Class: Fastlane::Actions::MatchAndroidAction
- Inherits:
-
Action
- Object
- Action
- Fastlane::Actions::MatchAndroidAction
- Defined in:
- lib/fastlane/plugin/match_android/actions/match_android_action.rb
Constant Summary collapse
- KEY_VERSION =
"2"- OPENSSL_BIN_PATH_MAC =
"/usr/local/opt/[email protected]/bin"
Class Method Summary collapse
- .assert_equals(test_name, excepted, value) ⇒ Object
- .authors ⇒ Object
- .available_options ⇒ Object
- .check_ssl_version(forceOpenSSL) ⇒ Object
- .content_to_file(file_path, content) ⇒ Object
- .decrypt_file(encrypt_file, clear_file, key_path, forceOpenSSL) ⇒ Object
- .description ⇒ Object
- .details ⇒ Object
- .encrypt_file(clear_file, encrypt_file, key_path, forceOpenSSL) ⇒ Object
- .gen_key(key_path, password, compat_key) ⇒ Object
- .get_android_home ⇒ Object
- .get_build_tools(targeted_version) ⇒ Object
- .get_build_tools_version(targeted_version) ⇒ Object
- .get_file_content(file_path) ⇒ Object
- .is_libre_ssl(forceOpenSSL) ⇒ Object
- .is_supported?(platform) ⇒ Boolean
- .load_json(json_path) ⇒ Object
- .load_properties(properties_filename) ⇒ Object
- .openssl(forceOpenSSL) ⇒ Object
- .output ⇒ Object
- .prompt2(params) ⇒ Object
- .resolve_aab_path(aab_path) ⇒ Object
- .resolve_apk_path(apk_path) ⇒ Object
- .resolve_dir(path) ⇒ Object
- .resolve_file(path) ⇒ Object
- .return_value ⇒ Object
- .run(params) ⇒ Object
- .sha512(value) ⇒ Object
- .sign_aab(aab_path, keystore_path, key_password, alias_name, alias_password) ⇒ Object
- .sign_apk(apk_path, keystore_path, key_password, alias_name, alias_password, zip_align, version_targeted) ⇒ Object
- .test_security ⇒ Object
- .to_md5(value) ⇒ Object
Class Method Details
.assert_equals(test_name, excepted, value) ⇒ Object
163 164 165 166 167 168 169 170 171 172 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 163 def self.assert_equals(test_name, excepted, value) puts "Unit Test: #{test_name}" if value != excepted puts " - Excepted: #{excepted}" puts " - Returned: #{value}" raise "Unit Test - #{test_name} error!" else puts " - OK" end end |
.authors ⇒ Object
693 694 695 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 693 def self. ["Christopher NEY", "Simon Scherzinger"] end |
.available_options ⇒ Object
715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 715 def self. [ FastlaneCore::ConfigItem.new(key: :git_url, env_name: "MATCH_ANDROID_GIT_URL", description: "The URL of the Git repository (Github, BitBucket...)", optional: false, type: String), FastlaneCore::ConfigItem.new(key: :package_name, env_name: "MATCH_ANDROID_PACKAGE_NAME", description: "The package name of the App", optional: false, type: String), FastlaneCore::ConfigItem.new(key: :apk_path, env_name: "MATCH_ANDROID_APK_PATH", description: "Path of the APK file to sign", optional: true, type: String), FastlaneCore::ConfigItem.new(key: :aab_path, env_name: "MATCH_ANDROID_AAB_PATH", description: "Path of the AAB file to sign", optional: true, type: String), FastlaneCore::ConfigItem.new(key: :match_secret, env_name: "MATCH_ANDROID_SECRET", description: "Secret to decrypt keystore.properties file (CI)", optional: true, type: String), FastlaneCore::ConfigItem.new(key: :existing_keystore, env_name: "MATCH_ANDROID_EXISTING", description: "Path of an existing Keystore", optional: true, type: String), FastlaneCore::ConfigItem.new(key: :override_keystore, env_name: "MATCH_ANDROID_OVERRIDE", description: "Override an existing Keystore (false by default)", optional: true, type: Boolean), FastlaneCore::ConfigItem.new(key: :keystore_data, env_name: "MATCH_ANDROID_JSON_PATH", description: "Required data to import an existing keystore, or create a new one", optional: true, type: String), FastlaneCore::ConfigItem.new(key: :build_tools_version, env_name: "MATCH_ANDROID_BUILD_TOOLS_VERSION", description: "Set built-tools version (by default latest available on machine)", optional: true, type: String), FastlaneCore::ConfigItem.new(key: :zip_align, env_name: "MATCH_ANDROID_ZIPALIGN", description: "Define if plugin will run zipalign on APK before sign it (true by default)", optional: true, type: Boolean), FastlaneCore::ConfigItem.new(key: :compat_key, env_name: "MATCH_ANDROID_COMPAT_KEY", description: "Define the compatibility key version used on local machine (nil by default)", optional: true, type: String), FastlaneCore::ConfigItem.new(key: :clear_keystore, env_name: "MATCH_ANDROID_CLEAR", description: "Clear the local keystore (false by default)", optional: true, type: Boolean), FastlaneCore::ConfigItem.new(key: :unit_test, env_name: "MATCH_ANDROID_UNIT_TESTS", description: "launch Unit Tests (false by default)", optional: true, type: Boolean) ] end |
.check_ssl_version(forceOpenSSL) ⇒ Object
92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 92 def self.check_ssl_version(forceOpenSSL) libressl_min = '2.9' openssl_min = '1.1.1' openssl = self.openssl(forceOpenSSL) output = `#{openssl} version` if !output.start_with?("LibreSSL") && !output.start_with?("OpenSSL") raise "Please install OpenSSL '#{openssl_min}' at least OR LibreSSL #{libressl_min}' at least" end UI.("SSL/TLS protocol library: '#{output.strip!}'") # Check minimum verion: version = output.to_str.scan(/[0-9\.]{1,}/).first UI.("SSL/TLS protocol version: '#{version}'") if self.is_libre_ssl(forceOpenSSL) if Gem::Version.new(version) < Gem::Version.new(libressl_min) raise "Minimum version for LibreSSL is '#{libressl_min}' (you're on '#{version}'), please update it." end else if Gem::Version.new(version) < Gem::Version.new(openssl_min) raise "Minimum version for OpenSSL is '#{openssl_min}' (you're on '#{version}'), please update it." end end output.strip end |
.content_to_file(file_path, content) ⇒ Object
332 333 334 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 332 def self.content_to_file(file_path, content) `echo #{content} > #{file_path}` end |
.decrypt_file(encrypt_file, clear_file, key_path, forceOpenSSL) ⇒ Object
156 157 158 159 160 161 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 156 def self.decrypt_file(encrypt_file, clear_file, key_path, forceOpenSSL) `rm -f '#{clear_file}'` libre_ssl = self.is_libre_ssl(forceOpenSSL) openssl_bin = self.openssl(forceOpenSSL) `#{openssl_bin} enc -d -aes-256-cbc -pbkdf2 -in '#{encrypt_file}' -out '#{clear_file}' -pass file:'#{key_path}'` end |
.description ⇒ Object
689 690 691 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 689 def self.description "Easily sync your Android keystores across your team" end |
.details ⇒ Object
710 711 712 713 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 710 def self.details # Optional: "This way, your entire team can use the same account and have one code signing identity without any manual work or confusion." end |
.encrypt_file(clear_file, encrypt_file, key_path, forceOpenSSL) ⇒ Object
149 150 151 152 153 154 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 149 def self.encrypt_file(clear_file, encrypt_file, key_path, forceOpenSSL) `rm -f '#{encrypt_file}'` libre_ssl = self.is_libre_ssl(forceOpenSSL) openssl_bin = self.openssl(forceOpenSSL) `#{openssl_bin} enc -aes-256-cbc -salt -pbkdf2 -in '#{clear_file}' -out '#{encrypt_file}' -pass file:'#{key_path}'` end |
.gen_key(key_path, password, compat_key) ⇒ Object
138 139 140 141 142 143 144 145 146 147 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 138 def self.gen_key(key_path, password, compat_key) `rm -f '#{key_path}'` shaValue = self.sha512(password) # Backward-compatibility if compat_key == "1" `echo "#{password}" | openssl dgst -sha512 | awk '{print $2}' | cut -c1-128 > '#{key_path}'` else `echo "#{shaValue}" > '#{key_path}'` end end |
.get_android_home ⇒ Object
56 57 58 59 60 61 62 63 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 56 def self.get_android_home `rm -f android_home.txt` `echo $ANDROID_HOME > android_home.txt` data = File.read("android_home.txt") android_home = data.strip `rm -f android_home.txt` android_home end |
.get_build_tools(targeted_version) ⇒ Object
