If you want to go straight from cert to hex encoding without having to
sign an app (i.e., you are generating certs and policies at the same
time) you can use this:
$openssl x509 -inform PEM -in <certname>.x509.pem -outform DER
Script to encode:
#!/usr/bin/env python
import sys
content = sys.stdin.read().strip()
foo = content.encode("hex")
sys.stdout.write(foo)
The script to encode has to be very careful about padding or null
terminating, hence why I couldn't just use some random command line tool.
William Roberts wrote:
I should have RTFM, it is right on the wiki under install time mac
http://selinuxproject.org/page/SEAndroid
On Mon, Sep 17, 2012 at 4:22 PM, Robert Craig <robertpcraig@xxxxxxxxx
<mailto:robertpcraig@xxxxxxxxx>> wrote:
Just run the setool host tool. To build just 'make setool' and then
to run just 'setool'. The help usage statement will guide you.
On Mon, Sep 17, 2012 at 2:34 PM, William Roberts
<bill.c.roberts@xxxxxxxxx <mailto:bill.c.roberts@xxxxxxxxx>> wrote:
How did you guys generate the hex encoded x509 string for a
signature clause in mac_permissions.xml?
Did you use the Android "dumpkey.jar"?
I have the signed apk's, the keystore used to sign them, .pem
files which have all the pub keys in them and a p12 and p8 file.
Which one should I use?
--
Respectfully,
William C Roberts
--
Respectfully,
William C Roberts
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
