sign APKs using wrapped keys with a HSM
The following discussions from !783 (closed) should be addressed:
-
@eighthave started a discussion: (+5 comments) Why expose these as config options? Are the default commands very platform specific? wrappedkeysdir seems a lot like other things like git_mirror/, binary_transparency/, opencf-pksc11.cfg or .s3cmd.cfg. None of them are configurable. My experience with HSMs and key tools is that they generally have an overwhelming amount of options, so reducing them to the minimum required helps people actually get working setups.
Based on @Bubu and my phone discussion, the wrapper script for jarsigner/apksigner can be shared and relatively straightforward. For keytool, its not so simple, so we propose making a config option called something like
key_fingerprint_lister = "/path/to/script"
which returns the list of signing key fingerprints in JSON. Then the internal keytool parser will output that also. Then other keytool functions can be handled by a wrapper script.