android_scripts/generate_keys at main · ederevx/android_scripts · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
#!/bin/bash

# SPDX-FileCopyrightText: 2024 Edrick Sinsuan
# SPDX-License-Identifier: Apache-2.0

script_dir=$(dirname $0)
if ! check_file "$script_dir/setup_env"; then
    decho "setup_env must be present in $script_dir!"
    exit_timestamp 1
fi
source $script_dir/setup_env

param_func() {
    while [[ $# -gt 0 ]]
        do
        key="$1"

        case $key in
            -r|--replace)
                replace=y
            ;;
        esac
        shift
    done
}

backup_certs() {
    if [[ $replace != "y" ]]; then
        return
    fi

    decho "Backing up certificates..."

    if ! check_dir "$1"; then
        echo "USAGE: $0 ROM_PATH"
        exit_timestamp 1
    fi

    if ! check_dir "$1/backup"; then
        mkdir "$1/backup"
    fi

    mv -f $1/*.pem $1/backup
    mv -f $1/*.pk8 $1/backup
}

if ! check_dir "$1"; then
    echo "USAGE: $0 ROM_PATH"
    exit_timestamp 1
fi

readonly ROM_PATH=$1
readonly VENDOR_PRIV_DIR=$ROM_PATH/vendor/lineage-priv

if ! check_dir "$VENDOR_PRIV_DIR"; then
    echo "The script assumes $VENDOR_PRIV_DIR has been setup, set it up first!"
    exit_timestamp 1
fi

if check_dir ~/.android-certs; then
    rm -rf ~/.android-certs
fi

mkdir ~/.android-certs

subject='/C=US/ST=Florida/L=Tallahassee/O=Edrick Sinsuan/OU=Edrick Sinsuan/CN=Edrick Sinsuan/emailAddress=evcsinsuan@gmail.com'

for x in bluetooth cts_uicc_2021 media networkstack platform sdk_sandbox shared testkey releasekey nfc; do
    if [[ $replace != "y" ]]; then
        if check_file "$VENDOR_PRIV_DIR/keys/$x.pk8"; then
            continue
        fi
    fi
    $ROM_PATH/development/tools/make_key ~/.android-certs/$x "$subject"; \
done

cp $ROM_PATH/development/tools/make_key ~/.android-certs/

# Modify the key size in the make_key tool from 2048 to 4096
sed -i 's|2048|4096|g' ~/.android-certs/make_key

for apex in com.android.adbd com.android.adservices com.android.adservices.api com.android.appsearch com.android.art com.android.bluetooth com.android.btservices com.android.cellbroadcast com.android.compos com.android.configinfrastructure com.android.connectivity.resources com.android.conscrypt com.android.devicelock com.android.extservices com.android.graphics.pdf com.android.hardware.biometrics.face.virtual com.android.hardware.biometrics.fingerprint.virtual com.android.hardware.boot com.android.hardware.cas com.android.hardware.wifi com.android.healthfitness com.android.hotspot2.osulogin com.android.i18n com.android.ipsec com.android.media com.android.media.swcodec com.android.mediaprovider com.android.nearby.halfsheet com.android.networkstack.tethering com.android.neuralnetworks com.android.ondevicepersonalization com.android.os.statsd com.android.permission com.android.resolv com.android.rkpd com.android.runtime com.android.safetycenter.resources com.android.scheduling com.android.sdkext com.android.support.apexer com.android.telephony com.android.telephonymodules com.android.tethering com.android.tzdata com.android.uwb com.android.uwb.resources com.android.virt com.android.vndk.current com.android.vndk.current.on_vendor com.android.wifi com.android.wifi.dialog com.android.wifi.resources com.google.pixel.camera.hal com.google.pixel.vibrator.hal com.qorvo.uwb; do
    if [[ $replace != "y" ]]; then
        if check_file "$VENDOR_PRIV_DIR/keys/$apex.pk8"; then
            continue
        fi
    fi
    subject='/C=US/ST=Florida/L=Tallahassee/O=Edrick Sinsuan/OU=Edrick Sinsuan/CN='$apex'/emailAddress=evcsinsuan@gmail.com'
    ~/.android-certs/make_key ~/.android-certs/$apex "$subject"
    openssl pkcs8 -in ~/.android-certs/$apex.pk8 -inform DER -nocrypt -out ~/.android-certs/$apex.pem
done

# Backup all former keys
backup_certs $VENDOR_PRIV_DIR/keys

decho "Moving certificates..."

mv -f ~/.android-certs/*.pem $VENDOR_PRIV_DIR/keys
mv -f ~/.android-certs/*.pk8 $VENDOR_PRIV_DIR/keys

decho "Complete!"

exit_timestamp 0