diff options
| author | Keiji Ariyama <keiji_ariyama@c-lis.co.jp> | 2012-06-11 12:28:57 +0900 |
|---|---|---|
| committer | Keiji Ariyama <keiji_ariyama@c-lis.co.jp> | 2013-01-13 22:04:43 +0900 |
| commit | 62d40cbfbc6e974795d43f74499fd069bce635a4 (patch) | |
| tree | 11c7ca8a1d35c91292f122dbe2486a11b9548298 /eclipse/plugins | |
| parent | 52887098816f1e49a0709923e3e9c93c4816f12b (diff) | |
| download | sdk-62d40cbfbc6e974795d43f74499fd069bce635a4.zip sdk-62d40cbfbc6e974795d43f74499fd069bce635a4.tar.gz sdk-62d40cbfbc6e974795d43f74499fd069bce635a4.tar.bz2 | |
Displaying the debug certificate MD5&SHA1 fingerprint on Build preference.
Printing the created certificate fingerprint to Android Console.
Showing the certificate fingerprint on ExportWizard.
Related issue: http://code.google.com/p/android/issues/detail?id=19035
Change-Id: Ie88760f19d5d20a4660035dae1e9598c636e25da
Diffstat (limited to 'eclipse/plugins')
6 files changed, 299 insertions, 19 deletions
diff --git a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/BuildPreferencePage.java b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/BuildPreferencePage.java index d5aa30a..f5f4633 100644 --- a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/BuildPreferencePage.java +++ b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/BuildPreferencePage.java @@ -18,6 +18,7 @@ package com.android.ide.eclipse.adt.internal.preferences; import com.android.ide.eclipse.adt.AdtPlugin; import com.android.ide.eclipse.adt.internal.preferences.AdtPrefs.BuildVerbosity; +import com.android.ide.eclipse.adt.internal.utils.FingerprintUtils; import com.android.prefs.AndroidLocation.AndroidLocationException; import com.android.sdklib.internal.build.DebugKeyProvider; import com.android.sdklib.internal.build.DebugKeyProvider.KeytoolException; @@ -25,6 +26,7 @@ import com.android.sdklib.internal.build.DebugKeyProvider.KeytoolException; import org.eclipse.jface.preference.BooleanFieldEditor; import org.eclipse.jface.preference.FieldEditorPreferencePage; import org.eclipse.jface.preference.FileFieldEditor; +import org.eclipse.jface.preference.IPreferenceStore; import org.eclipse.jface.preference.RadioGroupFieldEditor; import org.eclipse.jface.preference.StringFieldEditor; import org.eclipse.swt.widgets.Composite; @@ -36,6 +38,7 @@ import java.io.File; import java.io.IOException; import java.security.GeneralSecurityException; import java.security.PrivateKey; +import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.util.Date; @@ -46,9 +49,22 @@ import java.util.Date; public class BuildPreferencePage extends FieldEditorPreferencePage implements IWorkbenchPreferencePage { + private IPreferenceStore mPrefStore = null; + + // default key store + private ReadOnlyFieldEditor mDefaultKeyStore = null; + private LabelField mDefaultFingerprintMd5 = null; + private LabelField mDefaultFingerprintSha1 = null; + + // custom key store + private KeystoreFieldEditor mCustomKeyStore = null; + private LabelField mCustomFingerprintMd5 = null; + private LabelField mCustomFingerprintSha1 = null; + public BuildPreferencePage() { super(GRID); - setPreferenceStore(AdtPlugin.getDefault().getPreferenceStore()); + mPrefStore = AdtPlugin.getDefault().getPreferenceStore(); + setPreferenceStore(mPrefStore); setDescription(Messages.BuildPreferencePage_Title); } @@ -76,12 +92,90 @@ public class BuildPreferencePage extends FieldEditorPreferencePage implements getFieldEditorParent(), true); addField(rgfe); - addField(new ReadOnlyFieldEditor(AdtPrefs.PREFS_DEFAULT_DEBUG_KEYSTORE, - Messages.BuildPreferencePage_Default_KeyStore, getFieldEditorParent())); + // default debug keystore fingerprints + Fingerprints defaultFingerprints = getFingerprints( + mPrefStore.getString(AdtPrefs.PREFS_DEFAULT_DEBUG_KEYSTORE)); + + // default debug key store fields + mDefaultKeyStore = new