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 71 def self.get_build_tools(targeted_version) android_home = self.get_android_home() build_tools_root = File.join(android_home, '/build-tools') build_tools_path = "" if !targeted_version.to_s.strip.empty? build_tools_path = File.join(build_tools_root, "/#{targeted_version}/") end if !File.directory?(build_tools_path) sub_dirs = Dir.glob(File.join(build_tools_root, '*', '')) build_tools_last_version = '' for sub_dir in sub_dirs build_tools_last_version = sub_dir end build_tools_path = build_tools_last_version end build_tools_path end |
.get_build_tools_version(targeted_version) ⇒ Object
65 66 67 68 69 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 65 def self.get_build_tools_version(targeted_version) path = self.get_build_tools(targeted_version) version = path.split('/').last version end |
.get_file_content(file_path) ⇒ Object
336 337 338 339 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 336 def self.get_file_content(file_path) data = File.read(file_path) data end |
.is_libre_ssl(forceOpenSSL) ⇒ Object
128 129 130 131 132 133 134 135 136 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 128 def self.is_libre_ssl(forceOpenSSL) result = false openssl = self.openssl(forceOpenSSL) output = `#{openssl} version` if output.start_with?("LibreSSL") result = true end result end |
.is_supported?(platform) ⇒ Boolean
785 786 787 788 789 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 785 def self.is_supported?(platform) # Adjust this if your plugin only works for a particular platform (iOS vs. Android, for example) # See: https://docs.fastlane.tools/advanced/#control-configuration-by-lane-and-by-platform [:android].include?(platform) end |
.load_json(json_path) ⇒ Object
32 33 34 35 36 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 32 def self.load_json(json_path) file = File.read(json_path) data_hash = JSON.parse(file) data_hash end |
.load_properties(properties_filename) ⇒ Object
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 38 def self.load_properties(properties_filename) properties = {} File.open(properties_filename, 'r') do |properties_file| properties_file.read.each_line do |line| line.strip! if (line[0] != ?# and line[0] != ?=) i = line.index('=') if (i) properties[line[0..i - 1].strip] = line[i + 1..-1].strip else properties[line] = '' end end end end properties end |
.openssl(forceOpenSSL) ⇒ Object
119 120 121 122 123 124 125 126 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 119 def self.openssl(forceOpenSSL) if forceOpenSSL output = "#{self::OPENSSL_BIN_PATH_MAC}/openssl" else output = "openssl" end output end |
.output ⇒ Object
701 702 703 704 705 706 707 708 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 701 def self.output [ ['MATCH_ANDROID_PATH', 'File path of the Keystore fot the App.'], ['MATCH_ANDROID_ALIAS_NAME', 'Keystore Alias Name.'], ['MATCH_ANDROID_APK_SIGNED', 'Path of the signed APK.'], ['MATCH_ANDROID_AAB_SIGNED', 'Path of the signed AAB.'] ] end |
.prompt2(params) ⇒ Object
397 398 399 400 401 402 403 404 405 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 397 def self.prompt2(params) # UI.message("prompt2: #{params[:value]}") if params[:value].to_s.empty? return_value = other_action.prompt(text: params[:text], secure_text: params[:secure_text], ci_input: params[:ci_input]) else return_value = params[:value] end return_value end |
.resolve_aab_path(aab_path) ⇒ Object
341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 341 def self.resolve_aab_path(aab_path) # Set default AAB path if not set: if aab_path.to_s.strip.empty? aab_path = '/app/build/outputs/bundle/release/' end if !aab_path.to_s.end_with?('.aab') aab_path = self.resolve_dir(aab_path) pattern = File.join(aab_path, '*.aab') files = Dir[pattern] for file in files if file.to_s.end_with?('.aab') && !file.to_s.end_with?("-signed.aab") apk_path = file break end end else aab_path = self.resolve_file(aab_path) end aab_path end |
