From f63e2cd47bb37996d3bd498e060e7523448cd9f9 Mon Sep 17 00:00:00 2001 From: Christian Oder Date: Mon, 1 May 2017 22:30:15 +0200 Subject: [PATCH] OTA Tools: Handle password encrypted keys * Add logic to handle decrypted keys from common.GetKeyPassword in WriteABOTAPackageWithBrilloScript. * Get the keys passwords in main and store them in OPTIONS.key_passwords. This allows accessing them in WriteABOTAPackageWithBrilloScript and SignOutput so it's only required to ask for the password once, while allowing to use decrypted signing keys. Test: ota_from_target_files.py on marlin and angler respectively. Change-Id: I7c9b0198855a4b630c52b8552e904f312f09c4ce --- tools/releasetools/ota_from_target_files.py | 34 ++++++++++----------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py index 1a7e10e678..20904001db 100755 --- a/tools/releasetools/ota_from_target_files.py +++ b/tools/releasetools/ota_from_target_files.py @@ -181,14 +181,14 @@ OPTIONS.log_diff = None OPTIONS.payload_signer = None OPTIONS.payload_signer_args = [] OPTIONS.extracted_input = None +OPTIONS.key_passwords = [] METADATA_NAME = 'META-INF/com/android/metadata' UNZIP_PATTERN = ['IMAGES/*', 'META/*'] def SignOutput(temp_zip_name, output_zip_name): - key_passwords = common.GetKeyPasswords([OPTIONS.package_key]) - pw = key_passwords[OPTIONS.package_key] + pw = OPTIONS.key_passwords[OPTIONS.package_key] common.SignFile(temp_zip_name, output_zip_name, OPTIONS.package_key, pw, whole_file=True) @@ -1021,21 +1021,17 @@ def WriteABOTAPackageWithBrilloScript(target_file, output_file, # The place where the output from the subprocess should go. log_file = sys.stdout if OPTIONS.verbose else subprocess.PIPE - # Setup signing keys. - if OPTIONS.package_key is None: - OPTIONS.package_key = OPTIONS.info_dict.get( - "default_system_dev_certificate", - "build/target/product/security/testkey") - # A/B updater expects a signing key in RSA format. Gets the key ready for # later use in step 3, unless a payload_signer has been specified. if OPTIONS.payload_signer is None: cmd = ["openssl", "pkcs8", "-in", OPTIONS.package_key + OPTIONS.private_key_suffix, - "-inform", "DER", "-nocrypt"] + "-inform", "DER"] + pw = OPTIONS.key_passwords[OPTIONS.package_key] + cmd.extend(["-passin", "pass:" + pw] if pw else ["-nocrypt"]) rsa_key = common.MakeTempFile(prefix="key-", suffix=".key") cmd.extend(["-out", rsa_key]) - p1 = common.Run(cmd, stdout=log_file, stderr=subprocess.STDOUT) + p1 = common.Run(cmd, verbose=False, stdout=log_file, stderr=subprocess.STDOUT) p1.communicate() assert p1.returncode == 0, "openssl pkcs8 failed" @@ -1383,6 +1379,17 @@ def main(argv): ab_update = OPTIONS.info_dict.get("ab_update") == "true" + # Use the default key to sign the package if not specified with package_key. + # package_keys are needed on ab_updates, so always define them if an + # ab_update is getting created. + if not OPTIONS.no_signing or ab_update: + if OPTIONS.package_key is None: + OPTIONS.package_key = OPTIONS.info_dict.get( + "default_system_dev_certificate", + "build/target/product/security/testkey") + # Get signing keys + OPTIONS.key_passwords = common.GetKeyPasswords([OPTIONS.package_key]) + if ab_update: if OPTIONS.incremental_source is not None: OPTIONS.target_info_dict = OPTIONS.info_dict @@ -1448,13 +1455,6 @@ def main(argv): raise common.ExternalError( "--- target build has specified no recovery ---") - # Use the default key to sign the package if not specified with package_key. - if not OPTIONS.no_signing: - if OPTIONS.package_key is None: - OPTIONS.package_key = OPTIONS.info_dict.get( - "default_system_dev_certificate", - "build/target/product/security/testkey") - # Set up the output zip. Create a temporary zip file if signing is needed. if OPTIONS.no_signing: if os.path.exists(args[1]):