web_page_replay_go/src/webpagereplay/adb_cert_installer.go - Issue 2997573003: [wpr-go] Add support install test root CA on Android

Unified Diff: web_page_replay_go/src/webpagereplay/adb_cert_installer.go

Issue 2997573003: [wpr-go] Add support install test root CA on Android (Closed)

Patch Set: Created 3 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « web_page_replay_go/README.md ('k') | web_page_replay_go/src/webpagereplay/installroot.go » ('j') | web_page_replay_go/src/webpagereplay/installroot.go » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: web_page_replay_go/src/webpagereplay/adb_cert_installer.go

diff --git a/web_page_replay_go/src/webpagereplay/adb_cert_installer.go b/web_page_replay_go/src/webpagereplay/adb_cert_installer.go

new file mode 100644

index 0000000000000000000000000000000000000000..ba127924f5bc0cfe3a2e3d3fa4dea5703b7f44a9

--- /dev/null

+++ b/web_page_replay_go/src/webpagereplay/adb_cert_installer.go

@@ -0,0 +1,110 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+package webpagereplay

+import (

+ "bytes"

+ "fmt"

+ "io/ioutil"

+ "os"

+ "os/exec"

+ "path/filepath"

+ "strings"

+var (

+ // A temporary directory created to install a test root CA. This is used as a

+ // substititue for android system directory for root CA certs in bind mount.

+ androidTempCertDir = "/data/cacerts"

+ // Android system directory for root CA certs.

+ androidSystemCertDir = "/system/etc/security/cacerts"

+// Runs the adb command.

+func adb(args ...string) error {

+ cmd := exec.Command("adb", args...)

+ fmt.Println(args)

Tom Bergan 2017/08/09 15:20:50 Suggest cmd.Args here, as that will include "adb".

xunjieli 2017/08/09 15:51:31 Done. Good idea! This is much more informative.

+ var out bytes.Buffer

+ cmd.Stdout = &out

+ if err := cmd.Run(); err != nil {

+ return err

+ }

+ fmt.Print(out.String())

+ return nil

+// Runs the adb shell command.

+func adbShell(args ...string) error {

+ shellArgs := append([]string{"shell"}, args...)

+ return adb(shellArgs...)

+// The issuer hash is used as filename for the installed cert.

+func getIssuerHashFileName(certPath string) (string, error) {

+ cmd := exec.Command("openssl", "x509", "-in", certPath, "-issuer_hash_old", "-noout")

+ var out bytes.Buffer

+ cmd.Stdout = &out

+ err := cmd.Run()

+ if err != nil {

+ return "", err

+ }

+ fmt.Print(out.String())

+ return strings.Trim(out.String(), "\r\n") + ".0", nil

+// Formats the cert and returns the formatted cert.

+func formatCert(certPath string) (string, error) {

+ cmd := exec.Command("openssl", "x509", "-inform", "PEM", "-text", "-in", certPath)

+ var out bytes.Buffer

+ cmd.Stdout = &out

+ err := cmd.Run()

+ if err != nil {

+ return "", err

+ }

+ output := out.String()

+ index := strings.Index(output, "-----BEGIN CERTIFICATE")

+ return strings.Join([]string{output[index:], output[:index]}, ""), nil

+func AdbInstallRoot(certPath string) error {

+ certPath = "newcert.pem"

Tom Bergan 2017/08/09 15:20:50 Is this temporary code?

xunjieli 2017/08/09 15:51:31 Done. Good catch!

+ var err error

+ issuerHashFileName, err := getIssuerHashFileName(certPath)

+ newCert, err := formatCert(certPath)

+ tmpdir, err := ioutil.TempDir("", "adb_install_root")

+ if err != nil {

+ return fmt.Errorf("cannot make tempdir: %v", err)

+ }

+ defer os.RemoveAll(tmpdir)

+ newCertFilePath := filepath.Join(tmpdir, issuerHashFileName)

+ if err = ioutil.WriteFile(newCertFilePath, []byte(newCert), 0666); err != nil {

+ return fmt.Errorf("failed to write to temp file %v", err)

+ }

+ if err = adbShell("mkdir", androidTempCertDir); err != nil {

+ return err

+ }

+ if err = adbShell("cp", androidSystemCertDir+"/*", androidTempCertDir); err != nil {

+ return err

+ }

+ if err = adbShell("mount", "-o", "bind", androidTempCertDir, androidSystemCertDir); err != nil {

+ return err

+ }

+ if err = adb("push", newCertFilePath, androidSystemCertDir); err != nil {

+ return err

+ }

+ return nil

+func AdbUninstallRoot() error {

+ var err error

+ if err = adbShell("umount", androidSystemCertDir); err != nil {

+ return err

+ }

+ if err = adbShell("rm", "-r", androidTempCertDir); err != nil {

+ return err

+ }

+ return nil

« no previous file with comments | « web_page_replay_go/README.md ('k') | web_page_replay_go/src/webpagereplay/installroot.go » ('j') | web_page_replay_go/src/webpagereplay/installroot.go » ('J')