.resolve_apk_path(apk_path) ⇒ Object
369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 369 def self.resolve_apk_path(apk_path) # Set default APK path if not set: if apk_path.to_s.strip.empty? apk_path = '/app/build/outputs/apk/' end if !apk_path.to_s.end_with?(".apk") apk_path = self.resolve_dir(apk_path) pattern = File.join(apk_path, '*.apk') files = Dir[pattern] for file in files if file.to_s.end_with?(".apk") && !file.to_s.end_with?("-signed.apk") apk_path = file break end end else apk_path = self.resolve_file(apk_path) end apk_path end |
.resolve_dir(path) ⇒ Object
318 319 320 321 322 323 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 318 def self.resolve_dir(path) if !File.directory?(path) path = File.join(Dir.pwd, path) end path end |
.resolve_file(path) ⇒ Object
325 326 327 328 329 330 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 325 def self.resolve_file(path) if !File.file?(path) path = File.join(Dir.pwd, path) end path end |
.return_value ⇒ Object
697 698 699 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 697 def self.return_value "Prepare Keystore local path, alias name, and passwords for the specified App." end |
.run(params) ⇒ Object
407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 407 def self.run(params) # Get input parameters: git_url = params[:git_url] package_name = params[:package_name] apk_path = params[:apk_path] aab_path = params[:aab_path] existing_keystore = params[:existing_keystore] match_secret = params[:match_secret] override_keystore = params[:override_keystore] keystore_data = params[:keystore_data] clear_keystore = params[:clear_keystore] unit_test = params[:unit_test] build_tools_version = params[:build_tools_version] zip_align = params[:zip_align] compat_key = params[:compat_key] # Test OpenSSL/LibreSSL if unit_test result_test = self.test_security exit! end # Init constants: keystore_name = 'keystore.jks' properties_name = 'keystore.properties' keystore_info_name = 'keystore.txt' properties_encrypt_name = 'keystore.properties.enc' # Check Android Home env: android_home = self.get_android_home() UI.("Android SDK: #{android_home}") if android_home.to_s.strip.empty? raise "The environment variable ANDROID_HOME is not defined, or Android SDK is not installed!" end # Check OpenSSL: self.check_ssl_version(false) # Check is backward-compatibility is required: if !compat_key.to_s.strip.empty? UI.("Compatiblity version: #{compat_key}") end # Init workign local directory: dir_name = ENV['HOME'] + '/.match_android' unless File.directory?(dir_name) UI.("Creating '.match_android' working directory...") FileUtils.mkdir_p(dir_name) end # Init 'security password' for AES encryption: if compat_key == "1" key_name = "#{self.to_md5(git_url)}.hex" else key_name = "#{self.to_md5(git_url)}-#{self::KEY_VERSION}.hex" end key_path = File.join(dir_name, key_name) # UI.message(key_path) if !File.file?(key_path) security_password = self.prompt2(text: "Security password: ", secure_text: true, value: match_secret) if security_password.to_s.strip.empty? raise "Security password is not defined! Please use 'match_secret' parameter for CI." end UI. "Generating security key '#{key_name}'..." self.gen_key(key_path, security_password, compat_key) end # Check is 'security password' is well initialized: tmpkey = self.get_file_content(key_path).strip if tmpkey.length == 128 UI. "Security key '#{key_name}' initialized" else raise "The security key '#{key_name}' is malformed, or not initialized!" end # Clear repo Keystore (local) - mostly for testing: repo_dir = File.join(dir_name, self.to_md5(git_url)) if clear_keystore && File.directory?(repo_dir) FileUtils.rm_rf(repo_dir) UI.("Local repo keystore (#{repo_dir}) directory deleted!") end # Create repo directory to sync remote Keystores repository: unless File.directory?(repo_dir) UI.