From 5012a2913ab7f8d909a5cf13e09844a982b75560 Mon Sep 17 00:00:00 2001
From: zhanzeyi <zhanzeyi@huawei.com>
Date: Thu, 10 Feb 2022 19:48:50 +0800
Subject: [PATCH 1/2] update autosign script

Signed-off-by: zhanzeyi <zhanzeyi@huawei.com>
---
 OAT.xml                                       |  16 ++-
 autosign/UnsgnedReleasedProfileTemplate.json  |   1 +
 autosign/autosign.py                          | 101 +++++++++++++++---
 autosign/createAppCertAndProfile.config       |  59 ++++++++++
 autosign/createRootAndSubCert.config          |  56 ++++++++++
 autosign/create_appcert_sign_profile.bat      |  15 +++
 autosign/create_appcert_sign_profile.sh       |  15 +++
 .../{start_create.bat => create_root.bat}     |   2 +-
 autosign/{start_create.sh => create_root.sh}  |   2 +-
 autosign/result/OpenHarmony.p12               | Bin 0 -> 8252 bytes
 autosign/result/OpenHarmonyProfileRelease.pem |  44 ++++++++
 autosign/result/rootCA.cer                    |  15 +++
 autosign/result/subCA.cer                     |  15 +++
 autosign/signHap.config                       |  38 +++++++
 autosign/{start_sign.bat => sign_hap.bat}     |   2 +-
 autosign/{start_sign.sh => sign_hap.sh}       |   2 +-
 16 files changed, 357 insertions(+), 26 deletions(-)
 create mode 100644 autosign/UnsgnedReleasedProfileTemplate.json
 create mode 100644 autosign/createAppCertAndProfile.config
 create mode 100644 autosign/createRootAndSubCert.config
 create mode 100644 autosign/create_appcert_sign_profile.bat
 create mode 100644 autosign/create_appcert_sign_profile.sh
 rename autosign/{start_create.bat => create_root.bat} (94%)
 rename autosign/{start_create.sh => create_root.sh} (93%)
 create mode 100644 autosign/result/OpenHarmony.p12
 create mode 100644 autosign/result/OpenHarmonyProfileRelease.pem
 create mode 100644 autosign/result/rootCA.cer
 create mode 100644 autosign/result/subCA.cer
 create mode 100644 autosign/signHap.config
 rename autosign/{start_sign.bat => sign_hap.bat} (95%)
 rename autosign/{start_sign.sh => sign_hap.sh} (95%)

diff --git a/OAT.xml b/OAT.xml
index 68b9b397..1f1350da 100644
--- a/OAT.xml
+++ b/OAT.xml
@@ -29,20 +29,16 @@
                 <filteritem type="filename" name="README"/>
                 <filteritem type="filename" name="README.md"/>
                 <filteritem type="filename" name="README_zh.md"/>
-                <filteritem type="filename" name="start_create.bat" desc="script file"/>
-                <filteritem type="filename" name="start_create.sh" desc="script file"/>
-                <filteritem type="filename" name="start_sign.bat" desc="script file"/>
-                <filteritem type="filename" name="start_sign.sh" desc="script file"/>
+                <filteritem type="filename" name="*.bat" desc="script file"/>
+                <filteritem type="filename" name="*.sh" desc="script file"/>
             </filefilter>
             <filefilter name="copyrightPolicyFilter" desc="">
                 <filteritem type="filename" name="README.OpenSource"/>
                 <filteritem type="filename" name="README"/>
                 <filteritem type="filename" name="README.md"/>
                 <filteritem type="filename" name="README_zh.md"/>
-                <filteritem type="filename" name="start_create.bat" desc="script file"/>
-                <filteritem type="filename" name="start_create.sh" desc="script file"/>
-                <filteritem type="filename" name="start_sign.bat" desc="script file"/>
-                <filteritem type="filename" name="start_sign.sh" desc="script file"/>
+                <filteritem type="filename" name="*.bat" desc="script file"/>
+                <filteritem type="filename" name="*.sh" desc="script file"/>
             </filefilter>
             <filefilter name="licenseFileNamePolicyFilter" desc="">
             </filefilter>
@@ -50,7 +46,9 @@
             </filefilter>
             <filefilter name="readmeOpenSourcefileNamePolicyFilter" desc="">
             </filefilter>
-            <filefilter name="binaryFileTypePolicyFilter" desc="">
+            <filefilter name="binaryFileTypePolicyFilter" desc="Filters for binary file policies">
+				<filteritem type="filename" name="OpenHarmony.p12" desc="Keystore used in OpenHarmony app sign"/>
+                <filteritem type="filename" name="OpenHarmonyProfileRelease.pem" desc="OpenHarmony profile sign certificates"/>
             </filefilter>
         </filefilterlist>
         <licensematcherlist>
diff --git a/autosign/UnsgnedReleasedProfileTemplate.json b/autosign/UnsgnedReleasedProfileTemplate.json
new file mode 100644
index 00000000..71c39a35
--- /dev/null
+++ b/autosign/UnsgnedReleasedProfileTemplate.json
@@ -0,0 +1 @@
+{"version-name": "1.0.0", "version-code": 1, "app-distribution-type": "os_integration", "uuid": "5027b99e-5f9e-465d-9508-a9e0134ffe18", "validity": {"not-before": 1594865258, "not-after": 1689473258}, "type": "release", "bundle-info": {"developer-id": "OpenHarmony", "distribution-certificate": "-----BEGIN CERTIFICATE-----\nMIICSTCCAc+gAwIBAgIFAJV7uNUwCgYIKoZIzj0EAwIwYzELMAkGA1UEBhMCQ04x\nFDASBgNVBAoMC09wZW5IYXJtb255MRkwFwYDVQQLDBBPcGVuSGFybW9ueSBUZWFt\nMSMwIQYDVQQDDBpPcGVuSGFybW9ueSBBcHBsaWNhdGlvbiBDQTAeFw0yMjAxMjkw\nNTU0MTRaFw0yMzAxMjkwNTU0MTRaMGgxCzAJBgNVBAYTAkNOMRQwEgYDVQQKDAtP\ncGVuSGFybW9ueTEZMBcGA1UECwwQT3Blbkhhcm1vbnkgVGVhbTEoMCYGA1UEAwwf\nT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUmVsZWFzZTBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABAW8pFu7tHGUuWtddD5wvazc1qN8ts9UPZH4pecbb/bSFWKh7X7R\n/eTVaRrCTSSdovI1dhoV5GjuFsKW+jT2TwSjazBpMB0GA1UdDgQWBBScyywAaAMj\nI7HcuIS42lvZx0Lj+zAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUE\nDDAKBggrBgEFBQcDAzAYBgwrBgEEAY9bAoJ4AQMECDAGAgEBCgEAMAoGCCqGSM49\nBAMCA2gAMGUCMFfNidGo6uK6KGT9zT1T5bY1NCHTH3P3muy5X1xudOgxWoOqIbnk\ntmQYB78dxWEHLQIxANfApAlXAD/0hnyNC8RDzfLOPEeay6jU9FXJj3AoR90rwZpR\noN9sYD6Oks4VGRw6yQ==\n-----END CERTIFICATE-----\n", "bundle-name": "com.OpenHarmony.app.test", "app-feature": "hos_system_app"}, "permissions": {"restricted-permissions": []}, "issuer": "pki_internal"}
\ No newline at end of file
diff --git a/autosign/autosign.py b/autosign/autosign.py
index 28eb08ec..451d1248 100644
--- a/autosign/autosign.py
+++ b/autosign/autosign.py
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##############################################
-
+import json
 import os
 import re
 import sys
@@ -64,8 +64,8 @@ def print_help():
               "    signtool.jar : Main progress jar file\n" \
               "\n" \
               "Example: \n" \
-              "    python autosign.py generate \n" \
-              "    python autosign.py sign" \
+              "    python autosign.py createAppCertAndProfile \n" \
+              "    python autosign.py signHap" \
               "\n"
     print(content)
 
@@ -152,6 +152,13 @@ def do_sign(jar):
     run_with_engine(sign_engine_config, jar)
 
 
+def do_sign_hap(jar):
+    sign_hap_engine_config = {
+        'sign.app': 'sign-app'
+    }
+    run_with_engine(sign_hap_engine_config, jar)
+
+
 def do_generate(jar):
     cert_engine_config = {
         'app.keypair': 'generate-keypair',
@@ -166,6 +173,32 @@ def do_generate(jar):
     run_with_engine(cert_engine_config, jar)
 
 
+def do_generate_root_cert(jar):
+    root_engine_config = {
+        'profile.keypair': 'generate-keypair',
+        'root-ca': 'generate-ca',
+        'sub-ca.app': 'generate-ca',
+        'sub-ca.profile': 'generate-ca',
+        'cert.profile': 'generate-profile-cert',
+    }
+    run_with_engine(root_engine_config, jar)
+
+
+def do_generate_app_cert(jar):
+    app_cert_engine_config = {
+        'app.keypair': 'generate-keypair',
+        'cert.app': 'generate-app-cert',
+    }
+    run_with_engine(app_cert_engine_config, jar)
+
+
+def do_sign_profile(jar):
+    app_cert_engine_config = {
+        'sign.profile': 'sign-profile',
+    }
+    run_with_engine(app_cert_engine_config, jar)
+
+
 def convert_to_map(line, temp_map):
     line = line.strip('\n')
     strs = line.split('=', 1)
@@ -177,8 +210,8 @@ def convert_to_map(line, temp_map):
             temp_map[strs[0]] = strs[1]
 
 
-def load_config():
-    config_file = 'autosign.config'
+def load_config(config):
+    config_file = config
     temp_map = {}
     with open(config_file, 'r', encoding='utf-8') as f:
         for line in f.readlines():
@@ -199,22 +232,64 @@ def process_cmd():
         exit(0)
 
     action = args[1]
-    if action not in ['generate', 'sign']:
+    if action not in ['createRootAndSubCert', 'createAppCertAndProfile', 'signHap']:
         print("Not support cmd")
         print_help()
         exit(1)
     return action
 
 
-if __name__ == '__main__':
-    act = process_cmd()
-    load_config()
+def process_jar():
     jar_file = global_config.get('config', {}).get('signtool')
     if not os.path.exists(jar_file):
         print("Jar file '{}' not found".format(jar_file))
         exit(1)
+    return jar_file
+
+
+def replace_cert_in_profile():
+    profile_file = global_config.get('sign.profile', {}).get('inFile')
+    app_cert_file = global_config.get('cert.app', {}).get('outFile')
+    tar_dir = global_config.get('config', {}).get('targetDir')
+    app_cert_file = os.path.join(tar_dir, app_cert_file)
+    if not os.path.exists(profile_file):
+        print("profile file '{}' not found".format(jar_file))
+        exit(1)
+    if not os.path.exists(app_cert_file):
+        print("app cert file '{}' not found".format(jar_file))
+        exit(1)
+
+    app_cert = ''
+    # read app cert
+    with open(app_cert_file, 'r', encoding='utf-8') as f:
+        app_cert_temp = f.read()
+        app_cert = app_cert_temp.split("-----END CERTIFICATE-----")[0] + "-----END CERTIFICATE-----\n"
+
+    profile = {}
+    # read profile
+    with open(profile_file, 'r', encoding='utf-8') as f:
+        profile = json.load(f)
+
+    profile["bundle-info"]["distribution-certificate"] = app_cert
 