ReadOnlyFieldEditor(AdtPrefs.PREFS_DEFAULT_DEBUG_KEYSTORE, + Messages.BuildPreferencePage_Default_KeyStore, getFieldEditorParent()); + mDefaultFingerprintMd5 = new LabelField( + Messages.BuildPreferencePage_Default_Certificate_Fingerprint_MD5, + defaultFingerprints != null ? defaultFingerprints.md5 : "", + getFieldEditorParent()); + mDefaultFingerprintSha1 = new LabelField( + Messages.BuildPreferencePage_Default_Certificate_Fingerprint_SHA1, + defaultFingerprints != null ? defaultFingerprints.sha1 : "", + getFieldEditorParent()); + + addField(mDefaultKeyStore); + addField(mDefaultFingerprintMd5); + addField(mDefaultFingerprintSha1); + + // custom debug keystore fingerprints + Fingerprints customFingerprints = null; + + String customDebugKeystorePath = mPrefStore.getString(AdtPrefs.PREFS_CUSTOM_DEBUG_KEYSTORE); + if (new File(customDebugKeystorePath).isFile()) { + customFingerprints = getFingerprints(customDebugKeystorePath); + } else { + // file does not exist. + setErrorMessage("Not a valid keystore path."); + } - addField(new KeystoreFieldEditor(AdtPrefs.PREFS_CUSTOM_DEBUG_KEYSTORE, - Messages.BuildPreferencePage_Custom_Keystore, getFieldEditorParent())); + // custom debug key store fields + mCustomKeyStore = new KeystoreFieldEditor(AdtPrefs.PREFS_CUSTOM_DEBUG_KEYSTORE, + Messages.BuildPreferencePage_Custom_Keystore, getFieldEditorParent()); + mCustomFingerprintMd5 = new LabelField( + Messages.BuildPreferencePage_Default_Certificate_Fingerprint_MD5, + customFingerprints != null ? customFingerprints.md5 : "", + getFieldEditorParent()); + mCustomFingerprintSha1 = new LabelField( + Messages.BuildPreferencePage_Default_Certificate_Fingerprint_SHA1, + customFingerprints != null ? customFingerprints.sha1 : "", + getFieldEditorParent()); + + // set fingerprint fields + mCustomKeyStore.setFingerprintMd5Field(mCustomFingerprintMd5); + mCustomKeyStore.setFingerprintSha1Field(mCustomFingerprintSha1); + + addField(mCustomKeyStore); + addField(mCustomFingerprintMd5); + addField(mCustomFingerprintSha1); + } + /** + * MD5 & SHA1 fingerprints. + */ + private static class Fingerprints { + final String md5; + final String sha1; + + Fingerprints(String md5Val, String sha1Val) { + md5 = md5Val; + sha1 = sha1Val; + } + } + + private Fingerprints getFingerprints(String keystorePath) { + // attempt to load the debug key. + try { + DebugKeyProvider keyProvider = new DebugKeyProvider(keystorePath, + null /* storeType */, null /* key gen output */); + + return new Fingerprints( + FingerprintUtils.getFingerprint(keyProvider.getCertificate(), "MD5"), + FingerprintUtils.getFingerprint(keyProvider.getCertificate(), "SHA1")); + } catch (GeneralSecurityException e) { + setErrorMessage(e.getMessage()); + } catch (IOException e) { + setErrorMessage(e.getMessage()); + } catch (KeytoolException e) { + setErrorMessage(e.getMessage()); + } catch (AndroidLocationException e) { + setErrorMessage(e.getMessage()); + } + return null; } /* @@ -93,6 +187,27 @@ public class BuildPreferencePage extends FieldEditorPreferencePage implements public void init(IWorkbench workbench) { } + /* + * (non-Javadoc) + * + * @see org.eclipse.jface.preference.FieldEditorPreferencePage#performDefaults + * (org.eclipse.jface.preference.PreferencePage#performDefaults) + */ + @Override + protected void performDefaults() { + super.performDefaults(); + + // restore the default key store fingerprints + Fingerprints defaultFingerprints = getFingerprints(mPrefStore + .getString(AdtPrefs.PREFS_DEFAULT_DEBUG_KEYSTORE)); + mDefaultFingerprintMd5.setStringValue(defaultFingerprints.md5); + mDefaultFingerprintSha1.setStringValue(defaultFingerprints.sha1); + + // set custom fingerprint fields to blank + mCustomFingerprintMd5.setStringValue(""); + mCustomFingerprintSha1.setStringValue(""); + } + /** * A read-only string field editor. */ @@ -112,9 +227,50 @@ public class BuildPreferencePage extends FieldEditorPreferencePage