("Creating 'repo' directory...") FileUtils.mkdir_p(repo_dir) end # Check if package name defined: if package_name.to_s.strip.empty? raise "Package name is not defined!" end # Define paths: keystoreAppDir = File.join(repo_dir, package_name) keystore_path = File.join(keystoreAppDir, keystore_name) properties_path = File.join(keystoreAppDir, properties_name) properties_encrypt_path = File.join(keystoreAppDir, properties_encrypt_name) # Cloning/pulling GIT remote repository: gitDir = File.join(repo_dir, '/.git') if !File.directory?(gitDir) UI.("Cloning remote Keystores repository...") `git clone #{git_url} #{repo_dir}` else UI.("Pulling remote Keystores repository...") `cd #{repo_dir} && git pull` end # Load parameters from JSON for CI or Unit Tests: if keystore_data != nil && File.file?(keystore_data) data_json = self.load_json(keystore_data) data_key_password = data_json['key_password'] data_alias_name = data_json['alias_name'] data_alias_password = data_json['alias_password'] data_full_name = data_json['full_name'] data_org_unit = data_json['org_unit'] data_org = data_json['org'] data_city_locality = data_json['city_locality'] data_state_province = data_json['state_province'] data_country = data_json['country'] end # Create keystore with command override_keystore = !existing_keystore.to_s.strip.empty? && File.file?(existing_keystore) UI.("Existing Keystore: #{existing_keystore}") if !File.file?(keystore_path) || override_keystore if File.file?(keystore_path) FileUtils.remove_dir(keystore_path) end key_password = self.prompt2(text: "Keystore Password: ", value: data_key_password) if key_password.to_s.strip.empty? raise "Keystore Password is not definined!" end alias_name = self.prompt2(text: "Keystore Alias name: ", value: data_alias_name) if alias_name.to_s.strip.empty? raise "Keystore Alias name is not definined!" end alias_password = self.prompt2(text: "Keystore Alias password: ", value: data_alias_password) if alias_password.to_s.strip.empty? raise "Keystore Alias password is not definined!" end # https://developer.android.com/studio/publish/app-signing if existing_keystore.to_s.strip.empty? || !File.file?(existing_keystore) UI.("Generating Android Keystore...") full_name = self.prompt2(text: "Certificate First and Last Name: ", value: data_full_name) org_unit = self.prompt2(text: "Certificate Organisation Unit: ", value: data_org_unit) org = self.prompt2(text: "Certificate Organisation: ", value: data_org) city_locality = self.prompt2(text: "Certificate City or Locality: ", value: data_city_locality) state_province = self.prompt2(text: "Certificate State or Province: ", value: data_state_province) country = self.prompt2(text: "Certificate Country Code (XX): ", value: data_country) # Make sure the directory exists FileUtils.mkdir_p keystoreAppDir keytool_parts = [ "keytool -genkey -v", "-keystore '#{keystore_path}'", "-alias '#{alias_name}'", "-keyalg RSA -keysize 2048 -validity 10000", "-storepass '#{alias_password}'", "-keypass '#{key_password}'", "-dname \"CN=#{full_name}, OU=#{org_unit}, O=#{org}, L=#{city_locality}, S=#{state_province}, C=#{country}\"", ] sh keytool_parts.join(" ") else UI.("Copy existing keystore to match_android repository...") `cp #{existing_keystore} #{keystore_path}` end UI.("Generating Keystore properties...") if File.file?(properties_path) FileUtils.remove_dir(properties_path) end # Build URL: store_file = git_url + '/' + package_name + '/' + keystore_name out_file = File.new(properties_path, "w") out_file.puts("keyFile=#{store_file}") out_file.puts("keyPassword=#{key_password}") out_file.puts("aliasName=#{alias_name}") out_file.puts("aliasPassword=#{alias_password}") out_file.close self.encrypt_file(properties_path, properties_encrypt_path, key_path, false) File.delete(properties_path) # Print Keystore data in repo: keystore_info_path = File.join(keystoreAppDir, keystore_info_name) `yes "" | keytool -list -v -keystore '#{keystore_path}' -storepass '#{key_password}' > '#{keystore_info_path}'` UI.("Upload new Keystore to remote repository...") puts '' `cd '#{repo_dir}' && git add .` `cd '#{repo_dir}' && git commit -m "[ADD] Keystore for app '#{package_name}'."