-    if act == 'generate':
-        do_generate(jar_file)
-    elif act == 'sign':
-        do_sign(jar_file)
+    # save profile
+    with open(profile_file, 'w', encoding='utf-8') as profile_write:
+        json.dump(profile, profile_write)
+
+
+if __name__ == '__main__':
+    act = process_cmd()
+    if act == 'createRootAndSubCert':
+        load_config('createRootAndSubCert.config')
+        jar_file = process_jar()
+        do_generate_root_cert(jar_file)
+    elif act == 'createAppCertAndProfile':
+        load_config('createAppCertAndProfile.config')
+        jar_file = process_jar()
+        do_generate_app_cert(jar_file)
+        replace_cert_in_profile()
+        do_sign_profile(jar_file)
+    elif act == 'signHap':
+        load_config('signHap.config')
+        jar_file = process_jar()
+        do_sign_hap(jar_file)
diff --git a/autosign/createAppCertAndProfile.config b/autosign/createAppCertAndProfile.config
new file mode 100644
index 00000000..269804da
--- /dev/null
+++ b/autosign/createAppCertAndProfile.config
@@ -0,0 +1,59 @@
+// Base configuration
+//
+// Location of signtool.jar
+
+config.signtool=../hapsigntool/hap_sign_tool/build/libs/hap-sign-tool.jar
+
+// All products would be put into folder
+config.targetDir=result
+
+// Common configuration, will be overwrite by detail config
+common.keystoreFile=OpenHarmony.p12
+common.keystorePwd=123456
+common.keyAlg=ECC
+common.keySize=NIST-P-256
+common.signAlg=SHA256withECDSA
+common.validity=365
+common.outForm=certChain
+common.mode=localSign
+
+// You must change this instead of using default
+common.keyPwd=123456
+common.issuerKeyPwd=123456
+
+// keypair of app signature
+app.keypair.keyAlias=oh-app1-key-v1
+app.keypair.keyPwd=123456
+
+// keypair of profile signature
+profile.keypair.keyAlias=openharmony application profile release
+profile.keypair.keyPwd=123456
+
+// Root CA
+root-ca.outFile=rootCA.cer
+
+// Sub APP CA
+sub-ca.app.keyAlias=openharmony application ca
+sub-ca.app.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Team,CN= OpenHarmony Application CA
+sub-ca.app.outFile=subCA.cer
+
+// App signature cert
+cert.app.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Team,CN=OpenHarmony Application Release
+cert.app.outFile=app1.pem
+
+// Profile signature cert
+cert.profile.outFile=OpenHarmonyProfileRelease.pem
+
+// Sign profile
+sign.profile.inFile=UnsgnedReleasedProfileTemplate.json
+sign.profile.outFile=app1-profile.p7b
+
+// Default config. Do not change it
+cert.app.keyAlias=$app.keypair.keyAlias
+cert.app.issuer=$sub-ca.app.subject
+cert.app.issuerKeyAlias=$sub-ca.app.keyAlias
+cert.app.rootCaCertFile=$root-ca.outFile
+cert.app.subCaCertFile=$sub-ca.app.outFile
+
+sign.profile.keyAlias=$profile.keypair.keyAlias
+sign.profile.profileCertFile=$cert.profile.outFile
diff --git a/autosign/createRootAndSubCert.config b/autosign/createRootAndSubCert.config
new file mode 100644
index 00000000..841d3ef7
--- /dev/null
+++ b/autosign/createRootAndSubCert.config
@@ -0,0 +1,56 @@
+// Base configuration
+//
+// Location of signtool.jar
+
+config.signtool=../hapsigntool/hap_sign_tool/build/libs/hap-sign-tool.jar
+
+// All products would be put into folder
+config.targetDir=result
+
+// Common configuration, will be overwrite by detail config
+common.keystoreFile=ohtest.jks
+common.keystorePwd=123456
+common.keyAlg=ECC
+common.keySize=NIST-P-256
+common.signAlg=SHA256withECDSA
+common.validity=365
+common.outForm=certChain
+
+// You must change this instead of using default
+common.keyPwd=123456
+common.issuerKeyPwd=123456
+
+// keypair of profile signature
+profile.keypair.keyAlias=oh-profile-key-v1
+profile.keypair.keyPwd=123456
+
+// Root CA
+root-ca.keyAlias=oh-root-ca-key-v1
+root-ca.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN=Root CA
+root-ca.outFile=root-ca1.cer
+
+// Sub APP CA
+sub-ca.app.keyAlias=oh-app-sign-srv-ca-key-v1
+sub-ca.app.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN= Application Signature Service CA
+sub-ca.app.outFile=app-sign-srv-ca1.cer
+
+// Sub Profile CA
+sub-ca.profile.keyAlias=oh-profile-sign-srv-ca-key-v1
+sub-ca.profile.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN= Profile Signature Service CA
+sub-ca.profile.outFile=profile-sign-srv-ca1.cer
+
+// Profile signature cert
+cert.profile.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN=Profile1 Release
+cert.profile.outFile=profile1.pem
+
+// Default config. Do not change it
+sub-ca.app.issuer=$root-ca.subject
+sub-ca.app.issuerKeyAlias=$root-ca.keyAlias
+sub-ca.profile.issuer=$root-ca.subject
+sub-ca.profile.issuerKeyAlias=$root-ca.keyAlias
+
+cert.profile.keyAlias=$profile.keypair.keyAlias
+cert.profile.issuer=$sub-ca.profile.subject
+cert.profile.issuerKeyAlias=$sub-ca.profile.keyAlias
+cert.profile.rootCaCertFile=$root-ca.outFile
+cert.profile.subCaCertFile=$sub-ca.profile.outFile
diff --git a/autosign/create_appcert_sign_profile.bat b/autosign/create_appcert_sign_profile.bat
new file mode 100644
index 00000000..0cb6e4af
--- /dev/null
+++ b/autosign/create_appcert_sign_profile.bat
@@ -0,0 +1,15 @@
+@rem Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem     http://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+
+python autosign.py createAppCertAndProfile
+pause
\ No newline at end of file
diff --git a/autosign/create_appcert_sign_profile.sh b/autosign/create_appcert_sign_profile.sh
new file mode 100644
index 00000000..dc19361c
--- /dev/null
+++ b/autosign/create_appcert_sign_profile.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+# Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+python3 autosign.py createAppCertAndProfile
\ No newline at end of file
diff --git a/autosign/start_create.bat b/autosign/create_root.bat
similarity index 94%
rename from autosign/start_create.bat
rename to autosign/create_root.bat
index d43c1faf..9d21ab90 100644
--- a/autosign/start_create.bat
+++ b/autosign/create_root.bat
@@ -11,5 +11,5 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 
-python autosign.py generate
+python autosign.py createRootAndSubCert
 pause
\ No newline at end of file
diff --git a/autosign/start_create.sh b/autosign/create_root.sh
similarity index 93%
rename from autosign/start_create.sh
rename to autosign/create_root.sh
index abe4940c..ce2f1343 100644
--- a/autosign/start_create.sh
+++ b/autosign/create_root.sh
@@ -12,4 +12,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-python3 autosign.py generate
\ No newline at end of file
+python3 autosign.py createRootAndSubCert
\ No newline at end of file
diff --git a/autosign/result/OpenHarmony.p12 b/autosign/result/OpenHarmony.p12
new file mode 100644
index 0000000000000000000000000000000000000000..60f9bb48e677960e9dd7257e9f55c80915417ecf
GIT binary patch
literal 8252
zcmb`IbyOT(y6zijAV?rM1cJLZ?ykWlKm);o)4?UUI|OLl-QA%HPLSYEAh^2+4RDz6
z&OI};?mcJCS@*8`qpF@=dsjWb{XTDj0?7H`;SfLpWamgIj3II%H?QH4;c^1VHh=+S
zD=+dQC;&<1Uxtv_fB{HMFESm-{}u`D?~~9`;ox(=fLuTfNT~l?dRdnki2HQ!wGS)A
z1!wvr>9+Kjt9Zg2w7??(dR2jP9KB{2vZVV7fhAxho!;2-9e%>)M5!MSry+xXS~yhO
z1V<hoICkFnVi!Zl$x{_ktvC$JV#Q6cb+@E&=xxh`^bnR-I2;CFv)h9d{_`7AaM?vj
zg#dN{dw?0h7GMc51~>w2UhZuH?f`Ot)611Pz!~u6FWu}f#R_2YGHU#yy1YDV2BP@K
zVtDMhK<p1zHfH4PJRlApE*=g}P7XeHPyihIzk2r%1NjI4pYDT1zYQDcN(m)N9^#zn
z?D(#mY<~M+?!m>2a(Zy=$)cv5;W|a$rorB<S#DDT%iaqiJ9I_b^PoZS-o(!``Gt)q
zN~NE6-+LjV&Q(p?bJnW*=e<stmn$>R-nib<LW~gFp4IMKfH1=8tHf?LnjCgVkkUU4
z;IfO6iu{)}j9)0(13m++049I=xB80{`3nWRm&5sm&WrwE@nGlR;Nb&t^Re^uzVLwm
zw|GQXdD`elPDb2lYlI4z_lXfAlb8OT2QqdmDd%{Kb=r?zuQ-}3!YYVei%OwPU{dBx
zw})8tfuzb1^kCG;lZPAafpr?NLTCQ5X1wL(!S7jw+xj}c^OPZnFAeZHSj-s{vL0&L
zUM7OH7<<jm#cm0b{AV6Kq+I`F9{(K$PF^k!US4h<UJ%It{$C;dUju<-CGxS6T3)Nu
zOm2eZt`qtCJ2v$1f#9AVs<mcOkzF#x5B~D2G0BwZ9qtojZw}lh1Sf1hP&VVwI38MS
zpB?){@Hn0=s@Q@3l_%q)$JO{@2TyV*{+a2cOD(1!#n}I!5-@uy46~QAaQd$!@mC3O
za)UT|{}u_ff5UxOfN_~ZulvF3^;5+{r0$10r#6<qyNBM<dsi3<$=jW~6WuyPNvwcJ
zx`SV6ys=<$J0)}tb}n+;@QGMPqd7vE&G|4?ewAwl&-kkT^iY=iJgF?M2X+OAnaa3B
zCU*Y-kp4gKxGJgg|9Hpk|H^>*OEUfj;ctofcX4q2tswq}1L@zuu{pr{v|5j*#utow
zlY}$2-QVYQ@pl|1yF(>rr`ju@0Z+O*kX|ot)jhX;iUfdUJ1OGcfl)T;okR&P#j?bs
zVh<9J7hCswm%CiU$N_;9a>Z#}Smv$W#?t5<tUI3F2c+}QG!#kY|DS1?zR>ve(k(6i
z+up#%%g)Zu1qvWa_|NwvBjp4T1;0rC@Nj^algB?s;Qpn1BK_^(aciN{B*Ds$Vib!%
zA;y{Fm=Nqg`4=6(03tC1{ByKpE@KZpGeMa*Cm4Yy1o({3=cEF@gkF%eUPosX{@NiF
zcBAY8LKU2t1Ppubiv)<*`jmZV^;&Z=E^flgsovV{dAOI>)QT2)`@4pMfnWYTc=gtZ
