com.btmatthews.maven.plugins.crx.CRXVerifyMojo Maven / Gradle / Ivy

Go to download
Show more of this group Show more artifacts with this name
Show all versions of crx-maven-plugin Show documentation
A Maven 3 plug-in that can be used package and sign Google Chrome Extension projects
There is a newer version: 1.2.1
/*
 * Copyright 2012 Brian Matthews
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package com.btmatthews.maven.plugins.crx;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.spec.KeySpec;
import java.security.spec.X509EncodedKeySpec;

import org.apache.maven.plugin.AbstractMojo;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugins.annotations.Component;
import org.apache.maven.plugins.annotations.LifecyclePhase;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
import org.codehaus.plexus.util.StringUtils;

/**
 * Implement the crx-verify goal for the plug-in. The crx-verify goal verifies the signature of a Chrome Browser
 * Extension.
 *
 * @author Brian Matthews
 * @since 1.1.0
 */
@Mojo(name = "crx-verify", defaultPhase = LifecyclePhase.PACKAGE)
public class CRXVerifyMojo extends AbstractMojo {

    /**
     * The location of the Chrome Extension which is used to override the default location calculated using the
     * output directory final name and classifier.
     */
    @Parameter(required = false)
    private File crxPath;

    /**
     * The final name of the artifact.
     */
    @Parameter(defaultValue = "${project.build.finalName}", required = true)
    private String finalName;

    /**
     * The build target directory.
     */
    @Parameter(defaultValue = "${project.build.directory}", required = true)
    private File outputDirectory;

    /**
     * An optional classifier for the artifact.
     */
    @Parameter
    private String classifier;

    /**
     * The archive helper is used to read the CRX archive.
     */
    @Component
    private ArchiveHelper archiveHelper;

    /**
     * The signature helper is used to verify the signature of the CRX archive.
     */
    @Component
    private SignatureHelper signatureHelper;

    /**
     * Called when the Maven plug-in is executing. It loads and verifies the signature of a CRX archive.
     *
     * @throws MojoExecutionException If there was an error that should stop the build.
     * @throws MojoFailureException   If there was an error but the build might be allowed to continue.
     */
    @Override
    public final void execute() throws MojoExecutionException, MojoFailureException {

        final File crxFile;

        if (crxPath == null) {

            // Generate CRX file name

            final StringBuilder crxFilename = new StringBuilder();
            crxFilename.append(finalName);
            if (StringUtils.isNotEmpty(classifier)) {
                crxFilename.append('-');
                crxFilename.append(classifier);
            }
            crxFilename.append(".crx");
            crxFile = new File(outputDirectory, crxFilename.toString());
        } else {
            crxFile = crxPath;
        }

        try {
            final CRXArchive archive = archiveHelper.readArchive(crxFile);
            final KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            final KeySpec keySpec = new X509EncodedKeySpec(archive.getPublicKey());
            final PublicKey publicKey = keyFactory.generatePublic(keySpec);
            if (!signatureHelper.check(archive.getData(), publicKey, archive.getSignature())) {
                throw new MojoFailureException("The signature is not valid");
            }
        } catch (final FileNotFoundException e) {
            throw new MojoExecutionException("Could not find CRX archive", e);
        } catch (final IOException e) {
            throw new MojoExecutionException("Could not load CRX archive", e);
        } catch (final GeneralSecurityException e) {
            throw new MojoExecutionException(e.getMessage(), e);
        }
    }
}