self.retcode = '' # meta build path validation meta_path_val = c_path.normalize(self.meta_build_path) if not c_path.validate_dir_write(meta_path_val): raise RuntimeError('Cannot write at: ' + meta_path_val) # image build path validation image_path_val = c_path.normalize(self.image_build_path) if not c_path.validate_dir(image_path_val): raise RuntimeError('Cannot access: ' + image_path_val) """TODO: Don't know how to check if TZ build has changed and if re-generate NON-HLOS.bin is needed. For now, always re-generate meta build. """ # check if meta build has been generated with the required image build already meta_info = self.getMetainfo(self.meta_build_path) path = meta_info.get_build_path(BUILD) tz_path_in_meta_build_val = c_path.normalize(path) generation_complete_flag = c_path.join(meta_path_val, GENERATION_COMPLETE_STR) """ if tz_path_in_meta_build_val == image_path_val and c_path.validate_file(generation_complete_flag): self.logging_state_info('meta build with required image build is available at: ' + meta_path_val) self.logging_state_info('meta build generation is skipped') logger.debug('meta build path: ' + meta_path_val) logger.debug('image build path: ' + image_path_val) else: """ cmd = ['python', REGENERATE_CMD_TZ + image_path_val] cwd = c_path.join(meta_path_val, BUILD_SCRIPTS_DIR) self.logging_state_info(getCurrentTime() + ' start meta build generation, please wait and do not interrupt ...') self.logging_state_info('Set current working directory: ' + cwd) self.logging_state_info('Generate Meta build command: ' + " ".join(cmd)) self.log = c_path.join(meta_path_val, REGENERATE_BUID_LOG) self.run = False self.retcode = self.execute(cmd, self.log, cwd, timer, interval) self.logging_state_info(getCurrentTime() +' meta build generation return code: ' + str(self.retcode)) self.logging_state_info('meta build generation log can be found at: ' + self.log) if self.retcode == 0: open(generation_complete_flag,'a').close() self.run = True self.logging_state_info(SECTION_BREAK) else: self.logging_state_info('skip meta build regeneration')
def dbgp_config(self, config_path): config_path = c_path.normalize(config_path) if not c_path.validate_file(config_path): raise RuntimeError( 'debugpolicy config is inaccessible at given path: ' + str(config_path)) self._config_parser = ConfigParser(config_path)
def __init__(self, image_path, img_config_parser, sign_id=None): assert isinstance(image_path, str) assert isinstance(img_config_parser, ConfigParser) if sign_id is not None: assert isinstance(sign_id, str) # Initialize the BaseStager BaseStager.__init__(self) # Validate that the image path exists image_path = c_path.normalize(image_path) if not c_path.validate_file(image_path): raise RuntimeError('No read access to the image path: ' + image_path) # Validate the sign_id sign_id = self._get_sign_id(img_config_parser, os.path.basename(image_path), sign_id) # Get the config block for the sign id img_config_block = img_config_parser.get_config_for_sign_id(sign_id) # Create the one image info object image_info = ImageInfo(image_path, sign_id, img_config_block, img_config_parser) image_info.dest_image.image_name = image_info.src_image.image_name # Check if the dest image name should be overriden if img_config_block.output_file_name is not None: image_info.dest_image.image_name = img_config_block.output_file_name # Put the image info object into the list self._image_info_list.append(image_info)
def validate_dir(path, var_name, error_list): if path: path = c_path.normalize(path) try: c_path.create_dir(path) except RuntimeError: error_list.append("Provided {0} \"{1}\" is not a valid path or does not have read/write access.".format(var_name, path))
def validate_file(path, var_name, error_list): if path: path = c_path.normalize(path) if not c_path.validate_file(path): error_list.append( "Provided {0} \"{1}\" is not a valid file or does not have read access." .format(var_name, path))