zr|Xc1Pq!prZ{mQ!OG^|jtxYaC=Hd?tMeP{Waq=f~7~=F`$Z%GH%=%n4k;F})4t&4n
zNV`pmDZ61LL*{Ij5e1621o=u<3wQ*<6{~`34~1zsk&_`iax={dv}>~G?fS7NiOU+j
zZ-}s%l9;`u1*b?LbI`2l<D<bCsxe9k^pV2?G!lF3a_|G5id0C&<1QHwIDyKpeN5(V
zgWKPllGy@D&O~q%X^ebd;>OkaoAv35M=n6|+gaDE_5uWtZ53PtHmWeHgQGJD=Dd_2
zaO^l$sp)4?pW#&qsM2fAA%EP{YPq=((9&!?Jl)MD&)Jrqu$w9PNHH!q@Eoa@kMZEu
z*-J|mY<5gw_|t1VfJlKCXy=0&`Eyklx6e|bO$efYjIt<zq=1ChQm3~1{f-ufE4oAb
zY^=As5f&h0IGgg8w`*&`Vk(Cl+k>wF7Jwbw1iqGFO)>d}d4F~8FJwclY8ZA7``Vd-
zrX;2K#ezgF?zq<tBa*UHab#-k1gT=8<blD}gyTcPqPB8Q+8WlOHU3m9DY`;iakh$Y
zLc9G_oL}@U)=b%(_{SNKbsyW)`}Ia0AHm|58#RCL)5%#RSN~?cb=+6o5j!=v`xGRE
z=9GQEKYP;(!Gsq>7Vk*l7Nv-oqV_nytaY%Boglf1m*&3OFwO}no9B@^{D7I{7bA)M
z9EFx6sW7efOOvF+R%u(5in!c&by?I*#nqD0gdh<5u8QoNFN~i!<&Mkcyq@bb8iVqm
zy%~`l68E`!3zfEF>xLj!+KJ2!Wteg$Rcm0snvXaIOp$?lo~`}|*D^<fha_czx>Dh_
z(`%+t5IXIzZ~XHb$Y9~Z+3SK#w?Gvw^jQaAL{+1(bLh_&!(9w4Kz<Zc_F=U6a+rc!
z7(!9{ak#i{yB<9@WXAuhtr7W@kyMS&g~UurSk^hETos4PafgZpgA-Wj9D^mQE^Rsp
z62eHoC_FA}Uift3V$o-(;3+;icY1`yH*XNELpA>V`qwhD^&7_EZI|o!G55AJRCS}Q
zWY!eTQ6Kzsep*)UUBBkhL_$xc4l~<oFkt?oEOMCm%}G6p={(@rf}MvVJs~@-t@zvG
zQzddfvuiVgK+(>_kZxTT)n&yhF|LLtIq~Gq4v#~ak&cdKT-lRnwOn1wTxNJk$m|lt
zZjv!pU9jV)vKOB)Lx9yoaiE69c#B?bwBUSTJKs{B$r>v_SYoJJj6w1Vr*d@Hb}rS7
z|L$l`=rW7M_c8cHChc%j@4^=`@rtd8d~q;rJ%5ObJ}@7&`c)$3-q;g?uVH)#&g^=C
z;F;roBuZ;!ZU~i3T)$;M>xrylaKy4LKtg<*aJB!3BT(>WKlHwxcKkTa+f?U()SzuN
z1?<Pxh|>(hONkPYaWa--%YV~y9j>Ltuow3*vAjP8u)+h8c21}r8hO}~v`Q0gZ+hm_
z7~E;VFc;;V6f^$BU}w6?Z^*{AKqQaSOY8>h8Bv%^lNVoi^I?i?n+}EL+(6gH*)ij_
zRp~1A;uBNqrD`Uds>0-+LhZ4r&&ktvy-Q%Htm&))k4+ZE$$tLnBbs^Rr}`mfpXic9
z(=+lqF$OnX(T2{LDzMYkrBTxlF@G|nH+UOUsHrSZ%{fk+eb?rdr=4XF!egT>pqavy
z#Tu;`4A{^XOGBGqI?{;s0HQE#LAZ)!MC(g$NJ|pd2&4Y+Vz-oKf<p6}YrxD~7_O<(
zjN5*SpC3{Cigj{+)$?90i;qE+qkk5n5WbD}+TFiA33tLMl*CbjeXlf-C8?g0HFdYj
z-JtQ|z?39!aE#;xz9kuhyrt-e4ft>DGcl)#a&T|;uVCuc0fWt-6FO7ZKL7a`*m9CB
zCo%Avq!fcFGj7mu+P?nNAnA(kvAvqG^}%$CMzd{)mty~%S{t!`d0u2^TEd4cHt@D^
z;rm^xD3-E{aE>i$>#aWUc2ReL6NA02Qjgm#&zd&0i%wKr<<dTL9Ch!oKvTSkkPN59
z14d1RqdeTq!?I#rXH@N-E55V0QZngSX&}aQlI1V(g|b8BG(yCrZMFwv_HHek0hp#K
zgSJVKyq;-%mqWc*Xs)9#D(9==*{9>1a7kpUKuwk)ah@SeLSA*`we95si@Z#jxan$o
z1m{2oeC<a%_ZOz<@Za#W<%*aKs74**^m?%@`M<)5+x~R8w?h4aKC8gfHIcKpOiyG6
zf6Dwgh&;SD2|K~AP1i1{7i9FuLb%m^`e>D>zUHe4>fC;ny^<$7jfl`r#)KL<$u1hR
zlGyAXCATnOS-N3(SUs;VUc+5;u{uz2{dn~UlMs`7#I&-Ol8bEA%G^5aNt(>c>B#AH
zRzN6iHlm3JU2qpyx2U5^taRy&znVMPkn`dDTf&B0wMThte<G0<*WYrC?Wkk)@$cnk
za+1?;Y?Y<Wl+GLIIisOdm}!!*Uk6Q~JiSNa$O|S56ULN_$U$(DNGQ}B+uejK#brN)
z%dZ8O8T%~dl-q|Ci%v_#4!Oha+ciZB0$eVvK71))V(%gpZ6{UQRpuR0Y`{>#w)QST
zO|1lV>-RIHzCSE#;3+Juwyt{pLqZTaQZ_E)2#8iK-htQ61HUbd%4ritd<qx4(?)4_
ze;PD3?znQpfva4FgTbsdF`B8^bHeL^*Z^BIA8`L&%jG7&b!=}byKM>7XK$_9dJXUW
zG-E8#aQ#OM#W$ZnqEvnMao;~Xc^xv+S=djg4A5v-<?e;d%08X3Kg0nW^FK|o9^uuF
zYZW7zf&7+g{OgIvl{M~sG@Y}j$_BMeFhu3qj{TA>HsYSc5r-|oIW#QGKk#=qlpOgr
z?~P}R2U0TjY!(nqZ@`f$@eUNk*Hak+W)mhmejvSBN@2EbnS=+N_*46<Lh9)uDmOzY
zKicP~Y%3;o2fpI`+WiBY_XK`4MN+|Q=;E@SJ50T%2GH;Tj-X)oVHGkD_bE;b=kEE~
zlyEy_^!NLBvRk6Xb$L#C&~(=_L<K7{yy$YR+MKwsB%-@^ApadDp>7kt>LxZNxoe<&
zo~VuPDsS^6#;VownToR_9?R-o(Hi1x@U?hw@!jrf&-{QXDOBfLEBn4F&D-eaJ#nuh
z0=d*GbFbJ8TM|8CF@hk0wc7G}Q8c5__QONI)usz!{$&owDC?3&Z=fgC^n0JJuK|)w
z)T_RQ!tn5tpg<YzgCAPcx7J=XDOsiip42;|ekohzpakK@KhJeT%CmS^5uZ+Hw0&M#
zS1z<;q9bD&CrOaC>wN@xa_eKY9p}4J?S=xs>EHL`qkV%$9+AFRcUB&0`x;8Yi={gz
z`M}@Ykzca3MJ$H{#>=sF+_H5RS(DHy>%L#BN2T<vW1kE=y6k>b*S6Dy_AVtKOqLBb
z=CM0Un?Bm=-q6*9%9J);V%)!;aBU^)ZQ8b_#--pCpFS}o(to7S2H;`7xxO{h-!U6N
zuSe`TFp_?)hwxm0SfI~MlWy;oMMq&{PxIJKC~i?~JBLi-^F~UdBSEHB*3nw+s#F(o
zd+<k#Sf3ISV^0gLod|jVk3iFDxKEb|4^_b1s=Z&+Qh4R4r$X;ozDw)y#$zqQ!!;It
zZZ!vZ3KUe;UXkcxa}GMG*Km@az|zM>t(fkyf|1~ZuVy8_XU2v!9&(!n#gL(pHf!=^
zjXHyCAL2}97s%cayNkDbOhTqZvx>zh#sBP%J-NvFnun)gpO~d|JI<7BVAO7Ubz7?J
z-h7ZVIKQxaYv|{J{hI-yum^t{ny<@8=<oEp7_IwG(PH$btU1P{SxR$-r`+WAkW6%F
zxob%^w>Br=4gE;kbn&XvzMO=n45x>~0s8&cJ@DP^048L2${AgloPjC_+%)*5IgoHH
zI)O0xmNhX@$s4}23ePK<Ms3K5n4sp`Qums1wz@Z+e~F<5T<k(>z2~C7HPF6BV?Z{{
z6<3_TrHd8AU`U0Mt{A>@HndK&D?_Ar^DGl>G%3psKP+KC;!lKDCPF}ft`DEQuF6_o
zU+1LieDN6@6F@pHMIr77R{A}MH9KFe?Rgx=z#XBkz%wLcCH`3ua9{42oT2dHqIJ40
zDh(z=VA^7DFxu3xJ}savi|Ae5M}!w*3sZzoWac(Otl{Yq-lbLcEf&jT5D^)wVzBB%
zUEm$op|1S+91G>)TSP$h(>3EFxGU0Nq|Fr|mJD;pcenP}5z$G+?!w$QRz|$|2F!{W
zn8w4V2b-$RcSJA3I*!bnD9|XOc3sjXD(W(MZVBVpxyN0iWv(PNXKdBCxMcTg^fVeW
zLb_j9=EpS(9^>;dM|O~KiOjngrKM92frXHVu$k#^z*3`j$&|3%anrgUq|GIGHd>n5
zxTN^@oj`2xkI(jH$JKB1LyM!rY6l)aN^S(4u7s^l>nNsaYDL^5w3=TuKV|hi*hZ6#
z$otp}(oGwfWbt8c<lYoBxm7~-v>}2SqUU%Rr{(4sX)GrROdq*;<0P6!ZGkOP-Jd)1
z4ibjiOZyo^nI4FlDFzV5X~o`~49jk=TC)40v^uNW{lcRR`ljemnfh@V-bnKM*Bl<?
zCT-B4jZYQzaw^3T!v%iCsf)Kp<KQUv@kNdyv;rOrpRlv2rZYB59leaQN8?L*RKs+d
zZ4xib2#m`^TCFpb%jVPYZF~_FLHIQ~bo~&gs>$jJG)~Y}NnW0TOcC{1?k0!#%_m1W
z;$wj5toq|!=UPQL+fY2@6|&xK_5Ew-W^{4?w?S)7Y{rw1<GwUOwJ5@+gJ$m}HB&No
zCHi{s3e>T;NXaY8M%lja!<9PH(>!Wm;pIp~?*scE>@uo!ydNJi?;4^$X<`-eUW~c>
zn)z!a!oeu)Dx;9akXYHDj354#QQ(Q%izxjZi#Ad^#HlL8i;7&e5@Vny7J0onpV$}h
zY~s}8a?{Wqkx#>1?azzoSgzjo2?gNO#>oE3DZF=NFy4}Arev=RHMZRpD1x!ZvRwhx
z;10+}5I3VSfyVY&h@sLaI7msKf!~niFAk?I4GFw&q)exUnv2CXWC@n(xz$u<1|!Zi
zPLA6!9W(P??hfA9mRNh!4j0@P5#iH=ezYZ(7>g~65588<%cP~3HseXi4G;}tL-irD
z)YtIl7~DJNK&1Qw18V9l6T)SD@J_>W<vn>{dN*6gKkqVSgY9w<rvj-rxNmJzyComR
zZ_{DcTG{n~1AP+j%r@i;`yKzZ29=I0-dgEg-DK?8)f!1BzsQq&zuk|@m1@AnE}I?A
z4U!e!4DKFlN&AxWO>eZzqIQukKs~wd5HUW2YM<)kkvAxfdkLFBQZ;k>*Le?qGCOrG
zG~5CqtB&H`vTo>+B+FLZ)*@B@83DJ%9BT&lg<T$t1sdVfbkfutGKNl1?4@0)0R9uX
zj~uZ2&B#(`5rSH&T?gLxY0wOF<#eTnA%BOc;E9fpVBe0?ZYprhD5uL*?HGQAN9lx6
z7P$OjLznl`LFi^lAmnsI7-GIdxSw`(VTah7kNBH+TgP`vA-l3Vs<STpOzk=fEs$+>
z{rd$aC?sQt_Y&SU$Xb5l$pnjg=s;p8_R)Otk_EjN91SHA9acJi+DV#^QCyRKx6qiO
zKf+<qk?S053!|MW)f*Eubhg$GS|)nNj;7n>M+#GF34QB@BWn|@g(mIxH3LD`CqVrX
z7IA|0CDVeMnwt|E*|2Z+&Wi`Q5TE?o%v|8IR;^@xs^o-Nk$M;T4h?AVWeFj6Q2ZU!
zLP2vQ)*IAqe+7jv+K-<&ljy%S((2|wB==+Q@V3{V=VP@~Nh-%Jz=L@ji|*DJa&A;B
z$=PiESoMbfiixwbc2yo^Img^ZQe%wbTV8MpZBfsT0c_j(spf(nI%Nia1^7Q4o6^vg
z2s7XSgY2-)hhoP<VNd(VO`*C;gHY>_?zvp(r}jZlI+kkLD^F>dg5jw8BV-@Iu|LqK
zD`tSuT-~jRRX#xByd@532rpUYU0?dj@7vE5PnwivU59c9lAM*UXF(_Z$O6n^gSj2m
zreZU~^`YV*e6`dw4~m#>{ndERP|S1`>~*Puq7jH{Qowr}p~Pm0hT#diET<ip0Dhux
z^N1$?>IXx{MR3o;l*n!}@3W^gVfejVCnsZ3`2^7Kk>iiq*770r_*%AoJn>{XIWoxR
zd*bYtHLb;raDI&<B+!1)EE98mi#F|$iA)rt70>rfbQ)XvCA(C!N98NNKbkzS@hWy)
zYqM*(o{wOlZZiFe7Necm=Yw(q7y_~fVlT#rKh+DJqR9VpfD(q#N;rNVY|T?P9uf`k
zuex<WEblpGNUhdY?Pb)EMvL0;&Wy1h6jkTJ90*(?e}YqaZd?)T*Ds)+>_u1DZ+u$n
z0@t+q)Q36<BVUY=fsAuVT_3}vihExd;4GH8eh@4@O_e$>Ftlu|Kyxp_XBg9?MER<J
zZV7d%zfDxE&+Evv_9$Kp`%#(7J>5%t2$$Zdf3+0-+j=ZUPFV7*4PVqz9e<w3hiY^}
z&I2#d(*>g8-9G6rS!p9Bu>Qat&(94zCLY_#;%qL#!S5_9_w7Cc+WRRu?LR2Ezx(G@
zy89VDSNcqGYrPw64>Z-Kd7`{PiQzWGsCG+@G&kC#HaUu($ATaTR-cbnxjG>m?vqRA
zcL!xf8Eup1SSSs8e5710#rM`Snc0ct^oe`rWS>{>XSu(?ZjT5jMFi{P<-_ZI<%MwD
zH{&~V%xCxK!sa$ISg3b*8;;r)?=x8eoL27gcFQrV;cZ3GMN1tl2du8}E4qVW#3E!@
z;}zUj!@v!^g^O#HtjF)=rX`dEmA2frP+2}2^kcp&{2!n>nuqfvs>D!MA4HU8txNU+
zY6y_{?GlUSMqOb~^Au*J#4Zn=slpp6tTsIG&ouV22T!@@9V9Mje(&`!!w+L&5lz4t
zy%w)kW9eVlyDof%S9tURd}xW{W{j0m7EZ!ghvjI+EiJuK78CP8mm}~iwR;murgUc`
zu|GEt`gX5uEP!|O$Z>QvWZ(KL_Lt;4%vDMyJ4t!N8a_t26mPp~AbmQpq=P<Bcc6S)
z@Jjk^WX*E%rEJoVDQF(HJvWBi^vV>>43$0{^2rYxQIa`%YCb3Ev+=w2>h>f}aYh~l
zvzjlR9T6QjJwz<X+IeoLzn0Hj@i7X#OPvY+L`pEW=ZUV6ZgNg5Ec!K3cZO-HBnA!*
zCh}#F`UX*t(FT>8;s~tJRI?lycETL~Rd1!XT@n%3J2lD7#^kL*;L6fQfNnlUP9-e^
z!8TtV%)*0Ek2{#{7Xy&{&XtFS&PzJ?qV1E<>IC`r`=%OuGo!H-MPxND%pb}fDYUkH
zvm-`6N?LiQOGwU0F<+5iEq<K&one8r#N__|>w>D57*4?)kecHUnxCcjPMjcRmh)%$
zS2v6Y@1tD1Fktn4iwm1;fF;9`O9)lq%IG5c<t)qY<XMwZT1}~8t^ZA#qi^`t5P+ny
zA=2-3(xL2jP?JuT4&01+lihlh+E7eS8X(Y5EL2YJBqWF#IohNcY!F=pz2E;x0^Vy!
zLx#FBqgLo@EuCdj*4N;~{wCJ_OkLH~w4ji82CI^4HJw%!uQp>qFC-<}3yN^;ahjw0
znXcKqf><4aJ(Be8Qxmw>4-<~B6FAc+l@uB}uK=cGaTe#&^0q8Rbfus^r<@VRT||Xx
z3?lIJblqWlkP;d!+9S+t5Yn?I(2^Z>MJXDv(Jl!Q4iAep6mmhZepM;$o25=S6n%ja
z9VzV$o+Z}`KCKWVs;D$an#|FxNR42;9<&Op5bwycQ_eOCS=I{rcrb9n@%Eb|<j<EP
z3qgJDwY-K+U5pW$Hz<?owk%vXH1u%j*~KD>X)Wa%31>R1KW+JN5Zw=qZwz?eA%S2u
z8T1(L9dp)iQpu_$ysr7CH#|3X4ETFvsp1D~>aSPQQtqy8BJ#&|qx7MHnTh2@xq_6?
z#?a_}sU+eF>Jc?Ut!*>`P%f*P!#YITkMMH@*J`Bh+9Y5n%%VvshkrAqepd*^Ld&=d
znKM#M4{U^C|NG#)G+<fdi>6N+JjvPoPDJSIZXxgJ1o7Nq>(Q7oIZ21X`@ra!l+f?n
z2Af)v)0#!ULzqq8h4E`7d=1QZA}z{zFG_Y-`CU>*BshQEcg))SanBBqLiaP)I;Y9`
zdbh)j!E~}n;sOhGsSv}D*B64QKOJ34zMKx;5rmzw!13fXR<i8urcN`V$nb1WF}kY4
zOT432+S_{dwYT@Z>!@+Dv`ZKbcKd>#y0;T1|C?!FG%lgwTq6P2fapkc)9wy2L=n)N
zDyjpX)~iKA4@*qw7*Y_?O@**r`#XXAI$et$0xY3poQ<;b3<loHL9W`M_llBLk}a~M
z0z<}1wi)2^<^r1#@JQ($AwTi)>8$t)W60E5+t)j;ReSBlwx88y*nhmEAwrHiICuy#
zSJl||tUW$fEl+kg5<f`-Yr;ATt}cQ~x79hVRoV^Dw%_mq-T8{<Kq4Rt5DF3^69xkO
zTSNd5*H>4*Gsm<DK^Q(!q~B6fepn>j5{SD$9zS-=+4Bb3#&C-@Xdgb<yjKYx0WKux
FKLF87;N1WK