implements } /** + * A read-only string field. + */ + private static class LabelField extends StringFieldEditor { + private String text; + + public LabelField(String labelText, String value, Composite parent) { + super("", labelText, parent); + text = value; + } + + @Override + protected void createControl(Composite parent) { + super.createControl(parent); + + Text control = getTextControl(); + control.setEditable(false); + } + + @Override + protected void doLoad() { + setStringValue(text); + } + + @Override + protected void doStore() { + // Do nothing + } + } + + /** * Custom {@link FileFieldEditor} that checks that the keystore is valid. */ private static class KeystoreFieldEditor extends FileFieldEditor { + private StringFieldEditor fingerprintMd5 = null; + private StringFieldEditor fingerprintSha1 = null; + + public void setFingerprintMd5Field(StringFieldEditor field) { + fingerprintMd5 = field; + } + + public void setFingerprintSha1Field(StringFieldEditor field) { + fingerprintSha1 = field; + } + public KeystoreFieldEditor(String name, String label, Composite parent) { super(name, label, parent); setValidateStrategy(VALIDATE_ON_KEY_STROKE); @@ -125,6 +281,14 @@ public class BuildPreferencePage extends FieldEditorPreferencePage implements String fileName = getTextControl().getText(); fileName = fileName.trim(); + if (fingerprintMd5 != null) { + fingerprintMd5.setStringValue(""); + } + + if (fingerprintSha1 != null) { + fingerprintSha1.setStringValue(""); + } + // empty values are considered ok. if (fileName.length() > 0) { File file = new File(fileName); @@ -141,6 +305,16 @@ public class BuildPreferencePage extends FieldEditorPreferencePage implements return false; } + if (fingerprintMd5 != null) { + fingerprintMd5.setStringValue( + FingerprintUtils.getFingerprint(certificate, "MD5")); + } + + if (fingerprintSha1 != null) { + fingerprintSha1.setStringValue( + FingerprintUtils.getFingerprint(certificate, "SHA1")); + } + Date today = new Date(); if (certificate.getNotAfter().compareTo(today) < 0) { showErrorMessage("Certificate is expired!"); diff --git a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/Messages.java b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/Messages.java index 1474102..70b9751 100644 --- a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/Messages.java +++ b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/Messages.java @@ -18,8 +18,16 @@ public class Messages extends NLS { public static String BuildPreferencePage_Custom_Keystore; + public static String BuildPreferencePage_Custom_Certificate_Fingerprint_MD5; + + public static String BuildPreferencePage_Custom_Certificate_Fingerprint_SHA1; + public static String BuildPreferencePage_Default_KeyStore; + public static String BuildPreferencePage_Default_Certificate_Fingerprint_MD5; + + public static String BuildPreferencePage_Default_Certificate_Fingerprint_SHA1; + public static String BuildPreferencePage_Normal; public static String BuildPreferencePage_Silent; diff --git a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/messages.properties b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/messages.properties index 865ac19..61894fd 100644 --- a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/messages.properties +++ b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/messages.properties @@ -5,7 +5,11 @@ BuildPreferencePage_Silent=Silent BuildPreferencePage_Normal=Normal BuildPreferencePage_Verbose=Verbose BuildPreferencePage_Default_KeyStore=Default debug keystore: +BuildPreferencePage_Default_Certificate_Fingerprint_MD5=MD5 fingerprint: +BuildPreferencePage_Default_Certificate_Fingerprint_SHA1=SHA1 fingerprint: BuildPreferencePage_Custom_Keystore=Custom debug keystore: +BuildPreferencePage_Custom_Certificate_Fingerprint_MD5=MD5 fingerprint: +BuildPreferencePage_Custom_Certificate_Fingerprint_SHA1=SHA1 