def __init__(self, image_path, img_config_parser, sign_id=None): assert isinstance(image_path, str) assert isinstance(img_config_parser, ConfigParser) if sign_id is not None: assert isinstance(sign_id, str) # Initialize the BaseStager BaseStager.__init__(self) # Validate that the image path exists image_path = c_path.normalize(image_path) if not c_path.validate_file(image_path): raise RuntimeError('No read access to the image path: ' + image_path) # Validate the sign_id sign_id = self._get_sign_id(img_config_parser, os.path.basename(image_path), sign_id) # Get the config block for the sign id img_config_block = img_config_parser.get_config_for_sign_id(sign_id) # Create the one image info object image_info = ImageInfo(image_path, sign_id, img_config_block, img_config_parser) image_info.dest_image.image_name = image_info.src_image.image_name # Check if the dest image name should be overriden if img_config_block.output_file_name is not None: image_info.dest_image.image_name = img_config_block.output_file_name # Put the image info object into the list self._image_info_list.append(image_info)
def secimage_config(self, config_path): config_path = c_path.normalize(config_path) if not c_path.validate_file(config_path): raise RuntimeError( 'Secimage config is inaccessible at given path: ' + str(config_path)) self._secimage_config = config_path
def secdat(self, secdat_path): if secdat_path: secdat_path = c_path.normalize(secdat_path) if not c_path.validate_file(secdat_path): raise RuntimeError('Cannot access the secdat file: ' + secdat_path) self._secdat = secdat_path logger.info('Secdat path is set to: ' + str(secdat_path))
def __init__(self, image_path, img_config_parser, parsegen_config, authority, sign_id=None, crypto_params={}, imageinfo_class=None): assert isinstance(image_path, str) assert isinstance(img_config_parser, ConfigParser) assert isinstance(parsegen_config, ParsegenCfgParser) if sign_id is not None: assert isinstance(sign_id, str) # Initialize the BaseStager super(ImagePathsStagerIot, self).__init__(authority) # Validate that the image path exists image_path = c_path.normalize(image_path) if not c_path.validate_file(image_path): raise RuntimeError('No read access to the image path: ' + image_path) # Put the image info object into the list imageinfo = self._create_imageinfo(img_config_parser, parsegen_config, sign_id, image_path, crypto_params=crypto_params, imageinfo_class=imageinfo_class) self._image_info_list.append(imageinfo)
def _execute_install(self, policy): logger.debug("\nInstalling Sectools's output file...") if self.input.sectools_install_base_dir: path, filename = os.path.split(self.input.source) chipset = ConfigParser( self.input.config).root.metadata.get_chipset() src = c_path.normalize( c_path.join(self.input.target_base_dir, policy.id, chipset, self.input.sign_id, filename)) for install_location in policy.install_locations: if self.input.install_file_name: dest = c_path.join(install_location, self.input.install_file_name) else: dest = c_path.join(install_location, filename) # Attempt installation 3 times before failing installation_successful = False for i in range(3): try: c_path.create_dir(install_location) copy_successful, error = c_path.copyFile( src, dest, None, True) if not copy_successful: continue except: # Installation failed so retry installation continue installation_successful = True logger.info("Installed \"{0}\" to \"{1}\"".format( src, dest)) break if not installation_successful: error_message = "Failed to install \"{0}\" to \"{1}\"".format( src, dest) logger.error(error_message) raise RuntimeError(error_message) # pilsplit sectools's output file pilsplit_subdirectory = "" if install_location != self.input.sectools_install_base_dir: pilsplit_subdirectory = install_location.replace( os.path.join(self.input.sectools_install_base_dir, "", ""), "") pilsplit_prefix = self.input.install_file_name.split( "." )[0] if self.input.install_file_name else filename.split( ".")[0] self._execute_pilsplit(dest, pilsplit_prefix, pilsplit_subdirectory) else: logger.info( "Installation was skipped because a value for sectools_install_base_dir was not provided" ) if self.input.pilsplitter_target_base_dir: logger.info( "Pilsplitting was skipped because a value for sectools_install_base_dir was not provided" )