literal 0
HcmV?d00001

diff --git a/autosign/result/OpenHarmonyProfileRelease.pem b/autosign/result/OpenHarmonyProfileRelease.pem
new file mode 100644
index 00000000..129a1378
--- /dev/null
+++ b/autosign/result/OpenHarmonyProfileRelease.pem
@@ -0,0 +1,44 @@
+-----BEGIN CERTIFICATE-----
+MIICRDCCAcmgAwIBAgIED+E4izAMBggqhkjOPQQDAwUAMGgxCzAJBgNVBAYTAkNO
+MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh
+bTEoMCYGA1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTAeFw0y
+MTAyMDIxMjE0MThaFw00OTEyMzExMjE0MThaMGgxCzAJBgNVBAYTAkNOMRQwEgYD
+VQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVhbTEoMCYG
+A1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABE023XmRaw2DnO8NSsb+KG/uY0FtS3u5LQucdr3qWVnRW5ui
+QIL6ttNZBEeLTUeYcJZCpayg9Llf+1SmDA7dY4iP2EcRo4UN3rilovtfFfsmH4ty
+3SApHVFzWUl+NwdH8KNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AQYwHQYDVR0OBBYEFBc6EKGrGXzlAE+s0Zgnsphadw7NMAwGCCqGSM49BAMDBQAD
+ZwAwZAIwd1p3JzHN93eoPped1li0j64npgqNzwy4OrkehYAqNXpcpaEcLZ7UxW8E
+I2lZJ3SbAjAkqySHb12sIwdSFKSN9KCMMEo/eUT5dUXlcKR2nZz0MJdxT5F51qcX
+1CumzkcYhgU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICYTCCAeWgAwIBAgIEHmXAPTAMBggqhkjOPQQDAwUAMGgxCzAJBgNVBAYTAkNO
+MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh
+bTEoMCYGA1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTAeFw0y
+MTAyMDIxMjE1MzJaFw00OTEyMzExMjE1MzJaMGMxCzAJBgNVBAYTAkNOMRQwEgYD
+VQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVhbTEjMCEG
+A1UEAxMaT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gQ0EwdjAQBgcqhkjOPQIBBgUr
+gQQAIgNiAAQhnu7Hna8XNa2KyqRf5+lBJScE4xqf89N0g0OuqAb2re8nGsvWkw26
+uDekfnBYicd+G3Cydqa2zFIwV7Talyg2ULW3r8KbGpyl84mJEPPRmCGJ+H9gtCsf
++OrJ4Y76LVWjYzBhMB8GA1UdIwQYMBaAFBc6EKGrGXzlAE+s0Zgnsphadw7NMA8G
+A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTbhrciFtUL
+oUu33SV7ufEFfaItRzAMBggqhkjOPQQDAwUAA2gAMGUCMG3cXjiDmXTvf7D4Omhf
+qcc2nuO+EMfWE+N9ZhBP5UhV34mAGWi3SfLU6rcV0urWEQIxAMYIb3epOnKhUrcm
+Lfu1WKzFlpYQwmw73RaCHP2I3k6NcuWOYeNwWXSNZ8o0nzvaLg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAb+gAwIBAgIEN6dtvjAMBggqhkjOPQQDAwUAMGMxCzAJBgNVBAYTAkNO
+MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh
+bTEjMCEGA1UEAxMaT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gQ0EwHhcNMjEwMjAy
+MTIyMTA1WhcNNDkxMjMxMTIyMTA1WjBwMQswCQYDVQQGEwJDTjEUMBIGA1UEChML
+T3Blbkhhcm1vbnkxGTAXBgNVBAsTEE9wZW5IYXJtb255IFRlYW0xMDAuBgNVBAMT
+J09wZW5IYXJtb255IEFwcGxpY2F0aW9uIFByb2ZpbGUgUmVsZWFzZTBZMBMGByqG
+SM49AgEGCCqGSM49AwEHA0IABFfPAuu5prLiQXG+FcmSKJqtRjeDDZgfAeitKsSM
+3tzhHk2oN/UD0vHGbgIrVD8fv8igUZEJFsOTNM4DbovGGJqjUjBQMB8GA1UdIwQY
+MBaAFNuGtyIW1QuhS7fdJXu58QV9oi1HMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4E
+FgQUy2Hpvad6TtTPlbOE7AX99l8NAVIwDAYIKoZIzj0EAwMFAANpADBmAjEArI6u
+CYJiea5IJBFC7JBluWgGshKdEHdGPv3sopi34kKPZNxm9eGn9OGNBjZg/qqdAjEA
+oIZqet/+DDpB7CRdTAUhisGmgE8w3ETgiibdUhrAAUOo6SSzozUQeKn+c37l5A+z
+-----END CERTIFICATE-----
diff --git a/autosign/result/rootCA.cer b/autosign/result/rootCA.cer
new file mode 100644
index 00000000..20f68eac
--- /dev/null
+++ b/autosign/result/rootCA.cer
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICRDCCAcmgAwIBAgIED+E4izAMBggqhkjOPQQDAwUAMGgxCzAJBgNVBAYTAkNO
+MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh
+bTEoMCYGA1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTAeFw0y
+MTAyMDIxMjE0MThaFw00OTEyMzExMjE0MThaMGgxCzAJBgNVBAYTAkNOMRQwEgYD
+VQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVhbTEoMCYG
+A1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABE023XmRaw2DnO8NSsb+KG/uY0FtS3u5LQucdr3qWVnRW5ui
+QIL6ttNZBEeLTUeYcJZCpayg9Llf+1SmDA7dY4iP2EcRo4UN3rilovtfFfsmH4ty
+3SApHVFzWUl+NwdH8KNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AQYwHQYDVR0OBBYEFBc6EKGrGXzlAE+s0Zgnsphadw7NMAwGCCqGSM49BAMDBQAD
+ZwAwZAIwd1p3JzHN93eoPped1li0j64npgqNzwy4OrkehYAqNXpcpaEcLZ7UxW8E
+I2lZJ3SbAjAkqySHb12sIwdSFKSN9KCMMEo/eUT5dUXlcKR2nZz0MJdxT5F51qcX
+1CumzkcYhgU=
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/autosign/result/subCA.cer b/autosign/result/subCA.cer
new file mode 100644
index 00000000..6adeca77
--- /dev/null
+++ b/autosign/result/subCA.cer
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICYTCCAeWgAwIBAgIEHmXAPTAMBggqhkjOPQQDAwUAMGgxCzAJBgNVBAYTAkNO
+MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh
+bTEoMCYGA1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTAeFw0y
+MTAyMDIxMjE1MzJaFw00OTEyMzExMjE1MzJaMGMxCzAJBgNVBAYTAkNOMRQwEgYD
+VQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVhbTEjMCEG
+A1UEAxMaT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gQ0EwdjAQBgcqhkjOPQIBBgUr
+gQQAIgNiAAQhnu7Hna8XNa2KyqRf5+lBJScE4xqf89N0g0OuqAb2re8nGsvWkw26
+uDekfnBYicd+G3Cydqa2zFIwV7Talyg2ULW3r8KbGpyl84mJEPPRmCGJ+H9gtCsf
++OrJ4Y76LVWjYzBhMB8GA1UdIwQYMBaAFBc6EKGrGXzlAE+s0Zgnsphadw7NMA8G
+A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTbhrciFtUL
+oUu33SV7ufEFfaItRzAMBggqhkjOPQQDAwUAA2gAMGUCMG3cXjiDmXTvf7D4Omhf
+qcc2nuO+EMfWE+N9ZhBP5UhV34mAGWi3SfLU6rcV0urWEQIxAMYIb3epOnKhUrcm
+Lfu1WKzFlpYQwmw73RaCHP2I3k6NcuWOYeNwWXSNZ8o0nzvaLg==
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/autosign/signHap.config b/autosign/signHap.config
new file mode 100644
index 00000000..5b4693dd
--- /dev/null
+++ b/autosign/signHap.config
@@ -0,0 +1,38 @@
+// Base configuration
+//
+// Location of signtool.jar
+
+config.signtool=../hapsigntool/hap_sign_tool/build/libs/hap-sign-tool.jar
+
+// All products would be put into folder
+config.targetDir=result
+
+// Common configuration, will be overwrite by detail config
+common.keystoreFile=OpenHarmony.p12
+common.keystorePwd=123456
+common.signAlg=SHA256withECDSA
+common.mode=localSign
+
+// You must change this instead of using default
+common.keyPwd=123456
+common.issuerKeyPwd=123456
+
+// keypair of app signature
+app.keypair.keyAlias=oh-app1-key-v1
+app.keypair.keyPwd=123456
+
+// App signature cert
+cert.app.outFile=app1.pem
+
+// Sign profile
+sign.profile.outFile=app1-profile.p7b
+
+// Sign app
+sign.app.inFile=app1-unsigned.hap
+sign.app.outFile=app1-signed.hap
+
+
+// Default config. Do not change it
+sign.app.keyAlias=$app.keypair.keyAlias
+sign.app.appCertFile=$cert.app.outFile
+sign.app.profileFile=$sign.profile.outFile
diff --git a/autosign/start_sign.bat b/autosign/sign_hap.bat
similarity index 95%
rename from autosign/start_sign.bat
rename to autosign/sign_hap.bat
index b8f9bcd5..afca3f3b 100644
--- a/autosign/start_sign.bat
+++ b/autosign/sign_hap.bat
@@ -11,5 +11,5 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 
-python autosign.py sign
+python autosign.py signHap
 pause
\ No newline at end of file
diff --git a/autosign/start_sign.sh b/autosign/sign_hap.sh
similarity index 95%
rename from autosign/start_sign.sh
rename to autosign/sign_hap.sh
index 9a56b7a7..e85de1e3 100644
--- a/autosign/start_sign.sh
+++ b/autosign/sign_hap.sh
@@ -12,4 +12,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-python3 autosign.py sign
\ No newline at end of file
+python3 autosign.py signHap
\ No newline at end of file
-- 
Gitee


