add a script for displaying certificates in application package

Change-Id: I7289189aa81acfb572256cb4e7dd022a1a2ac2ea
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>

diff --git a/tools/showappcerts.py b/tools/showappcerts.py
new file mode 100644 (file)
index 0000000..3687710
--- /dev/null
+++ b/tools/showappcerts.py
@@ -0,0 +1,97 @@
+############################################################
+#
+# This script displays certificates of application package.
+# This script works on machich with python and openssl
+# To run this, type like below
+#    python showappcerts.py app_file_path
+#
+############################################################
+
+# importing required modules
+import sys
+from zipfile import ZipFile
+import xml.etree.ElementTree as ET
+import os
+from subprocess import call
+
+
+# define function to display usage and exit
+def displayUsageExit() :
+    print('python ' + sys.argv[0] + ' app_file_path')
+    exit(1)
+
+
+# define function to create cert file
+def writeCertFile(filename, content) :
+    f = open(filename, 'w')
+    f.write(content)
+    f.close()
+
+
+# define function to display cert file
+def showCertFile(filename) :
+    call(['openssl', 'x509', '-text', '-in', filename])
+
+
+# define function to display cert files in signature file
+def showCerts(title, sigfilename) :
+    # Extracting Certificates
+    namespaces = {'NS': 'http://www.w3.org/2000/09/xmldsig#'}
+
+    sigroot = ET.parse(sigfilename).getroot()
+    x509data = sigroot.find('NS:KeyInfo/NS:X509Data', namespaces)
+    certtext0 = x509data.find('NS:X509Certificate[0]', namespaces).text.strip()
+    certtext1 = x509data.find('NS:X509Certificate[1]', namespaces).text.strip()
+
+    CERTPFX = '-----BEGIN CERTIFICATE-----\n'
+    CERTSFX = '\n-----END CERTIFICATE-----'
+
+    cert0 = CERTPFX + certtext0 + CERTSFX
+    cert1 = CERTPFX + certtext1 + CERTSFX
+
+    prefix = os.path.splitext(sigfilename)[0]
+
+    fcert0 = prefix + '_cert0.pem'
+    fcert1 = prefix + '_cert1.pem'
+    writeCertFile(fcert0, cert0)
+    writeCertFile(fcert1, cert1)
+
+    separator1 = '#########################################################'
+    separator2 = '========================================================='
+
+    print(separator1)
+    print(title + " : " + sigfilename)
+    print(separator1)
+    print('')
+
+    print(separator2)
+    print('FIRST CERTIFICATE')
+    print(separator2)
+    showCertFile(fcert0)
+    print('')
+    print(separator2)
+    print('SECOND CERTIFICATE')
+    print(separator2)
+    showCertFile(fcert1)
+    print('')
+
+
+# check input parameter
+if len(sys.argv) != 2 :
+    displayUsageExit()
+
+# specifying the zip file name
+file_name = sys.argv[1]
+
+# opening the zip file in READ mode
+with ZipFile(file_name, 'r') as zip:
+    authsig = zip.extract('author-signature.xml')
+    distsig = zip.extract('signature1.xml')
+
+# check existence of signature files in appplication package
+if (not authsig) or (not distsig) :
+    displayUsageExit()
+
+showCerts('Author Signature', authsig)
+showCerts('Distributor Signature', distsig)
+