` `cd '#{repo_dir}' && git push` puts '' else UI. "Keystore file already exists, continue..." self.decrypt_file(properties_encrypt_path, properties_path, key_path, false) properties = self.load_properties(properties_path) # Pry::ColorPrinter.pp(properties) key_password = properties['keyPassword'] alias_name = properties['aliasName'] alias_password = properties['aliasPassword'] File.delete(properties_path) end # Sign APK: if apk_path && File.file?(apk_path) UI.("APK to sign: " + apk_path) # Resolve path to the APK to sign: output_signed_apk = '' apk_path = self.resolve_apk_path(apk_path) if File.file?(keystore_path) UI.("Signing the APK...") puts '' output_signed_apk = self.sign_apk( apk_path, keystore_path, key_password, alias_name, alias_password, zip_align, # Zip align build_tools_version # Buil-tools version ) puts '' end # Prepare contect shared values for next lanes: Actions.lane_context[SharedValues::MATCH_ANDROID_PATH] = keystore_path Actions.lane_context[SharedValues::MATCH_ANDROID_ALIAS_NAME] = alias_name Actions.lane_context[SharedValues::MATCH_ANDROID_APK_SIGNED] = output_signed_apk output_signed_apk # Sign AAB elsif aab_path && File.file?(aab_path) UI.('AAB to sign: '+ aab_path) # Resolve path to the AAB to sign: output_signed_aab = '' aab_path = self.resolve_aab_path(aab_path) if File.file?(keystore_path) UI.("Signing the AAB...") puts '' output_signed_aab = self.sign_aab( aab_path, keystore_path, key_password, alias_name, alias_password ) puts '' end # Prepare contect shared values for next lanes: Actions.lane_context[SharedValues::MATCH_ANDROID_PATH] = keystore_path Actions.lane_context[SharedValues::MATCH_ANDROID_ALIAS_NAME] = alias_name Actions.lane_context[SharedValues::MATCH_ANDROID_AAB_SIGNED] = output_signed_aab output_signed_aab else UI.("No APK or AAB file found") end end |
.sha512(value) ⇒ Object
27 28 29 30 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 27 def self.sha512(value) hash_value = Digest::SHA512.hexdigest value hash_value end |
.sign_aab(aab_path, keystore_path, key_password, alias_name, alias_password) ⇒ Object
302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 302 def self.sign_aab(aab_path, keystore_path, key_password, alias_name, alias_password) aab_path_signed = aab_path.gsub('.aab', '-signed.aab') aab_path_signed = aab_path_signed.gsub('unsigned', '') aab_path_signed = aab_path_signed.gsub('--', '-') `rm -f '#{aab_path_signed}'` UI.("Signing AAB (input): #{aab_path}") aabsigner_opts = "" output = `jarsigner -keystore '#{keystore_path}' -storepass '#{key_password}' -keypass '#{alias_password}' -signedjar '#{aab_path_signed}' '#{aab_path}' '#{alias_name}'` puts "" puts output aab_path_signed end |
.sign_apk(apk_path, keystore_path, key_password, alias_name, alias_password, zip_align, version_targeted) ⇒ Object
251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 251 def self.sign_apk(apk_path, keystore_path, key_password, alias_name, alias_password, zip_align, version_targeted) build_tools_path = self.get_build_tools(version_targeted) UI.("Build-tools path: #{build_tools_path}") # https://developer.android.com/studio/command-line/apksigner apk_path_signed = apk_path.gsub(".apk", "-signed.apk") apk_path_signed = apk_path_signed.gsub("unsigned", "") apk_path_signed = apk_path_signed.gsub("--", "-") `rm -f '#{apk_path_signed}'` UI.("Signing APK (input): #{apk_path}") apksigner_opts = "" build_tools_version = self.get_build_tools_version(version_targeted) UI.("Build-tools version: #{build_tools_version}") if Gem::Version.new(build_tools_version) >= Gem::Version.new('30') apksigner_opts = "--v4-signing-enabled false " end output = `#{build_tools_path}apksigner sign --ks '#{keystore_path}' --ks-key-alias '#{alias_name}' --ks-pass pass:'#{key_password}' --key-pass pass:'#{alias_password}' --v1-signing-enabled true --v2-signing-enabled true #{apksigner_opts}--out '#{apk_path_signed}' '#{apk_path}'` puts "" puts output UI.