autograph: go.mozilla.org/autograph/signer/apk Index | Files

package apk

import "go.mozilla.org/autograph/signer/apk"

Index

Package Files

apk.go jar.go

Constants

const (
    // Type of this signer is "apk"
    Type = "apk"

    // ZIPMethodCompressAll represents the default option to
    // compress all files in repacked JARs
    ZIPMethodCompressAll = "all"
    // ZIPMethodCompressPassthrough represents the option to pass
    // through all files with their current compression in JARs
    ZIPMethodCompressPassthrough = "passthrough"
)

type APKSigner Uses

type APKSigner struct {
    signer.Configuration
    // contains filtered or unexported fields
}

An APKSigner is configured to issue PKCS7 detached signatures for Android application packages.

func New Uses

func New(conf signer.Configuration) (s *APKSigner, err error)

New initializes an apk signer using a configuration

func (*APKSigner) Config Uses

func (s *APKSigner) Config() signer.Configuration

Config returns the configuration of the current signer

func (*APKSigner) GetDefaultOptions Uses

func (s *APKSigner) GetDefaultOptions() interface{}

GetDefaultOptions returns default options of the signer

func (*APKSigner) SignData Uses

func (s *APKSigner) SignData(sigfile []byte, options interface{}) (signer.Signature, error)

SignData takes a JAR signature file and returns a pkcs7 signature

func (*APKSigner) SignFile Uses

func (s *APKSigner) SignFile(input []byte, options interface{}) (signer.SignedFile, error)

SignFile takes an unsigned, unaligned APK in base64 form, generates the JAR manifests and calls SignData to sign the signature file using the configured private key.

The PKCS7 detached signature and the manifests are then stored inside the ZIP file under META-INF, and the whole archived is aligned. The returned data is the signed aligned APK.

This implements apksigning v1, aka jarsigner. apksigning v2 is not supported.

type Options Uses

type Options struct {
    ZIP string `json:"zip"`

    // PKCS7Digest is a string referring to algorithm to use for the PKCS7 signature digest
    PKCS7Digest string `json:"pkcs7_digest"`
}

Options is empty for this signer type

func GetOptions Uses

func GetOptions(input interface{}) (options Options, err error)

GetOptions takes a input interface and reflects it into a struct of options

func (*Options) PK7Digest Uses

func (o *Options) PK7Digest() (asn1.ObjectIdentifier, error)

PK7Digest validates and return an ASN OID for a PKCS7 digest algorithm or an error. If no specific digest is specific, SHA256 is used.

type Signature Uses

type Signature struct {
    Data     []byte
    Finished bool
    // contains filtered or unexported fields
}

Signature is a PKCS7 detached signature

func Unmarshal Uses

func Unmarshal(signature string, content []byte) (sig *Signature, err error)

Unmarshal takes the base64 representation of a PKCS7 detached signature and the content of the signed data, and returns a PKCS7 struct

func (*Signature) Marshal Uses

func (sig *Signature) Marshal() (string, error)

Marshal returns the base64 representation of a PKCS7 detached signature

func (*Signature) String Uses

func (sig *Signature) String() string

String returns a PEM encoded PKCS7 block

func (*Signature) Verify Uses

func (sig *Signature) Verify() error

Verify verifies an apk pkcs7 signature WARNING: this function does not verify the JAR manifests

Package apk imports 23 packages (graph) and is imported by 2 packages. Updated 2019-03-30. Refresh now. Tools for package owners.