From 9150857ab0ba0bf0b9708724aaf192e185bd13e7 Mon Sep 17 00:00:00 2001
From: zhanzeyi <zhanzeyi@huawei.com>
Date: Thu, 10 Feb 2022 19:48:50 +0800
Subject: [PATCH 2/2] update autosign script

Signed-off-by: zhanzeyi <zhanzeyi@huawei.com>
---
 OAT.xml                                       |  16 ++-
 autosign/UnsgnedReleasedProfileTemplate.json  |   1 +
 autosign/autosign.py                          | 104 +++++++++++++++---
 autosign/createAppCertAndProfile.config       |  59 ++++++++++
 autosign/createRootAndSubCert.config          |  56 ++++++++++
 autosign/create_appcert_sign_profile.bat      |  15 +++
 autosign/create_appcert_sign_profile.sh       |  15 +++
 .../{start_create.bat => create_root.bat}     |   2 +-
 autosign/{start_create.sh => create_root.sh}  |   2 +-
 autosign/result/OpenHarmony.p12               | Bin 0 -> 8252 bytes
 autosign/result/OpenHarmonyProfileRelease.pem |  44 ++++++++
 autosign/result/rootCA.cer                    |  15 +++
 autosign/result/subCA.cer                     |  15 +++
 autosign/signHap.config                       |  38 +++++++
 autosign/{start_sign.bat => sign_hap.bat}     |   2 +-
 autosign/{start_sign.sh => sign_hap.sh}       |   2 +-
 16 files changed, 359 insertions(+), 27 deletions(-)
 create mode 100644 autosign/UnsgnedReleasedProfileTemplate.json
 create mode 100644 autosign/createAppCertAndProfile.config
 create mode 100644 autosign/createRootAndSubCert.config
 create mode 100644 autosign/create_appcert_sign_profile.bat
 create mode 100644 autosign/create_appcert_sign_profile.sh
 rename autosign/{start_create.bat => create_root.bat} (94%)
 rename autosign/{start_create.sh => create_root.sh} (93%)
 create mode 100644 autosign/result/OpenHarmony.p12
 create mode 100644 autosign/result/OpenHarmonyProfileRelease.pem
 create mode 100644 autosign/result/rootCA.cer
 create mode 100644 autosign/result/subCA.cer
 create mode 100644 autosign/signHap.config
 rename autosign/{start_sign.bat => sign_hap.bat} (95%)
 rename autosign/{start_sign.sh => sign_hap.sh} (95%)

diff --git a/OAT.xml b/OAT.xml
index 68b9b397..1f1350da 100644
--- a/OAT.xml
+++ b/OAT.xml
@@ -29,20 +29,16 @@
                 <filteritem type="filename" name="README"/>
                 <filteritem type="filename" name="README.md"/>
                 <filteritem type="filename" name="README_zh.md"/>
-                <filteritem type="filename" name="start_create.bat" desc="script file"/>
-                <filteritem type="filename" name="start_create.sh" desc="script file"/>
-                <filteritem type="filename" name="start_sign.bat" desc="script file"/>
-                <filteritem type="filename" name="start_sign.sh" desc="script file"/>
+                <filteritem type="filename" name="*.bat" desc="script file"/>
+                <filteritem type="filename" name="*.sh" desc="script file"/>
             </filefilter>
             <filefilter name="copyrightPolicyFilter" desc="">
                 <filteritem type="filename" name="README.OpenSource"/>
                 <filteritem type="filename" name="README"/>
                 <filteritem type="filename" name="README.md"/>
                 <filteritem type="filename" name="README_zh.md"/>
-                <filteritem type="filename" name="start_create.bat" desc="script file"/>
-                <filteritem type="filename" name="start_create.sh" desc="script file"/>
-                <filteritem type="filename" name="start_sign.bat" desc="script file"/>
-                <filteritem type="filename" name="start_sign.sh" desc="script file"/>
+                <filteritem type="filename" name="*.bat" desc="script file"/>
+                <filteritem type="filename" name="*.sh" desc="script file"/>
             </filefilter>
             <filefilter name="licenseFileNamePolicyFilter" desc="">
             </filefilter>
@@ -50,7 +46,9 @@
             </filefilter>
             <filefilter name="readmeOpenSourcefileNamePolicyFilter" desc="">
             </filefilter>
-            <filefilter name="binaryFileTypePolicyFilter" desc="">
+            <filefilter name="binaryFileTypePolicyFilter" desc="Filters for binary file policies">
+				<filteritem type="filename" name="OpenHarmony.p12" desc="Keystore used in OpenHarmony app sign"/>
+                <filteritem type="filename" name="OpenHarmonyProfileRelease.pem" desc="OpenHarmony profile sign certificates"/>
             </filefilter>
         </filefilterlist>
         <licensematcherlist>
diff --git a/autosign/UnsgnedReleasedProfileTemplate.json b/autosign/UnsgnedReleasedProfileTemplate.json
new file mode 100644
index 00000000..71c39a35
--- /dev/null
+++ b/autosign/UnsgnedReleasedProfileTemplate.json
@@ -0,0 +1 @@
+{"version-name": "1.0.0", "version-code": 1, "app-distribution-type": "os_integration", "uuid": "5027b99e-5f9e-465d-9508-a9e0134ffe18", "validity": {"not-before": 1594865258, "not-after": 1689473258}, "type": "release", "bundle-info": {"developer-id": "OpenHarmony", "distribution-certificate": "-----BEGIN CERTIFICATE-----\nMIICSTCCAc+gAwIBAgIFAJV7uNUwCgYIKoZIzj0EAwIwYzELMAkGA1UEBhMCQ04x\nFDASBgNVBAoMC09wZW5IYXJtb255MRkwFwYDVQQLDBBPcGVuSGFybW9ueSBUZWFt\nMSMwIQYDVQQDDBpPcGVuSGFybW9ueSBBcHBsaWNhdGlvbiBDQTAeFw0yMjAxMjkw\nNTU0MTRaFw0yMzAxMjkwNTU0MTRaMGgxCzAJBgNVBAYTAkNOMRQwEgYDVQQKDAtP\ncGVuSGFybW9ueTEZMBcGA1UECwwQT3Blbkhhcm1vbnkgVGVhbTEoMCYGA1UEAwwf\nT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUmVsZWFzZTBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABAW8pFu7tHGUuWtddD5wvazc1qN8ts9UPZH4pecbb/bSFWKh7X7R\n/eTVaRrCTSSdovI1dhoV5GjuFsKW+jT2TwSjazBpMB0GA1UdDgQWBBScyywAaAMj\nI7HcuIS42lvZx0Lj+zAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUE\nDDAKBggrBgEFBQcDAzAYBgwrBgEEAY9bAoJ4AQMECDAGAgEBCgEAMAoGCCqGSM49\nBAMCA2gAMGUCMFfNidGo6uK6KGT9zT1T5bY1NCHTH3P3muy5X1xudOgxWoOqIbnk\ntmQYB78dxWEHLQIxANfApAlXAD/0hnyNC8RDzfLOPEeay6jU9FXJj3AoR90rwZpR\noN9sYD6Oks4VGRw6yQ==\n-----END CERTIFICATE-----\n", "bundle-name": "com.OpenHarmony.app.test", "app-feature": "hos_system_app"}, "permissions": {"restricted-permissions": []}, "issuer": "pki_internal"}
\ No newline at end of file
diff --git a/autosign/autosign.py b/autosign/autosign.py
index 28eb08ec..d4f3a9b2 100644
--- a/autosign/autosign.py
+++ b/autosign/autosign.py
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##############################################
-
+import json
 import os
 import re
 import sys
@@ -64,8 +64,8 @@ def print_help():
               "    signtool.jar : Main progress jar file\n" \
               "\n" \
               "Example: \n" \
-              "    python autosign.py generate \n" \
-              "    python autosign.py sign" \
+              "    python autosign.py createAppCertAndProfile \n" \
+              "    python autosign.py signHap" \
               "\n"
     print(content)
 
@@ -152,6 +152,13 @@ def do_sign(jar):
     run_with_engine(sign_engine_config, jar)
 
 
+def do_sign_hap(jar):
+    sign_hap_engine_config = {
+        'sign.app': 'sign-app'
+    }
+    run_with_engine(sign_hap_engine_config, jar)
+
+
 def do_generate(jar):
     cert_engine_config = {
         'app.keypair': 'generate-keypair',
@@ -166,6 +173,32 @@ def do_generate(jar):
     run_with_engine(cert_engine_config, jar)
 
 
+def do_generate_root_cert(jar):
+    root_engine_config = {
+        'profile.keypair': 'generate-keypair',
+        'root-ca': 'generate-ca',
+        'sub-ca.app': 'generate-ca',
+        'sub-ca.profile': 'generate-ca',
+        'cert.profile': 'generate-profile-cert',
+    }
+    run_with_engine(root_engine_config, jar)
+
+
+def do_generate_app_cert(jar):
+    app_cert_engine_config = {
+        'app.keypair': 'generate-keypair',
+        'cert.app': 'generate-app-cert',
+    }
+    run_with_engine(app_cert_engine_config, jar)
+
+
+def do_sign_profile(jar):
+    app_cert_engine_config = {
+        'sign.profile': 'sign-profile',
+    }
+    run_with_engine(app_cert_engine_config, jar)
+
+
 def convert_to_map(line, temp_map):
     line = line.strip('\n')
     strs = line.split('=', 1)
@@ -177,8 +210,8 @@ def convert_to_map(line, temp_map):
             temp_map[strs[0]] = strs[1]
 
 
-def load_config():
-    config_file = 'autosign.config'
+def load_config(config):
+    config_file = config
     temp_map = {}
     with open(config_file, 'r', encoding='utf-8') as f:
         for line in f.readlines():
@@ -199,22 +232,65 @@ def process_cmd():
         exit(0)
 
     action = args[1]
-    if action not in ['generate', 'sign']:
+    if action not in ['createRootAndSubCert', 'createAppCertAndProfile', 'signHap']:
         print("Not support cmd")
         print_help()
         exit(1)
     return action
 
 
-if __name__ == '__main__':
-    act = process_cmd()
-    load_config()
-    jar_file = global_config.get('config', {}).get('signtool')
+def process_jar():
+    read_jar_file = global_config.get('config', {}).get('signtool')
     if not os.path.exists(jar_file):
         print("Jar file '{}' not found".format(jar_file))
         exit(1)
+    return read_jar_file
+
+
+
+def replace_cert_in_profile():
+    profile_file = global_config.get('sign.profile', {}).get('inFile')
+    app_cert_file = global_config.get('cert.app', {}).get('outFile')
+    tar_dir = global_config.get('config', {}).get('targetDir')
+    app_cert_file = os.path.join(tar_dir, app_cert_file)
+    if not os.path.exists(profile_file):
+        print("profile file '{}' not found".format(jar_file))
+        exit(1)
+    if not os.path.exists(app_cert_file):
+        print("app cert file '{}' not found".format(jar_file))
+        exit(1)
+
+    app_cert = ''
+    # read app cert
+    with open(app_cert_file, 'r', encoding='utf-8') as f:
+        app_cert_temp = f.read()
+        app_cert = app_cert_temp.split("-----END CERTIFICATE-----")[0] + "-----END CERTIFICATE-----\n"
+
+    profile = {}
+    # read profile
+    with open(profile_file, 'r', encoding='utf-8') as f:
+        profile = json.load(f)
+
+    profile["bundle-info"]["distribution-certificate"] = app_cert
 