class HardwareIdentityKeystore(BaseKeystore): KEYSTORE_TYPE = "PKCS11" PKCS11_CFG_TEMPLATE = c_path.normalize( os.path.join(defines.CASS_CLIENT_REFAPP_INPUT_DIR, 'pkcs11.cfg.template')) MESG_PROMPT_PASSWORD = '******' MESG_TOKEN_DRIVER_INVALID = "Token driver path {0} is invalid! Please install Safenet driver." def __init__(self, user_identity_config): self.file = None self._user_identity = user_identity_config BaseKeystore.__init__(self, user_identity_config.token_password) self.token_driver_home = user_identity_config.token_driver_home self.file = self._generate_pkcs11_cfg(self.token_driver_home) @property def file(self): return self._file @file.setter def file(self, value): self._file = value @property def type(self): return self.KEYSTORE_TYPE @property def token_driver_home(self): return self._token_driver_home @token_driver_home.setter def token_driver_home(self, token_driver_home_config): if sys.platform.startswith('linux'): self._token_driver_home = token_driver_home_config.linux else: self._token_driver_home = token_driver_home_config.windows if c_path.validate_file(self._token_driver_home) is False: raise ConfigError( self.MESG_TOKEN_DRIVER_INVALID.format(self._token_driver_home)) def _generate_pkcs11_cfg(self, token_driver_home): pkcs11_cfg_template_data = c_misc.load_data_from_file( self.PKCS11_CFG_TEMPLATE) pkcs11_cfg_data = signerutils.macro_replace(pkcs11_cfg_template_data, "token_driver_home", token_driver_home, isMandatory=True) return utility_functions.store_data_to_temp_file(pkcs11_cfg_data) def release(self): if self.file and os.path.isfile(self.file): logger.debug("Deleting temporary file: " + self.file) os.unlink(self.file) def __del__(self): self.release()
def __init__(self, meta_build_path, config_dir_obj, sign_id_list=[]): assert isinstance(meta_build_path, str) assert isinstance(config_dir_obj, ConfigDir) # Initialize the BaseStager BaseStager.__init__(self) self.config_dir_obj = config_dir_obj # Create internal attributes self._meta_build_path = meta_build_path # Validate that the meta_build path exists meta_build_path = c_path.normalize(meta_build_path) if not c_path.validate_dir(meta_build_path): raise RuntimeError('No read access to the meta build path: ' + meta_build_path) # Get the meta lib module from the metabuild meta_info = self.get_meta_info(meta_build_path) # Create the image info list based on the meta data for sign_id, chipset, image_src_path, image_dest_path in self.get_image_info_from_meta(meta_info): # Filer on the sign id if sign_id_list: if sign_id not in sign_id_list: continue try: img_config_parser = self.get_image_config_parser(chipset) # Validate the sign_id sign_id = self._get_sign_id(img_config_parser, os.path.basename(image_src_path.image_path), sign_id) # Get the config block for the sign id img_config_block = img_config_parser.get_config_for_sign_id(sign_id) # Create the one image info object image_info = ImageInfo('', sign_id, img_config_block, img_config_parser) # Set the src path image_info.src_image = image_src_path image_info.image_under_operation = image_info.src_image.image_path # Set the dest path image_info.dest_image = image_dest_path # Put the image info object into the list self._image_info_list.append(image_info) except Exception as e: logger.error(str(e)) if not self._image_info_list: raise RuntimeError('No images found from the meta build.')