fingerprint: LaunchPreferencePage_Title=Launch Settings: LaunchPreferencePage_Default_Emu_Options=Default emulator options: LaunchPreferencePage_Default_HOME_Package=Default HOME package: diff --git a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/utils/FingerprintUtils.java b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/utils/FingerprintUtils.java new file mode 100644 index 0000000..bfe301e --- /dev/null +++ b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/utils/FingerprintUtils.java @@ -0,0 +1,63 @@ +/* + * Copyright (C) 2008 The Android Open Source Project + * + * Licensed under the Eclipse Public License, Version 1.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.eclipse.org/org/documents/epl-v10.php + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.ide.eclipse.adt.internal.utils; + +import java.util.Locale; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.cert.Certificate; +import java.security.cert.CertificateEncodingException; + +public class FingerprintUtils { + + /** + * Returns the {@link Certificate} fingerprint as returned by <code>keytool</code>. + * + * @param certificate + * @param hashAlgorithm + */ + public static String getFingerprint(Certificate cert, String hashAlgorithm) { + if (cert == null) { + return null; + } + try { + MessageDigest digest = MessageDigest.getInstance(hashAlgorithm); + return toHexadecimalString(digest.digest(cert.getEncoded())); + } catch(NoSuchAlgorithmException e) { + // ignore + } catch(CertificateEncodingException e) { + // ignore + } + return null; + } + + private static String toHexadecimalString(byte[] value) { + StringBuffer sb = new StringBuffer(); + int len = value.length; + for (int i = 0; i < len; i++) { + int num = ((int) value[i]) & 0xff; + if (num < 0x10) { + sb.append('0'); + } + sb.append(Integer.toHexString(num)); + if (i < len - 1) { + sb.append(':'); + } + } + return sb.toString().toUpperCase(Locale.US); + } +}
\ No newline at end of file diff --git a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/wizards/export/ExportWizard.java b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/wizards/export/ExportWizard.java index d7ace9a..62090d4 100644 --- a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/wizards/export/ExportWizard.java +++ b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/wizards/export/ExportWizard.java @@ -18,6 +18,7 @@ package com.android.ide.eclipse.adt.internal.wizards.export; import com.android.annotations.Nullable; import com.android.ide.eclipse.adt.AdtPlugin; +import com.android.ide.eclipse.adt.internal.utils.FingerprintUtils; import com.android.ide.eclipse.adt.internal.preferences.AdtPrefs.BuildVerbosity; import com.android.ide.eclipse.adt.internal.project.ExportHelper; import com.android.ide.eclipse.adt.internal.project.ProjectHelper; @@ -271,6 +272,14 @@ public final class ExportWizard extends Wizard implements IExportWizard { if (entry != null) { mPrivateKey = entry.getPrivateKey(); mCertificate = (X509Certificate)entry.getCertificate(); + + AdtPlugin.printToConsole(mProject, + String.format("New keystore %s has been created.", + mDestinationFile.getAbsolutePath()), + "Certificate fingerprints:", + String.format(" MD5 : %s", getCertMd5Fingerprint()), + String.format(" SHA1: %s", getCertSha1Fingerprint())); + } else { // this really shouldn't happen since we now let the user choose the key // from a list read from the store. @@ -334,7 +343,8 @@ public final class ExportWizard extends Wizard implements IExportWizard { /* * (non-Javadoc) - * @see org.eclipse.ui.IWorkbenchWizard#init(org.eclipse.ui.IWorkbench, org.eclipse.jface.viewers.IStructuredSelection) + * @see org.eclipse.ui.IWorkbenchWizard#init(org.eclipse.ui.IWorkbench, + * org.eclipse.jface.viewers.IStructuredSelection) */ @Override public void init(IWorkbench workbench, IStructuredSelection selection) { @@ -478,6 +488,14 @@ public final class ExportWizard extends Wizard implements IExportWizard { return mDName; } + String getCertSha1Fingerprint() { + return FingerprintUtils.getFingerprint(mCertificate, "SHA1"); + } + + String getCertMd5Fingerprint() { + return FingerprintUtils.getFingerprint(mCertificate, "MD5"); + } + void setSigningInfo(PrivateKey privateKey, X509Certificate certificate) { mPrivateKey = privateKey; mCertificate = certificate; diff --git a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/wizards/export/KeyCheckPage.java b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/wizards/export/KeyCheckPage.java index 39ab258..c17f43e 100644 --- a/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/wizards/export/KeyCheckPage.java +++ b/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/wizards/export/KeyCheckPage.java @@ -57,6 +57,18 @@ import java.util.Calendar; */ final class KeyCheckPage extends ExportWizardPage { + private static final int REQUIRED_YEARS = 25; + + private static final String VALIDITY_WARNING = + "<p>Make sure the certificate is valid for the planned lifetime of the product.</p>" + + "<p>If the certificate expires, you will be forced to sign your application with " + + "a different one.</p>" + + "<p>Applications cannot be upgraded if their certificate changes from " + + "one version to another, forcing a full uninstall/install, which will make " + + "the user lose his/her data.</p>" + + "<p>Google Play(Android Market) currently requires certificates to be valid " + + "until 2033.</p>"; + private final ExportWizard mWizard; private PrivateKey mPrivateKey; private X509Certificate mCertificate; @@ -169,12 +181,8 @@ final class KeyCheckPage extends ExportWizardPage { String.format("<p>Certificate expires in %d years.</p>", validity)); - if (validity < 25) { - sb.append("<p>Make sure the certificate is valid for the planned lifetime of the product.</p>"); - sb.append("<p>If the certificate expires, you will be forced to sign your application with a different one.</p>"); - sb.append("<p>Applications cannot be upgraded if their certificate changes from one version to another, "); - sb.append("forcing a full uninstall/install, which will make the user lose his/her data.</p>"); - sb.append("<p>Android Market currently requires certificates to be valid until 2033.</p>"); + if (validity < REQUIRED_YEARS) { + sb.append(VALIDITY_WARNING); } mKeyDetails = sb.toString(); @@ -239,7 +247,7 @@ final class KeyCheckPage extends ExportWizardPage { int expirationYear = expirationCalendar.get(Calendar.YEAR); int thisYear = today.get(Calendar.YEAR); - if (thisYear + 25 < expirationYear) { + if (thisYear + REQUIRED_YEARS < expirationYear) { // do nothing } else { if (expirationYear == thisYear) { @@ -250,14 +258,19 @@ final class KeyCheckPage extends ExportWizardPage { "<p>The Certificate expires in %1$s %2$s.</p>", count, count == 1 ? "year" : "years")); } - - sb.append("<p>Make sure the certificate is valid for the planned lifetime of the product.</p>"); - sb.append("<p>If the certificate expires, you will be forced to sign your application with a different one.</p>"); - sb.append("<p>Applications cannot be upgraded if their certificate changes from one version to another, "); - sb.append("forcing a full uninstall/install, which will make the user lose his/her data.</p>"); - sb.append("<p>Android Market currently requires certificates to be valid until 2033.</p>"); + sb.append(VALIDITY_WARNING); } + // show certificate fingerprints + String sha1 = mWizard.getCertSha1Fingerprint(); + String md5 = mWizard.getCertMd5Fingerprint(); + + sb.append("<p></p>" /*blank line*/); + sb.append("<p>Certificate fingerprints:</p>"); + sb.append(String.format("<li>MD5 : %s</li>", md5)); + sb.append(String.format("<li>SHA1: %s</li>", sha1)); + sb.append("<p></p>" /*blank line*/); + mKeyDetails = sb.toString(); } } else { |