-    if act == 'generate':
-        do_generate(jar_file)
-    elif act == 'sign':
-        do_sign(jar_file)
+    # save profile
+    with open(profile_file, 'w', encoding='utf-8') as profile_write:
+        json.dump(profile, profile_write)
+
+
+if __name__ == '__main__':
+    act = process_cmd()
+    if act == 'createRootAndSubCert':
+        load_config('createRootAndSubCert.config')
+        jar_file = process_jar()
+        do_generate_root_cert(jar_file)
+    elif act == 'createAppCertAndProfile':
+        load_config('createAppCertAndProfile.config')
+        jar_file = process_jar()
+        do_generate_app_cert(jar_file)
+        replace_cert_in_profile()
+        do_sign_profile(jar_file)
+    elif act == 'signHap':
+        load_config('signHap.config')
+        jar_file = process_jar()
+        do_sign_hap(jar_file)
diff --git a/autosign/createAppCertAndProfile.config b/autosign/createAppCertAndProfile.config
new file mode 100644
index 00000000..269804da
--- /dev/null
+++ b/autosign/createAppCertAndProfile.config
@@ -0,0 +1,59 @@
+// Base configuration
+//
+// Location of signtool.jar
+
+config.signtool=../hapsigntool/hap_sign_tool/build/libs/hap-sign-tool.jar
+
+// All products would be put into folder
+config.targetDir=result
+
+// Common configuration, will be overwrite by detail config
+common.keystoreFile=OpenHarmony.p12
+common.keystorePwd=123456
+common.keyAlg=ECC
+common.keySize=NIST-P-256
+common.signAlg=SHA256withECDSA
+common.validity=365
+common.outForm=certChain
+common.mode=localSign
+
+// You must change this instead of using default
+common.keyPwd=123456
+common.issuerKeyPwd=123456
+
+// keypair of app signature
+app.keypair.keyAlias=oh-app1-key-v1
+app.keypair.keyPwd=123456
+
+// keypair of profile signature
+profile.keypair.keyAlias=openharmony application profile release
+profile.keypair.keyPwd=123456
+
+// Root CA
+root-ca.outFile=rootCA.cer
+
+// Sub APP CA
+sub-ca.app.keyAlias=openharmony application ca
+sub-ca.app.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Team,CN= OpenHarmony Application CA
+sub-ca.app.outFile=subCA.cer
+
+// App signature cert
+cert.app.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Team,CN=OpenHarmony Application Release
+cert.app.outFile=app1.pem
+
+// Profile signature cert
+cert.profile.outFile=OpenHarmonyProfileRelease.pem
+
+// Sign profile
+sign.profile.inFile=UnsgnedReleasedProfileTemplate.json
+sign.profile.outFile=app1-profile.p7b
+
+// Default config. Do not change it
+cert.app.keyAlias=$app.keypair.keyAlias
+cert.app.issuer=$sub-ca.app.subject
+cert.app.issuerKeyAlias=$sub-ca.app.keyAlias
+cert.app.rootCaCertFile=$root-ca.outFile
+cert.app.subCaCertFile=$sub-ca.app.outFile
+
+sign.profile.keyAlias=$profile.keypair.keyAlias
+sign.profile.profileCertFile=$cert.profile.outFile
diff --git a/autosign/createRootAndSubCert.config b/autosign/createRootAndSubCert.config
new file mode 100644
index 00000000..841d3ef7
--- /dev/null
+++ b/autosign/createRootAndSubCert.config
@@ -0,0 +1,56 @@
+// Base configuration
+//
+// Location of signtool.jar
+
+config.signtool=../hapsigntool/hap_sign_tool/build/libs/hap-sign-tool.jar
+
+// All products would be put into folder
+config.targetDir=result
+
+// Common configuration, will be overwrite by detail config
+common.keystoreFile=ohtest.jks
+common.keystorePwd=123456
+common.keyAlg=ECC
+common.keySize=NIST-P-256
+common.signAlg=SHA256withECDSA
+common.validity=365
+common.outForm=certChain
+
+// You must change this instead of using default
+common.keyPwd=123456
+common.issuerKeyPwd=123456
+
+// keypair of profile signature
+profile.keypair.keyAlias=oh-profile-key-v1
+profile.keypair.keyPwd=123456
+
+// Root CA
+root-ca.keyAlias=oh-root-ca-key-v1
+root-ca.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN=Root CA
+root-ca.outFile=root-ca1.cer
+
+// Sub APP CA
+sub-ca.app.keyAlias=oh-app-sign-srv-ca-key-v1
+sub-ca.app.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN= Application Signature Service CA
+sub-ca.app.outFile=app-sign-srv-ca1.cer
+
+// Sub Profile CA
+sub-ca.profile.keyAlias=oh-profile-sign-srv-ca-key-v1
+sub-ca.profile.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN= Profile Signature Service CA
+sub-ca.profile.outFile=profile-sign-srv-ca1.cer
+
+// Profile signature cert
+cert.profile.subject=C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN=Profile1 Release
+cert.profile.outFile=profile1.pem
+
+// Default config. Do not change it
+sub-ca.app.issuer=$root-ca.subject
+sub-ca.app.issuerKeyAlias=$root-ca.keyAlias
+sub-ca.profile.issuer=$root-ca.subject
+sub-ca.profile.issuerKeyAlias=$root-ca.keyAlias
+
+cert.profile.keyAlias=$profile.keypair.keyAlias
+cert.profile.issuer=$sub-ca.profile.subject
+cert.profile.issuerKeyAlias=$sub-ca.profile.keyAlias
+cert.profile.rootCaCertFile=$root-ca.outFile
+cert.profile.subCaCertFile=$sub-ca.profile.outFile
diff --git a/autosign/create_appcert_sign_profile.bat b/autosign/create_appcert_sign_profile.bat
new file mode 100644
index 00000000..0cb6e4af
--- /dev/null
+++ b/autosign/create_appcert_sign_profile.bat
@@ -0,0 +1,15 @@
+@rem Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem     http://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+
+python autosign.py createAppCertAndProfile
+pause
\ No newline at end of file
diff --git a/autosign/create_appcert_sign_profile.sh b/autosign/create_appcert_sign_profile.sh
new file mode 100644
index 00000000..dc19361c
--- /dev/null
+++ b/autosign/create_appcert_sign_profile.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+# Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+python3 autosign.py createAppCertAndProfile
\ No newline at end of file
diff --git a/autosign/start_create.bat b/autosign/create_root.bat
similarity index 94%
rename from autosign/start_create.bat
rename to autosign/create_root.bat
index d43c1faf..9d21ab90 100644
--- a/autosign/start_create.bat
+++ b/autosign/create_root.bat
@@ -11,5 +11,5 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 
-python autosign.py generate
+python autosign.py createRootAndSubCert
 pause
\ No newline at end of file
diff --git a/autosign/start_create.sh b/autosign/create_root.sh
similarity index 93%
rename from autosign/start_create.sh
rename to autosign/create_root.sh
index abe4940c..ce2f1343 100644
--- a/autosign/start_create.sh
+++ b/autosign/create_root.sh
@@ -12,4 +12,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-python3 autosign.py generate
\ No newline at end of file
+python3 autosign.py createRootAndSubCert
\ No newline at end of file
diff --git a/autosign/result/OpenHarmony.p12 b/autosign/result/OpenHarmony.p12
new file mode 100644
index 0000000000000000000000000000000000000000..60f9bb48e677960e9dd7257e9f55c80915417ecf
GIT binary patch
literal 8252
zcmb`IbyOT(y6zijAV?rM1cJLZ?ykWlKm);o)4?UUI|OLl-QA%HPLSYEAh^2+4RDz6
z&OI};?mcJCS@*8`qpF@=dsjWb{XTDj0?7H`;SfLpWamgIj3II%H?QH4;c^1VHh=+S
zD=+dQC;&<1Uxtv_fB{HMFESm-{}u`D?~~9`;ox(=fLuTfNT~l?dRdnki2HQ!wGS)A
z1!wvr>9+Kjt9Zg2w7??(dR2jP9KB{2vZVV7fhAxho!;2-9e%>)M5!MSry+xXS~yhO
z1V<hoICkFnVi!Zl$x{_ktvC$JV#Q6cb+@E&=xxh`^bnR-I2;CFv)h9d{_`7AaM?vj
zg#dN{dw?0h7GMc51~>w2UhZuH?f`Ot)611Pz!~u6FWu}f#R_2YGHU#yy1YDV2BP@K
zVtDMhK<p1zHfH4PJRlApE*=g}P7XeHPyihIzk2r%1NjI4pYDT1zYQDcN(m)N9^#zn
z?D(#mY<~M+?!m>2a(Zy=$)cv5;W|a$rorB<S#DDT%iaqiJ9I_b^PoZS-o(!``Gt)q
zN~NE6-+LjV&Q(p?bJnW*=e<stmn$>R-nib<LW~gFp4IMKfH1=8tHf?LnjCgVkkUU4
z;IfO6iu{)}j9)0(13m++049I=xB80{`3nWRm&5sm&WrwE@nGlR;Nb&t^Re^uzVLwm
zw|GQXdD`elPDb2lYlI4z_lXfAlb8OT2QqdmDd%{Kb=r?zuQ-}3!YYVei%OwPU{dBx
zw})8tfuzb1^kCG;lZPAafpr?NLTCQ5X1wL(!S7jw+xj}c^OPZnFAeZHSj-s{vL0&L
zUM7OH7<<jm#cm0b{AV6Kq+I`F9{(K$PF^k!US4h<UJ%It{$C;dUju<-CGxS6T3)Nu
zOm2eZt`qtCJ2v$1f#9AVs<mcOkzF#x5B~D2G0BwZ9qtojZw}lh1Sf1hP&VVwI38MS
zpB?){@Hn0=s@Q@3l_%q)$JO{@2TyV*{+a2cOD(1!#n}I!5-@uy46~QAaQd$!@mC3O
za)UT|{}u_ff5UxOfN_~ZulvF3^;5+{r0$10r#6<qyNBM<dsi3<$=jW~6WuyPNvwcJ
zx`SV6ys=<$J0)}tb}n+;@QGMPqd7vE&G|4?ewAwl&-kkT^iY=iJgF?M2X+OAnaa3B
zCU*Y-kp4gKxGJgg|9Hpk|H^>*OEUfj;ctofcX4q2tswq}1L@zuu{pr{v|5j*#utow
zlY}$2-QVYQ@pl|1yF(>rr`ju@0Z+O*kX|ot)jhX;iUfdUJ1OGcfl)T;okR&P#j?bs
zVh<9J7hCswm%CiU$N_;9a>Z#}Smv$W#?t5<tUI3F2c+}QG!#kY|DS1?zR>ve(k(6i
z+up#%%g)Zu1qvWa_|NwvBjp4T1;0rC@Nj^algB?s;Qpn1BK_^(aciN{B*Ds$Vib!%
zA;y{Fm=Nqg`4=6(03tC1{ByKpE@KZpGeMa*Cm4Yy1o({3=cEF@gkF%eUPosX{@NiF
zcBAY8LKU2t1Ppubiv)<*`jmZV^;&Z=E^flgsovV{dAOI>)QT2)`@4pMfnWYTc=gtZ