def set_input_file(self, i_file): """(str) Path to the input debugpolicy elf file. """ i_file = c_path.normalize(i_file) if not c_path.validate_file(i_file): raise RuntimeError( 'debugpolicy elf file is inaccessible at given path: ' + str(i_file)) self._input_files_base = os.path.dirname(i_file) self._input_files_list = [i_file]
def mini_build_path(self, mini_build_path): assert isinstance(mini_build_path, str) mini_build_path = c_path.normalize(mini_build_path) if not c_path.validate_dir_write(mini_build_path): raise RuntimeError('No write access to minimized build directory: ' + mini_build_path) # Update the output dir of each image in image_info_list for image_info in self.image_info_list: image_info.dest_image.image_dir_base = mini_build_path self._mini_build_path = mini_build_path
def set_config_paths(self, oem_config_path=None, qc_config_path=None, ui_config_path=None, user_config_path=None): """Sets the config paths to the paths provided. :param str oem_config_path: Path to the OEM config file :param str qc_config_path: Path to the QC config file :param str ui_config_path: Path to the UI config file """ # Normalize all paths oem_config_path = c_path.normalize(oem_config_path) if oem_config_path is not None else None qc_config_path = c_path.normalize(qc_config_path) if qc_config_path is not None else None ui_config_path = c_path.normalize(ui_config_path) if ui_config_path is not None else None user_config_path = c_path.normalize(user_config_path) if user_config_path is not None else None # Set the paths on the config_parser self._config_parser.read(oem_config_path, qc_config_path, ui_config_path, user_config_path)
def directory_to_string(complex_directory_object, install_base_dir): directory_list = [] for directory in complex_directory_object: directory_list.append( "[" + directory.sec_image_policy + ": " + c_path.normalize(directory.value[:].replace( "${sectools_install_base_dir}", install_base_dir)) + "]") return ", ".join(directory_list)
def output_dir(self, output_dir): output_dir = c_path.normalize(output_dir) try: c_path.create_dir(output_dir) except Exception as e: raise RuntimeError('Cannot write in the given output_dir: ' + output_dir + '\n' ' ' + 'Error: ' + str(e)) self._output_dir = output_dir logger.info('Output dir is set to: ' + output_dir)
def get_keydata_from_file(filepath): import os import binascii filepath = c_path.normalize(os.path.join(DIR_PATH, filepath)) with open(filepath, 'rb') as f: f.seek(0) file_data = binascii.hexlify(f.read()) f.close() return file_data
def output_dir(self, output_dir): assert isinstance(output_dir, str) output_dir = c_path.normalize(output_dir) if not c_path.validate_dir_write(output_dir): raise RuntimeError('No write access to output directory: ' + output_dir) # Update the output dir of each image in image_info_list for image_info in self.image_info_list: image_info.dest_image.image_dir_base = output_dir image_info.dest_image.image_dir_ext = (image_info.chipset + '/' + image_info.sign_id) self._output_dir = output_dir
def log_to_file(folder): """Configures the logger to log to filesystem :param str folder: Directory to generate the logs in. """ folder = c_path.normalize(folder) try: c_path.create_dir(folder) except Exception as e: raise RuntimeError('Unable to create directory for logging: ' + folder + '\n' ' ' + 'Error: ' + str(e)) logger.enable_file_logging(FUSEBLOWER_TOOL_NAME, num_logs=1, log_dir=folder)
def output_dir(self, output_dir): assert isinstance(output_dir, str) output_dir = c_path.normalize(output_dir) if not c_path.validate_dir_write(output_dir): raise RuntimeError('No write access to output directory: ' + output_dir) # Update the output dir of each image in image_info_list for image_info in self.image_info_list: self.update_dest_image(image_info, output_dir) self._output_dir = output_dir
