[wpr-go] Add support install test root CA on Android

web_page_replay_go/src/webpagereplay/adb_cert_installer.go

+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+package webpagereplay
+
+import (
+        "bytes"
+        "fmt"
+        "io/ioutil"
+        "os"
+        "os/exec"
+        "path/filepath"
+        "strings"
+)
+
+var (
+        // A temporary directory created to install a test root CA. This is used as a
+        // substititue for android system directory for root CA certs in bind mount.
+        androidTempCertDir = "/data/cacerts"
+
+        // Android system directory for root CA certs.
+        androidSystemCertDir = "/system/etc/security/cacerts"
+)
+
+// Runs the adb command.
+func adb(args ...string) error {
+        cmd := exec.Command("adb", args...)
+        fmt.Println(args)

[Tom Bergan, 2017/08/09 15:20:50]

Suggest cmd.Args here, as that will include "adb".

[xunjieli, 2017/08/09 15:51:31]

Done. Good idea! This is much more informative.

+        var out bytes.Buffer
+        cmd.Stdout = &out
+        if err := cmd.Run(); err != nil {
+                return err
+        }
+        fmt.Print(out.String())
+        return nil
+}
+
+// Runs the adb shell command.
+func adbShell(args ...string) error {
+        shellArgs := append([]string{"shell"}, args...)
+        return adb(shellArgs...)
+}
+
+// The issuer hash is used as filename for the installed cert.
+func getIssuerHashFileName(certPath string) (string, error) {
+        cmd := exec.Command("openssl", "x509", "-in", certPath, "-issuer_hash_old", "-noout")
+        var out bytes.Buffer
+        cmd.Stdout = &out
+        err := cmd.Run()
+        if err != nil {
+                return "", err
+        }
+        fmt.Print(out.String())
+        return strings.Trim(out.String(), "\r\n") + ".0", nil
+}
+
+// Formats the cert and returns the formatted cert.
+func formatCert(certPath string) (string, error) {
+        cmd := exec.Command("openssl", "x509", "-inform", "PEM", "-text", "-in", certPath)
+        var out bytes.Buffer
+        cmd.Stdout = &out
+        err := cmd.Run()
+        if err != nil {
+                return "", err
+        }
+        output := out.String()
+        index := strings.Index(output, "-----BEGIN CERTIFICATE")
+        return strings.Join([]string{output[index:], output[:index]}, ""), nil
+}
+
+func AdbInstallRoot(certPath string) error {
+        certPath = "newcert.pem"

[Tom Bergan, 2017/08/09 15:20:50]

Is this temporary code?

[xunjieli, 2017/08/09 15:51:31]

Done. Good catch!

+        var err error
+        issuerHashFileName, err := getIssuerHashFileName(certPath)
+        newCert, err := formatCert(certPath)
+        tmpdir, err := ioutil.TempDir("", "adb_install_root")
+        if err != nil {
+                return fmt.Errorf("cannot make tempdir: %v", err)
+        }
+        defer os.RemoveAll(tmpdir)
+        newCertFilePath := filepath.Join(tmpdir, issuerHashFileName)
+        if err = ioutil.WriteFile(newCertFilePath, []byte(newCert), 0666); err != nil {
+                return fmt.Errorf("failed to write to temp file %v", err)
+        }
+        if err = adbShell("mkdir", androidTempCertDir); err != nil {
+                return err
+        }
+        if err = adbShell("cp", androidSystemCertDir+"/*", androidTempCertDir); err != nil {
+                return err
+        }
+        if err = adbShell("mount", "-o", "bind", androidTempCertDir, androidSystemCertDir); err != nil {
+                return err
+        }
+        if err = adb("push", newCertFilePath, androidSystemCertDir); err != nil {
+                return err
+        }
+        return nil
+}
+
+func AdbUninstallRoot() error {
+        var err error
+        if err = adbShell("umount", androidSystemCertDir); err != nil {
+                return err
+        }
+        if err = adbShell("rm", "-r", androidTempCertDir); err != nil {
+                return err
+        }
+        return nil
+}