zr|Xc1Pq!prZ{mQ!OG^|jtxYaC=Hd?tMeP{Waq=f~7~=F`$Z%GH%=%n4k;F})4t&4n
zNV`pmDZ61LL*{Ij5e1621o=u<3wQ*<6{~`34~1zsk&_`iax={dv}>~G?fS7NiOU+j
zZ-}s%l9;`u1*b?LbI`2l<D<bCsxe9k^pV2?G!lF3a_|G5id0C&<1QHwIDyKpeN5(V
zgWKPllGy@D&O~q%X^ebd;>OkaoAv35M=n6|+gaDE_5uWtZ53PtHmWeHgQGJD=Dd_2
zaO^l$sp)4?pW#&qsM2fAA%EP{YPq=((9&!?Jl)MD&)Jrqu$w9PNHH!q@Eoa@kMZEu
z*-J|mY<5gw_|t1VfJlKCXy=0&`Eyklx6e|bO$efYjIt<zq=1ChQm3~1{f-ufE4oAb
zY^=As5f&h0IGgg8w`*&`Vk(Cl+k>wF7Jwbw1iqGFO)>d}d4F~8FJwclY8ZA7``Vd-
zrX;2K#ezgF?zq<tBa*UHab#-k1gT=8<blD}gyTcPqPB8Q+8WlOHU3m9DY`;iakh$Y
zLc9G_oL}@U)=b%(_{SNKbsyW)`}Ia0AHm|58#RCL)5%#RSN~?cb=+6o5j!=v`xGRE
z=9GQEKYP;(!Gsq>7Vk*l7Nv-oqV_nytaY%Boglf1m*&3OFwO}no9B@^{D7I{7bA)M
z9EFx6sW7efOOvF+R%u(5in!c&by?I*#nqD0gdh<5u8QoNFN~i!<&Mkcyq@bb8iVqm
zy%~`l68E`!3zfEF>xLj!+KJ2!Wteg$Rcm0snvXaIOp$?lo~`}|*D^<fha_czx>Dh_
z(`%+t5IXIzZ~XHb$Y9~Z+3SK#w?Gvw^jQaAL{+1(bLh_&!(9w4Kz<Zc_F=U6a+rc!
z7(!9{ak#i{yB<9@WXAuhtr7W@kyMS&g~UurSk^hETos4PafgZpgA-Wj9D^mQE^Rsp
z62eHoC_FA}Uift3V$o-(;3+;icY1`yH*XNELpA>V`qwhD^&7_EZI|o!G55AJRCS}Q
zWY!eTQ6Kzsep*)UUBBkhL_$xc4l~<oFkt?oEOMCm%}G6p={(@rf}MvVJs~@-t@zvG
zQzddfvuiVgK+(>_kZxTT)n&yhF|LLtIq~Gq4v#~ak&cdKT-lRnwOn1wTxNJk$m|lt
zZjv!pU9jV)vKOB)Lx9yoaiE69c#B?bwBUSTJKs{B$r>v_SYoJJj6w1Vr*d@Hb}rS7
z|L$l`=rW7M_c8cHChc%j@4^=`@rtd8d~q;rJ%5ObJ}@7&`c)$3-q;g?uVH)#&g^=C
z;F;roBuZ;!ZU~i3T)$;M>xrylaKy4LKtg<*aJB!3BT(>WKlHwxcKkTa+f?U()SzuN
z1?<Pxh|>(hONkPYaWa--%YV~y9j>Ltuow3*vAjP8u)+h8c21}r8hO}~v`Q0gZ+hm_
z7~E;VFc;;V6f^$BU}w6?Z^*{AKqQaSOY8>h8Bv%^lNVoi^I?i?n+}EL+(6gH*)ij_
zRp~1A;uBNqrD`Uds>0-+LhZ4r&&ktvy-Q%Htm&))k4+ZE$$tLnBbs^Rr}`mfpXic9
z(=+lqF$OnX(T2{LDzMYkrBTxlF@G|nH+UOUsHrSZ%{fk+eb?rdr=4XF!egT>pqavy
z#Tu;`4A{^XOGBGqI?{;s0HQE#LAZ)!MC(g$NJ|pd2&4Y+Vz-oKf<p6}YrxD~7_O<(
zjN5*SpC3{Cigj{+)$?90i;qE+qkk5n5WbD}+TFiA33tLMl*CbjeXlf-C8?g0HFdYj
z-JtQ|z?39!aE#;xz9kuhyrt-e4ft>DGcl)#a&T|;uVCuc0fWt-6FO7ZKL7a`*m9CB
zCo%Avq!fcFGj7mu+P?nNAnA(kvAvqG^}%$CMzd{)mty~%S{t!`d0u2^TEd4cHt@D^
z;rm^xD3-E{aE>i$>#aWUc2ReL6NA02Qjgm#&zd&0i%wKr<<dTL9Ch!oKvTSkkPN59
z14d1RqdeTq!?I#rXH@N-E55V0QZngSX&}aQlI1V(g|b8BG(yCrZMFwv_HHek0hp#K
zgSJVKyq;-%mqWc*Xs)9#D(9==*{9>1a7kpUKuwk)ah@SeLSA*`we95si@Z#jxan$o
z1m{2oeC<a%_ZOz<@Za#W<%*aKs74**^m?%@`M<)5+x~R8w?h4aKC8gfHIcKpOiyG6
zf6Dwgh&;SD2|K~AP1i1{7i9FuLb%m^`e>D>zUHe4>fC;ny^<$7jfl`r#)KL<$u1hR
zlGyAXCATnOS-N3(SUs;VUc+5;u{uz2{dn~UlMs`7#I&-Ol8bEA%G^5aNt(>c>B#AH
zRzN6iHlm3JU2qpyx2U5^taRy&znVMPkn`dDTf&B0wMThte<G0<*WYrC?Wkk)@$cnk
za+1?;Y?Y<Wl+GLIIisOdm}!!*Uk6Q~JiSNa$O|S56ULN_$U$(DNGQ}B+uejK#brN)
z%dZ8O8T%~dl-q|Ci%v_#4!Oha+ciZB0$eVvK71))V(%gpZ6{UQRpuR0Y`{>#w)QST
zO|1lV>-RIHzCSE#;3+Juwyt{pLqZTaQZ_E)2#8iK-htQ61HUbd%4ritd<qx4(?)4_
ze;PD3?znQpfva4FgTbsdF`B8^bHeL^*Z^BIA8`L&%jG7&b!=}byKM>7XK$_9dJXUW
zG-E8#aQ#OM#W$ZnqEvnMao;~Xc^xv+S=djg4A5v-<?e;d%08X3Kg0nW^FK|o9^uuF
zYZW7zf&7+g{OgIvl{M~sG@Y}j$_BMeFhu3qj{TA>HsYSc5r-|oIW#QGKk#=qlpOgr
z?~P}R2U0TjY!(nqZ@`f$@eUNk*Hak+W)mhmejvSBN@2EbnS=+N_*46<Lh9)uDmOzY
zKicP~Y%3;o2fpI`+WiBY_XK`4MN+|Q=;E@SJ50T%2GH;Tj-X)oVHGkD_bE;b=kEE~
zlyEy_^!NLBvRk6Xb$L#C&~(=_L<K7{yy$YR+MKwsB%-@^ApadDp>7kt>LxZNxoe<&
zo~VuPDsS^6#;VownToR_9?R-o(Hi1x@U?hw@!jrf&-{QXDOBfLEBn4F&D-eaJ#nuh
z0=d*GbFbJ8TM|8CF@hk0wc7G}Q8c5__QONI)usz!{$&owDC?3&Z=fgC^n0JJuK|)w
z)T_RQ!tn5tpg<YzgCAPcx7J=XDOsiip42;|ekohzpakK@KhJeT%CmS^5uZ+Hw0&M#
zS1z<;q9bD&CrOaC>wN@xa_eKY9p}4J?S=xs>EHL`qkV%$9+AFRcUB&0`x;8Yi={gz
z`M}@Ykzca3MJ$H{#>=sF+_H5RS(DHy>%L#BN2T<vW1kE=y6k>b*S6Dy_AVtKOqLBb
z=CM0Un?Bm=-q6*9%9J);V%)!;aBU^)ZQ8b_#--pCpFS}o(to7S2H;`7xxO{h-!U6N
zuSe`TFp_?)hwxm0SfI~MlWy;oMMq&{PxIJKC~i?~JBLi-^F~UdBSEHB*3nw+s#F(o
zd+<k#Sf3ISV^0gLod|jVk3iFDxKEb|4^_b1s=Z&+Qh4R4r$X;ozDw)y#$zqQ!!;It
zZZ!vZ3KUe;UXkcxa}GMG*Km@az|zM>t(fkyf|1~ZuVy8_XU2v!9&(!n#gL(pHf!=^
zjXHyCAL2}97s%cayNkDbOhTqZvx>zh#sBP%J-NvFnun)gpO~d|JI<7BVAO7Ubz7?J
z-h7ZVIKQxaYv|{J{hI-yum^t{ny<@8=<oEp7_IwG(PH$btU1P{SxR$-r`+WAkW6%F
zxob%^w>Br=4gE;kbn&XvzMO=n45x>~0s8&cJ@DP^048L2${AgloPjC_+%)*5IgoHH
zI)O0xmNhX@$s4}23ePK<Ms3K5n4sp`Qums1wz@Z+e~F<5T<k(>z2~C7HPF6BV?Z{{
z6<3_TrHd8AU`U0Mt{A>@HndK&D?_Ar^DGl>G%3psKP+KC;!lKDCPF}ft`DEQuF6_o
zU+1LieDN6@6F@pHMIr77R{A}MH9KFe?Rgx=z#XBkz%wLcCH`3ua9{42oT2dHqIJ40
zDh(z=VA^7DFxu3xJ}savi|Ae5M}!w*3sZzoWac(Otl{Yq-lbLcEf&jT5D^)wVzBB%
zUEm$op|1S+91G>)TSP$h(>3EFxGU0Nq|Fr|mJD;pcenP}5z$G+?!w$QRz|$|2F!{W
zn8w4V2b-$RcSJA3I*!bnD9|XOc3sjXD(W(MZVBVpxyN0iWv(PNXKdBCxMcTg^fVeW
zLb_j9=EpS(9^>;dM|O~KiOjngrKM92frXHVu$k#^z*3`j$&|3%anrgUq|GIGHd>n5
zxTN^@oj`2xkI(jH$JKB1LyM!rY6l)aN^S(4u7s^l>nNsaYDL^5w3=TuKV|hi*hZ6#
z$otp}(oGwfWbt8c<lYoBxm7~-v>}2SqUU%Rr{(4sX)GrROdq*;<0P6!ZGkOP-Jd)1
z4ibjiOZyo^nI4FlDFzV5X~o`~49jk=TC)40v^uNW{lcRR`ljemnfh@V-bnKM*Bl<?
zCT-B4jZYQzaw^3T!v%iCsf)Kp<KQUv@kNdyv;rOrpRlv2rZYB59leaQN8?L*RKs+d
zZ4xib2#m`^TCFpb%jVPYZF~_FLHIQ~bo~&gs>$jJG)~Y}NnW0TOcC{1?k0!#%_m1W
z;$wj5toq|!=UPQL+fY2@6|&xK_5Ew-W^{4?w?S)7Y{rw1<GwUOwJ5@+gJ$m}HB&No
zCHi{s3e>T;NXaY8M%lja!<9PH(>!Wm;pIp~?*scE>@uo!ydNJi?;4^$X<`-eUW~c>
zn)z!a!oeu)Dx;9akXYHDj354#QQ(Q%izxjZi#Ad^#HlL8i;7&e5@Vny7J0onpV$}h
zY~s}8a?{Wqkx#>1?azzoSgzjo2?gNO#>oE3DZF=NFy4}Arev=RHMZRpD1x!ZvRwhx
z;10+}5I3VSfyVY&h@sLaI7msKf!~niFAk?I4GFw&q)exUnv2CXWC@n(xz$u<1|!Zi
zPLA6!9W(P??hfA9mRNh!4j0@P5#iH=ezYZ(7>g~65588<%cP~3HseXi4G;}tL-irD
z)YtIl7~DJNK&1Qw18V9l6T)SD@J_>W<vn>{dN*6gKkqVSgY9w<rvj-rxNmJzyComR
zZ_{DcTG{n~1AP+j%r@i;`yKzZ29=I0-dgEg-DK?8)f!1BzsQq&zuk|@m1@AnE}I?A
z4U!e!4DKFlN&AxWO>eZzqIQukKs~wd5HUW2YM<)kkvAxfdkLFBQZ;k>*Le?qGCOrG
zG~5CqtB&H`vTo>+B+FLZ)*@B@83DJ%9BT&lg<T$t1sdVfbkfutGKNl1?4@0)0R9uX
zj~uZ2&B#(`5rSH&T?gLxY0wOF<#eTnA%BOc;E9fpVBe0?ZYprhD5uL*?HGQAN9lx6
z7P$OjLznl`LFi^lAmnsI7-GIdxSw`(VTah7kNBH+TgP`vA-l3Vs<STpOzk=fEs$+>
z{rd$aC?sQt_Y&SU$Xb5l$pnjg=s;p8_R)Otk_EjN91SHA9acJi+DV#^QCyRKx6qiO
zKf+<qk?S053!|MW)f*Eubhg$GS|)nNj;7n>M+#GF34QB@BWn|@g(mIxH3LD`CqVrX
z7IA|0CDVeMnwt|E*|2Z+&Wi`Q5TE?o%v|8IR;^@xs^o-Nk$M;T4h?AVWeFj6Q2ZU!
zLP2vQ)*IAqe+7jv+K-<&ljy%S((2|wB==+Q@V3{V=VP@~Nh-%Jz=L@ji|*DJa&A;B
z$=PiESoMbfiixwbc2yo^Img^ZQe%wbTV8MpZBfsT0c_j(spf(nI%Nia1^7Q4o6^vg
z2s7XSgY2-)hhoP<VNd(VO`*C;gHY>_?zvp(r}jZlI+kkLD^F>dg5jw8BV-@Iu|LqK
zD`tSuT-~jRRX#xByd@532rpUYU0?dj@7vE5PnwivU59c9lAM*UXF(_Z$O6n^gSj2m
zreZU~^`YV*e6`dw4~m#>{ndERP|S1`>~*Puq7jH{Qowr}p~Pm0hT#diET<ip0Dhux
z^N1$?>IXx{MR3o;l*n!}@3W^gVfejVCnsZ3`2^7Kk>iiq*770r_*%AoJn>{XIWoxR
zd*bYtHLb;raDI&<B+!1)EE98mi#F|$iA)rt70>rfbQ)XvCA(C!N98NNKbkzS@hWy)
zYqM*(o{wOlZZiFe7Necm=Yw(q7y_~fVlT#rKh+DJqR9VpfD(q#N;rNVY|T?P9uf`k
zuex<WEblpGNUhdY?Pb)EMvL0;&Wy1h6jkTJ90*(?e}YqaZd?)T*Ds)+>_u1DZ+u$n
z0@t+q)Q36<BVUY=fsAuVT_3}vihExd;4GH8eh@4@O_e$>Ftlu|Kyxp_XBg9?MER<J
zZV7d%zfDxE&+Evv_9$Kp`%#(7J>5%t2$$Zdf3+0-+j=ZUPFV7*4PVqz9e<w3hiY^}
z&I2#d(*>g8-9G6rS!p9Bu>Qat&(94zCLY_#;%qL#!S5_9_w7Cc+WRRu?LR2Ezx(G@
zy89VDSNcqGYrPw64>Z-Kd7`{PiQzWGsCG+@G&kC#HaUu($ATaTR-cbnxjG>m?vqRA
zcL!xf8Eup1SSSs8e5710#rM`Snc0ct^oe`rWS>{>XSu(?ZjT5jMFi{P<-_ZI<%MwD
zH{&~V%xCxK!sa$ISg3b*8;;r)?=x8eoL27gcFQrV;cZ3GMN1tl2du8}E4qVW#3E!@
z;}zUj!@v!^g^O#HtjF)=rX`dEmA2frP+2}2^kcp&{2!n>nuqfvs>D!MA4HU8txNU+
zY6y_{?GlUSMqOb~^Au*J#4Zn=slpp6tTsIG&ouV22T!@@9V9Mje(&`!!w+L&5lz4t
zy%w)kW9eVlyDof%S9tURd}xW{W{j0m7EZ!ghvjI+EiJuK78CP8mm}~iwR;murgUc`
zu|GEt`gX5uEP!|O$Z>QvWZ(KL_Lt;4%vDMyJ4t!N8a_t26mPp~AbmQpq=P<Bcc6S)
z@Jjk^WX*E%rEJoVDQF(HJvWBi^vV>>43$0{^2rYxQIa`%YCb3Ev+=w2>h>f}aYh~l
zvzjlR9T6QjJwz<X+IeoLzn0Hj@i7X#OPvY+L`pEW=ZUV6ZgNg5Ec!K3cZO-HBnA!*
zCh}#F`UX*t(FT>8;s~tJRI?lycETL~Rd1!XT@n%3J2lD7#^kL*;L6fQfNnlUP9-e^
z!8TtV%)*0Ek2{#{7Xy&{&XtFS&PzJ?qV1E<>IC`r`=%OuGo!H-MPxND%pb}fDYUkH
zvm-`6N?LiQOGwU0F<+5iEq<K&one8r#N__|>w>D57*4?)kecHUnxCcjPMjcRmh)%$
zS2v6Y@1tD1Fktn4iwm1;fF;9`O9)lq%IG5c<t)qY<XMwZT1}~8t^ZA#qi^`t5P+ny
zA=2-3(xL2jP?JuT4&01+lihlh+E7eS8X(Y5EL2YJBqWF#IohNcY!F=pz2E;x0^Vy!
zLx#FBqgLo@EuCdj*4N;~{wCJ_OkLH~w4ji82CI^4HJw%!uQp>qFC-<}3yN^;ahjw0
znXcKqf><4aJ(Be8Qxmw>4-<~B6FAc+l@uB}uK=cGaTe#&^0q8Rbfus^r<@VRT||Xx
z3?lIJblqWlkP;d!+9S+t5Yn?I(2^Z>MJXDv(Jl!Q4iAep6mmhZepM;$o25=S6n%ja
z9VzV$o+Z}`KCKWVs;D$an#|FxNR42;9<&Op5bwycQ_eOCS=I{rcrb9n@%Eb|<j<EP
z3qgJDwY-K+U5pW$Hz<?owk%vXH1u%j*~KD>X)Wa%31>R1KW+JN5Zw=qZwz?eA%S2u
z8T1(L9dp)iQpu_$ysr7CH#|3X4ETFvsp1D~>aSPQQtqy8BJ#&|qx7MHnTh2@xq_6?
z#?a_}sU+eF>Jc?Ut!*>`P%f*P!#YITkMMH@*J`Bh+9Y5n%%VvshkrAqepd*^Ld&=d
znKM#M4{U^C|NG#)G+<fdi>6N+JjvPoPDJSIZXxgJ1o7Nq>(Q7oIZ21X`@ra!l+f?n
z2Af)v)0#!ULzqq8h4E`7d=1QZA}z{zFG_Y-`CU>*BshQEcg))SanBBqLiaP)I;Y9`
zdbh)j!E~}n;sOhGsSv}D*B64QKOJ34zMKx;5rmzw!13fXR<i8urcN`V$nb1WF}kY4
zOT432+S_{dwYT@Z>!@+Dv`ZKbcKd>#y0;T1|C?!FG%lgwTq6P2fapkc)9wy2L=n)N
zDyjpX)~iKA4@*qw7*Y_?O@**r`#XXAI$et$0xY3poQ<;b3<loHL9W`M_llBLk}a~M
z0z<}1wi)2^<^r1#@JQ($AwTi)>8$t)W60E5+t)j;ReSBlwx88y*nhmEAwrHiICuy#
zSJl||tUW$fEl+kg5<f`-Yr;ATt}cQ~x79hVRoV^Dw%_mq-T8{<Kq4Rt5DF3^69xkO
zTSNd5*H>4*Gsm<DK^Q(!q~B6fepn>j5{SD$9zS-=+4Bb3#&C-@Xdgb<yjKYx0WKux
FKLF87;N1WK