def _get_cmds(self): if os.path.exists(self.output_dir) is None: os.makedirs(self.output_dir) signing_package_file = c_path.normalize(self.signing_package_file_name) cmds = ["java"] if self.cass_signer_attributes.server: cmds.append("-Dcass_server.host={0}".format( self.cass_signer_attributes.server.host)) cmds.append("-Dcass_server.sslport={0}".format( self.cass_signer_attributes.server.port)) cmds.append("-Dtrust_anchor.file={0}".format( self.trust_keystore.file)) cmds.append("-Dtrust_anchor.password={0}".format( self.trust_keystore.password)) cmds.append("-Dtrust_anchor.keystoretype={0}".format( self.trust_keystore.type)) cmds.append("-Dcn_verify.mode={0}".format( self.host_validation_mode)) cmds.append("-Dsig_authority.file={0}".format( self.identity_keystore.file)) cmds.append("-Dsig_authority.password={0}".format( self.identity_keystore.password)) cmds.append("-Dsig_authority.keystoretype={0}".format( self.identity_keystore.type)) if self.identity_keystore.token_driver_home: cmds.append("-Detoken_driver_home={0}".format( self.identity_keystore.token_driver_home)) cmds.append("-Doutput.location={0}".format(self.output_dir)) cmds.append("-Dschema.location={0}".format( c_path.normalize(self.SCHEMA_XSD_FILE_PATH))) cmds.extend(['-jar', self.CLIENT_REFAPP_JAR, signing_package_file]) # only enable -v if debug is enabled if logger.verbosity < logger.DEBUG: cmds.append('-v') self.cmds = cmds
def get_scons_targets(input): # initialize target lists integrity_targets = list() sign_targets = list() encrypt_targets = list() sign_and_encrypt_targets = list() scons_targets = [integrity_targets, sign_targets, encrypt_targets, sign_and_encrypt_targets] pilsplit_files_to_clean = list() # get chipset and filename of input file chipset = SecImageConfigParser(input.config).root.metadata.get_chipset() path, filename = os.path.split(input.source) if input.build_policy: for policy in input.build_policy.sec_image_policies: target_list_to_append_to = scons_targets[target_map[policy.cmd_options]] # get path to installed image if input.sectools_install_base_dir: for install_location in policy.install_locations: if input.install_file_name: target = c_path.join(install_location, input.install_file_name) else: target = c_path.join(install_location, filename) logger.debug("Added to-be-installed file \"{0}\" to SCons target list".format(target)) target_list_to_append_to.append(target) # determine pilsplit images to cleanup if input.pilsplitter_target_base_dir: if install_location != input.sectools_install_base_dir: pilsplit_directory = c_path.join(input.pilsplitter_target_base_dir, install_location.replace(os.path.join(input.sectools_install_base_dir, "", ""), "")) else: pilsplit_directory = input.pilsplitter_target_base_dir if c_path.validate_dir_write(pilsplit_directory): pilsplit_filename = input.install_file_name.split(".")[0] if input.install_file_name else filename.split(".")[0] # get all pil files in pilsplit target directory regex = r"^" + re.escape(pilsplit_filename) + r"\.((mdt)|(b[0-9][0-9]))$" pil_files = [c_path.join(pilsplit_directory, f) for f in os.listdir(pilsplit_directory) if re.match(regex, f)] for pil_file in pil_files: logger.debug("Added pilsplit file \"{0}\" to SCons clean list".format(pil_file)) pilsplit_files_to_clean.append(pil_file) # get path to uninstalled image if no installation is requested else: uninstalled_target = c_path.normalize(c_path.join(input.target_base_dir, policy.id, chipset, input.sign_id, filename)) target_list_to_append_to.append(uninstalled_target) logger.debug("Added file \"{0}\" to SCons target list".format(uninstalled_target)) # remove duplicates from lists for i, targets in enumerate(scons_targets): scons_targets[i] = remove_duplicates(targets) pilsplit_files_to_clean = remove_duplicates(pilsplit_files_to_clean) # clean pilsplit files input.environment.Clean(scons_targets, pilsplit_files_to_clean) # return target list return scons_targets
def getBuildIDfrompath(meta_build_path): """ Returns build ID from meta build path :param str meta_build_path: meta build path :returns: meta build ID :rtype: str """ # meta build path validation path_val = c_path.normalize(meta_build_path) if not c_path.validate_dir(path_val): raise RuntimeError('Cannot access: ' + path_val) # get build id from build_path as it is the directory name in dest build_id = os.path.basename(path_val) return build_id
