StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Add flags to override all apex/apk keys" am: c7cd55bf17

Browse Source 
Original change: https://android-review.googlesource.com/c/platform/build/+/2171705

Change-Id: I6c3556e51fa839c078e1eea6f6daa2dd8d6e4024
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Treehugger Robot
2022-08-06 04:53:55 +00:00
committed by Automerger Merge Worker
parent 1d43c900c4 c7cd55bf17
commit 2e30eed994
1 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
tools/releasetools/sign_target_files_apks.py
View File

@@ -141,6 +141,12 @@ Usage: sign_target_files_apks [flags] input_target_files output_target_files
Allow the existence of the file 'userdebug_plat_sepolicy.cil' under Allow the existence of the file 'userdebug_plat_sepolicy.cil' under
(/system/system_ext|/system_ext)/etc/selinux. (/system/system_ext|/system_ext)/etc/selinux.
If not set, error out when the file exists. If not set, error out when the file exists.
--override_apk_keys <path>
Replace all APK keys with this private key
--override_apex_keys <path>
Replace all APEX keys with this private key
""" """
from __future__ import print_function from __future__ import print_function
@@ -197,6 +203,8 @@ OPTIONS.android_jar_path = None
OPTIONS.vendor_partitions = set() OPTIONS.vendor_partitions = set()
OPTIONS.vendor_otatools = None OPTIONS.vendor_otatools = None
OPTIONS.allow_gsi_debug_sepolicy = False OPTIONS.allow_gsi_debug_sepolicy = False
OPTIONS.override_apk_keys = None
OPTIONS.override_apex_keys = None
AVB_FOOTER_ARGS_BY_PARTITION = { AVB_FOOTER_ARGS_BY_PARTITION = {
@@ -245,6 +253,10 @@ def GetApexFilename(filename):
def GetApkCerts(certmap): def GetApkCerts(certmap):
if OPTIONS.override_apk_keys is not None:
for apk in certmap.keys():
certmap[apk] = OPTIONS.override_apk_keys
# apply the key remapping to the contents of the file # apply the key remapping to the contents of the file
for apk, cert in certmap.items(): for apk, cert in certmap.items():
certmap[apk] = OPTIONS.key_map.get(cert, cert) certmap[apk] = OPTIONS.key_map.get(cert, cert)
@@ -275,6 +287,15 @@ def GetApexKeys(keys_info, key_map):
Raises: Raises:
AssertionError: On invalid container / payload key overrides. AssertionError: On invalid container / payload key overrides.
""" """
if OPTIONS.override_apex_keys is not None:
for apex in keys_info.keys():
keys_info[apex] = (OPTIONS.override_apex_keys, keys_info[apex][1], keys_info[apex][2])
if OPTIONS.override_apk_keys is not None:
key = key_map.get(OPTIONS.override_apk_keys, OPTIONS.override_apk_keys)
for apex in keys_info.keys():
keys_info[apex] = (keys_info[apex][0], key, keys_info[apex][2])
# Apply all the --extra_apex_payload_key options to override the payload # Apply all the --extra_apex_payload_key options to override the payload
# signing keys in the given keys_info. # signing keys in the given keys_info.
for apex, key in OPTIONS.extra_apex_payload_keys.items(): for apex, key in OPTIONS.extra_apex_payload_keys.items():
@@ -1491,6 +1512,10 @@ def main(argv):
OPTIONS.vendor_partitions = set(a.split(",")) OPTIONS.vendor_partitions = set(a.split(","))
elif o == "--allow_gsi_debug_sepolicy": elif o == "--allow_gsi_debug_sepolicy":
OPTIONS.allow_gsi_debug_sepolicy = True OPTIONS.allow_gsi_debug_sepolicy = True
elif o == "--override_apk_keys":
OPTIONS.override_apk_keys = a
elif o == "--override_apex_keys":
OPTIONS.override_apex_keys = a
else: else:
return False return False
return True return True
@@ -1547,6 +1572,8 @@ def main(argv):
"vendor_partitions=", "vendor_partitions=",
"vendor_otatools=", "vendor_otatools=",
"allow_gsi_debug_sepolicy", "allow_gsi_debug_sepolicy",
"override_apk_keys=",
"override_apex_keys=",
], ],
extra_option_handler=option_handler) extra_option_handler=option_handler)