("Verifing APK signature (output): #{apk_path_signed}") output = `#{build_tools_path}apksigner verify '#{apk_path_signed}'` puts "" puts output # https://developer.android.com/studio/command-line/zipalign if zip_align != false apk_path_aligned = apk_path_signed.gsub(".apk", "-aligned.apk") `rm -f '#{apk_path_aligned}'` UI.("Aligning APK (zipalign): #{apk_path_signed}") output = `#{build_tools_path}zipalign -v 4 '#{apk_path_signed}' '#{apk_path_aligned}'` puts "" puts output if !File.file?(apk_path_aligned) raise "Aligned APK not exists!" end `rm -f '#{apk_path_signed}'` apk_path_signed = apk_path_aligned else UI.("No zip align - deactivated via parameter!") end apk_path_signed end |
.test_security ⇒ Object
174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 174 def self.test_security self.check_ssl_version(false) # Clear temp files temp_dir = File.join(Dir.pwd, '/temp/') FileUtils.rm_rf(temp_dir) Dir.mkdir(temp_dir) fakeValue = "4esfsf4dsfds!efs5ZDOJF" # Check MD5 md5value = self.to_md5(fakeValue) excepted = "1c815cd208fe08076c9e7b6595d121d1" self.assert_equals("MD5", excepted, md5value) # Check SHA-512 shaValue = self.sha512(fakeValue) excepted = "cc6a7b0d89cc61c053f7018a305672bdb82bc07e5015f64bb063d9662be4ec81ec8afa819b009de266482b6bd56b7068def2524c32f5b5d4d9db49ee4578499d" self.assert_equals("SHA-512", excepted, shaValue) # Check SHA-512-File key_path = File.join(Dir.pwd, '/temp/key.txt') self.gen_key(key_path, fakeValue, false) shaValue = self.get_file_content(key_path).strip! excepted = "cc6a7b0d89cc61c053f7018a305672bdb82bc07e5015f64bb063d9662be4ec81ec8afa819b009de266482b6bd56b7068def2524c32f5b5d4d9db49ee4578499d" self.assert_equals("SHA-512-File", excepted, shaValue) # Check LibreSSL result = self.is_libre_ssl(false) self.assert_equals("Is-LibreSSL", true, result) result = self.is_libre_ssl(true) self.assert_equals("Is-LibreSSL", false, result) # Encrypt OpenSSL clear_file = File.join(Dir.pwd, '/temp/clear.txt') openssl_encrypt_file = File.join(Dir.pwd, '/temp/openssl_encrypted.txt') self.content_to_file(clear_file, fakeValue) self.encrypt_file(clear_file, openssl_encrypt_file, key_path, true) result = File.file?(openssl_encrypt_file) && File.size(openssl_encrypt_file) > 10 self.assert_equals("Encrypt-OpenSSL", true, result) # Encrypt LibreSSL encrypt_file_libre = File.join(Dir.pwd, '/temp/libressl_encrypted.txt') self.content_to_file(clear_file, fakeValue) self.encrypt_file(clear_file, encrypt_file_libre, key_path, false) result = File.file?(encrypt_file_libre) && File.size(encrypt_file_libre) > 10 self.assert_equals("Encrypt-LibreSSL", true, result) # exit! # Decrypt OpenSSL (from OpenSSL) openssl_clear_file = File.join(Dir.pwd, '/temp/openssl_clear.txt') self.decrypt_file(openssl_encrypt_file, openssl_clear_file, key_path, true) decrypted = self.get_file_content(openssl_clear_file).strip! self.assert_equals("Decrypt-OpenSSL", fakeValue, decrypted) # Decrypt LibreSSL (from LibreSSL) libressl_clear_file = File.join(Dir.pwd, '/temp/libressl_clear.txt') self.decrypt_file(encrypt_file_libre, libressl_clear_file, key_path, false) decrypted = self.get_file_content(libressl_clear_file).strip! self.assert_equals("Decrypt-LibreSSL", fakeValue, decrypted) # Decrypt LibreSSL (from OpenSSL) libressl_clear_file = File.join(Dir.pwd, '/temp/libressl_from_openssl_clear.txt') self.decrypt_file(openssl_encrypt_file, libressl_clear_file, key_path, false) decrypted = self.get_file_content(libressl_clear_file).strip! self.assert_equals("Decrypt-LibreSSL-from-OpenSSL", fakeValue, decrypted) # Decrypt OpenSSL (from LibreSSL) openssl_clear_file = File.join(Dir.pwd, '/temp/openssl_from_libressl_clear.txt') self.decrypt_file(encrypt_file_libre, openssl_clear_file, key_path, true) decrypted = self.get_file_content(openssl_clear_file).strip! self.assert_equals("Decrypt-OpenSSL-from-LibreSSL", fakeValue, decrypted) end |
.to_md5(value) ⇒ Object
22 23 24 25 |
# File 'lib/fastlane/plugin/match_android/actions/match_android_action.rb', line 22 def self.to_md5(value) hash_value = Digest::MD5.hexdigest value hash_value end |