literal 0
HcmV?d00001

diff --git a/autosign/result/OpenHarmonyProfileRelease.pem b/autosign/result/OpenHarmonyProfileRelease.pem
new file mode 100644
index 00000000..129a1378
--- /dev/null
+++ b/autosign/result/OpenHarmonyProfileRelease.pem
@@ -0,0 +1,44 @@
+-----BEGIN CERTIFICATE-----
+MIICRDCCAcmgAwIBAgIED+E4izAMBggqhkjOPQQDAwUAMGgxCzAJBgNVBAYTAkNO
+MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh
+bTEoMCYGA1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTAeFw0y
+MTAyMDIxMjE0MThaFw00OTEyMzExMjE0MThaMGgxCzAJBgNVBAYTAkNOMRQwEgYD
+VQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVhbTEoMCYG
+A1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABE023XmRaw2DnO8NSsb+KG/uY0FtS3u5LQucdr3qWVnRW5ui
+QIL6ttNZBEeLTUeYcJZCpayg9Llf+1SmDA7dY4iP2EcRo4UN3rilovtfFfsmH4ty
+3SApHVFzWUl+NwdH8KNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AQYwHQYDVR0OBBYEFBc6EKGrGXzlAE+s0Zgnsphadw7NMAwGCCqGSM49BAMDBQAD
+ZwAwZAIwd1p3JzHN93eoPped1li0j64npgqNzwy4OrkehYAqNXpcpaEcLZ7UxW8E
+I2lZJ3SbAjAkqySHb12sIwdSFKSN9KCMMEo/eUT5dUXlcKR2nZz0MJdxT5F51qcX
+1CumzkcYhgU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICYTCCAeWgAwIBAgIEHmXAPTAMBggqhkjOPQQDAwUAMGgxCzAJBgNVBAYTAkNO
+MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh
+bTEoMCYGA1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTAeFw0y
+MTAyMDIxMjE1MzJaFw00OTEyMzExMjE1MzJaMGMxCzAJBgNVBAYTAkNOMRQwEgYD
+VQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVhbTEjMCEG
+A1UEAxMaT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gQ0EwdjAQBgcqhkjOPQIBBgUr
+gQQAIgNiAAQhnu7Hna8XNa2KyqRf5+lBJScE4xqf89N0g0OuqAb2re8nGsvWkw26
+uDekfnBYicd+G3Cydqa2zFIwV7Talyg2ULW3r8KbGpyl84mJEPPRmCGJ+H9gtCsf
++OrJ4Y76LVWjYzBhMB8GA1UdIwQYMBaAFBc6EKGrGXzlAE+s0Zgnsphadw7NMA8G
+A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTbhrciFtUL
+oUu33SV7ufEFfaItRzAMBggqhkjOPQQDAwUAA2gAMGUCMG3cXjiDmXTvf7D4Omhf
+qcc2nuO+EMfWE+N9ZhBP5UhV34mAGWi3SfLU6rcV0urWEQIxAMYIb3epOnKhUrcm
+Lfu1WKzFlpYQwmw73RaCHP2I3k6NcuWOYeNwWXSNZ8o0nzvaLg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAb+gAwIBAgIEN6dtvjAMBggqhkjOPQQDAwUAMGMxCzAJBgNVBAYTAkNO
+MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh
+bTEjMCEGA1UEAxMaT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gQ0EwHhcNMjEwMjAy
+MTIyMTA1WhcNNDkxMjMxMTIyMTA1WjBwMQswCQYDVQQGEwJDTjEUMBIGA1UEChML
+T3Blbkhhcm1vbnkxGTAXBgNVBAsTEE9wZW5IYXJtb255IFRlYW0xMDAuBgNVBAMT
+J09wZW5IYXJtb255IEFwcGxpY2F0aW9uIFByb2ZpbGUgUmVsZWFzZTBZMBMGByqG
+SM49AgEGCCqGSM49AwEHA0IABFfPAuu5prLiQXG+FcmSKJqtRjeDDZgfAeitKsSM
+3tzhHk2oN/UD0vHGbgIrVD8fv8igUZEJFsOTNM4DbovGGJqjUjBQMB8GA1UdIwQY
+MBaAFNuGtyIW1QuhS7fdJXu58QV9oi1HMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4E
+FgQUy2Hpvad6TtTPlbOE7AX99l8NAVIwDAYIKoZIzj0EAwMFAANpADBmAjEArI6u
+CYJiea5IJBFC7JBluWgGshKdEHdGPv3sopi34kKPZNxm9eGn9OGNBjZg/qqdAjEA
+oIZqet/+DDpB7CRdTAUhisGmgE8w3ETgiibdUhrAAUOo6SSzozUQeKn+c37l5A+z
+-----END CERTIFICATE-----
diff --git a/autosign/result/rootCA.cer b/autosign/result/rootCA.cer
new file mode 100644
index 00000000..20f68eac
--- /dev/null
+++ b/autosign/result/rootCA.cer
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICRDCCAcmgAwIBAgIED+E4izAMBggqhkjOPQQDAwUAMGgxCzAJBgNVBAYTAkNO
+MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh
+bTEoMCYGA1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTAeFw0y
+MTAyMDIxMjE0MThaFw00OTEyMzExMjE0MThaMGgxCzAJBgNVBAYTAkNOMRQwEgYD
+VQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVhbTEoMCYG
+A1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABE023XmRaw2DnO8NSsb+KG/uY0FtS3u5LQucdr3qWVnRW5ui
+QIL6ttNZBEeLTUeYcJZCpayg9Llf+1SmDA7dY4iP2EcRo4UN3rilovtfFfsmH4ty
+3SApHVFzWUl+NwdH8KNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AQYwHQYDVR0OBBYEFBc6EKGrGXzlAE+s0Zgnsphadw7NMAwGCCqGSM49BAMDBQAD
+ZwAwZAIwd1p3JzHN93eoPped1li0j64npgqNzwy4OrkehYAqNXpcpaEcLZ7UxW8E
+I2lZJ3SbAjAkqySHb12sIwdSFKSN9KCMMEo/eUT5dUXlcKR2nZz0MJdxT5F51qcX
+1CumzkcYhgU=
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/autosign/result/subCA.cer b/autosign/result/subCA.cer
new file mode 100644
index 00000000..6adeca77
--- /dev/null
+++ b/autosign/result/subCA.cer
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICYTCCAeWgAwIBAgIEHmXAPTAMBggqhkjOPQQDAwUAMGgxCzAJBgNVBAYTAkNO
+MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh
+bTEoMCYGA1UEAxMfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUm9vdCBDQTAeFw0y
+MTAyMDIxMjE1MzJaFw00OTEyMzExMjE1MzJaMGMxCzAJBgNVBAYTAkNOMRQwEgYD
+VQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVhbTEjMCEG
+A1UEAxMaT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gQ0EwdjAQBgcqhkjOPQIBBgUr
+gQQAIgNiAAQhnu7Hna8XNa2KyqRf5+lBJScE4xqf89N0g0OuqAb2re8nGsvWkw26
+uDekfnBYicd+G3Cydqa2zFIwV7Talyg2ULW3r8KbGpyl84mJEPPRmCGJ+H9gtCsf
++OrJ4Y76LVWjYzBhMB8GA1UdIwQYMBaAFBc6EKGrGXzlAE+s0Zgnsphadw7NMA8G
+A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTbhrciFtUL
+oUu33SV7ufEFfaItRzAMBggqhkjOPQQDAwUAA2gAMGUCMG3cXjiDmXTvf7D4Omhf
+qcc2nuO+EMfWE+N9ZhBP5UhV34mAGWi3SfLU6rcV0urWEQIxAMYIb3epOnKhUrcm
+Lfu1WKzFlpYQwmw73RaCHP2I3k6NcuWOYeNwWXSNZ8o0nzvaLg==
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/autosign/signHap.config b/autosign/signHap.config
new file mode 100644
index 00000000..5b4693dd
--- /dev/null
+++ b/autosign/signHap.config
@@ -0,0 +1,38 @@
+// Base configuration
+//
+// Location of signtool.jar
+
+config.signtool=../hapsigntool/hap_sign_tool/build/libs/hap-sign-tool.jar
+
+// All products would be put into folder
+config.targetDir=result
+
+// Common configuration, will be overwrite by detail config
+common.keystoreFile=OpenHarmony.p12
+common.keystorePwd=123456
+common.signAlg=SHA256withECDSA
+common.mode=localSign
+
+// You must change this instead of using default
+common.keyPwd=123456
+common.issuerKeyPwd=123456
+
+// keypair of app signature
+app.keypair.keyAlias=oh-app1-key-v1
+app.keypair.keyPwd=123456
+
+// App signature cert
+cert.app.outFile=app1.pem
+
+// Sign profile
+sign.profile.outFile=app1-profile.p7b
+
+// Sign app
+sign.app.inFile=app1-unsigned.hap
+sign.app.outFile=app1-signed.hap
+
+
+// Default config. Do not change it
+sign.app.keyAlias=$app.keypair.keyAlias
+sign.app.appCertFile=$cert.app.outFile
+sign.app.profileFile=$sign.profile.outFile
diff --git a/autosign/start_sign.bat b/autosign/sign_hap.bat
similarity index 95%
rename from autosign/start_sign.bat
rename to autosign/sign_hap.bat
index b8f9bcd5..afca3f3b 100644
--- a/autosign/start_sign.bat
+++ b/autosign/sign_hap.bat
@@ -11,5 +11,5 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 
-python autosign.py sign
+python autosign.py signHap
 pause
\ No newline at end of file
diff --git a/autosign/start_sign.sh b/autosign/sign_hap.sh
similarity index 95%
rename from autosign/start_sign.sh
rename to autosign/sign_hap.sh
index 9a56b7a7..e85de1e3 100644
--- a/autosign/start_sign.sh
+++ b/autosign/sign_hap.sh
@@ -12,4 +12,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-python3 autosign.py sign
\ No newline at end of file
+python3 autosign.py signHap
\ No newline at end of file
-- 
Gitee