Use the specified verity key to sign boot and recovery OTA images.

This ensures that when the verity key is rotated to a release key
both the boot and recovery images will be correctly signed. It does
mean that they will both be signed with the same key for now, but
as that doesn't change the threat model separating them is just a
distant nice-to-have.

Bug: 15725238
Change-Id: I5b75e4346fe0655065643ab553431690cc1a8cb0

tools/releasetools/common.py

@@ -335,6 +335,13 @@ def BuildBootableImage(sourcedir, fs_config_file, info_dict=None):
   assert p.returncode == 0, "mkbootimg of %s image failed" % (
       os.path.basename(sourcedir),)
 
+  if info_dict.get("verity_key", None):
+    path = "/" + os.path.basename(sourcedir).lower()
+    cmd = ["boot_signer", path, img.name, info_dict["verity_key"], img.name]
+    p = Run(cmd, stdout=subprocess.PIPE)
+    p.communicate()
+    assert p.returncode == 0, "boot_signer of %s image failed" % path
+
   img.seek(os.SEEK_SET, 0)
   data = img.read()