def generate_sha256_hash_from_file(filepath): import hashlib import os filepath = c_path.normalize(os.path.join(DIR_PATH, filepath)) try: cert_file = open(filepath, 'rb') file_data = cert_file.read() cert_file.close() except Exception, e: error_str = 'file operation failed. {0}'.format(e) raise RuntimeError(error_str) raise e
def output_dir(self, output_dir): assert isinstance(output_dir, str) output_dir = c_path.normalize(output_dir) if not c_path.validate_dir_write(output_dir): raise RuntimeError('No write access to output directory: ' + output_dir) # Update the output dir of each image in image_info_list for image_info in self.image_info_list: self.update_dest_image(image_info, output_dir) # Update the output dir of Multi-Image Signing and Integrity image if self._multi_image_imageinfo_dict: for target, imageinfo in self._multi_image_imageinfo_dict.items(): self.update_dest_image(imageinfo, output_dir) self._output_dir = output_dir
def sign(self, signingpackage_fname, outputdir): signaturepackage_binary = None cmds = self._getCmds(signingpackage_fname, outputdir) cass_server = self.cass_signer_attributes.server.host if self.cass_signer_attributes.server else "default CASS server" logger.info("Connecting to {0}".format(cass_server)) logger.debug("Executing commands: \n'" + "\n".join(cmds) + "'\n") output = self._executeCmds(cmds) logger.debug(output) signaturepackage_filepath = os.path.join(outputdir, self.SIGNATUREPACKPAGE_RELPATH) if os.path.isfile(signaturepackage_filepath): logger.info("Signature package retrieved from server: " + c_path.normalize(signaturepackage_filepath)) signaturepackage_binary = c_misc.load_data_from_file(signaturepackage_filepath) # clean up path, filename = os.path.split(signaturepackage_filepath) shutil.rmtree(path) return signaturepackage_binary
def __init__(self, filepath=None, password="", keystoreType="JKS"): BaseKeystore.__init__(self, password) self._file = c_path.normalize(filepath) self._type = keystoreType
def __init__(self, meta_build_path, config_dir_obj, sign_id_list=[]): assert isinstance(meta_build_path, str) assert isinstance(config_dir_obj, ConfigDir) # Initialize the BaseStager BaseStager.__init__(self) self.config_dir_obj = config_dir_obj # Create internal attributes self._meta_build_path = meta_build_path # Validate that the meta_build path exists meta_build_path = c_path.normalize(meta_build_path) if not c_path.validate_dir(meta_build_path): raise RuntimeError('No read access to the meta build path: ' + meta_build_path) # Get the meta lib module from the metabuild meta_info = self.get_meta_info(meta_build_path) # Create the image info list based on the meta data for sign_id, chipset, image_src_path, image_dest_path in self.get_image_info_from_meta(meta_info): # Filer on the sign id if sign_id_list: if sign_id not in sign_id_list: continue try: img_config_parser = self.get_image_config_parser(chipset) # Validate the sign_id sign_id = self._get_sign_id(img_config_parser, os.path.basename(image_src_path.image_path), sign_id) # Get the config block for the sign id img_config_block = img_config_parser.get_config_for_sign_id(sign_id) # Create the one image info object image_info = ImageInfo('', sign_id, img_config_block, img_config_parser) # Set the src path image_info.src_image = image_src_path image_info.image_under_operation = image_info.src_image.image_path # Set the dest path image_info.dest_image = image_dest_path # Check if the dest image name should be overriden if img_config_block.output_file_name is not None: image_info.dest_image.image_name = img_config_block.output_file_name # Put the image info object into the list self._image_info_list.append(image_info) except Exception as e: logger.error(str(e)) if not self._image_info_list: raise RuntimeError('No images found from the meta build.')
def image_dir_base(self, image_dir_base): image_dir_base = c_path.normalize(image_dir_base) self._image_dir_base = image_dir_base
def _formatpath(self, path): return c_path.normalize(path)