1# Copyright (C) 2021 The Android Open Source Project 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14 15load("@bazel_skylib//lib:paths.bzl", "paths") 16load("//build/bazel/product_config:product_variables_providing_rule.bzl", "ProductVariablesDepsInfo", "ProductVariablesInfo") 17 18ApexKeyInfo = provider( 19 "Info needed to sign APEX bundles", 20 fields = { 21 "private_key": "File containing the private key", 22 "public_key": "File containing the public_key", 23 }, 24) 25 26def _apex_key_rule_impl(ctx): 27 public_key = ctx.file.public_key 28 private_key = ctx.file.private_key 29 30 # If the DefaultAppCertificate directory is specified, then look for this 31 # key in that directory instead, with the exact same basenames for both the 32 # avbpubkey and pem files. 33 product_var_cert = ctx.attr._product_variables[ProductVariablesInfo].DefaultAppCertificate 34 cert_files_to_search = ctx.attr._product_variables[ProductVariablesDepsInfo].DefaultAppCertificateFiles 35 if product_var_cert and cert_files_to_search: 36 for f in cert_files_to_search: 37 if f.basename == ctx.file.public_key.basename: 38 public_key = f 39 elif f.basename == ctx.file.private_key.basename: 40 private_key = f 41 42 public_keyname = paths.split_extension(public_key.basename)[0] 43 private_keyname = paths.split_extension(private_key.basename)[0] 44 if public_keyname != private_keyname: 45 fail("public_key %s (keyname:%s) and private_key %s (keyname:%s) do not have same keyname" % ( 46 ctx.attr.public_key.label, 47 public_keyname, 48 ctx.attr.private_key.label, 49 private_keyname, 50 )) 51 52 return [ 53 ApexKeyInfo( 54 public_key = public_key, 55 private_key = private_key, 56 ), 57 ] 58 59_apex_key = rule( 60 implementation = _apex_key_rule_impl, 61 attrs = { 62 "private_key": attr.label(mandatory = True, allow_single_file = True), 63 "public_key": attr.label(mandatory = True, allow_single_file = True), 64 "_product_variables": attr.label( 65 default = "//build/bazel/product_config:product_vars", 66 ), 67 }, 68) 69 70def _get_key_label(label, name): 71 if label and name: 72 fail("Cannot use both {public,private}_key_name and {public,private}_key attributes together. " + 73 "Use only one of them.") 74 75 if label: 76 return label 77 78 # Ensure that the name references the calling package's local BUILD target 79 return ":" + name 80 81def apex_key( 82 name, 83 public_key = None, 84 private_key = None, 85 public_key_name = None, 86 private_key_name = None, 87 **kwargs): 88 # The keys are labels that point to either a file, or a target that provides 89 # a single file (e.g. a filegroup or rule that provides the key itself only). 90 _apex_key( 91 name = name, 92 public_key = _get_key_label(public_key, public_key_name), 93 private_key = _get_key_label(private_key, private_key_name), 94 **kwargs 95 ) 96