diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py index 16c1840185..d3e9ea16d5 100755 --- a/tools/releasetools/sign_target_files_apks.py +++ b/tools/releasetools/sign_target_files_apks.py @@ -1081,7 +1081,6 @@ def ReadApexKeysInfo(tf_zip): continue name = matches.group('NAME') - payload_public_key = matches.group("PAYLOAD_PUBLIC_KEY") payload_private_key = matches.group("PAYLOAD_PRIVATE_KEY") def CompareKeys(pubkey, pubkey_suffix, privkey, privkey_suffix): @@ -1091,13 +1090,9 @@ def ReadApexKeysInfo(tf_zip): privkey.endswith(privkey_suffix) and pubkey[:-pubkey_suffix_len] == privkey[:-privkey_suffix_len]) - PAYLOAD_PUBLIC_KEY_SUFFIX = '.avbpubkey' - PAYLOAD_PRIVATE_KEY_SUFFIX = '.pem' - if not CompareKeys( - payload_public_key, PAYLOAD_PUBLIC_KEY_SUFFIX, - payload_private_key, PAYLOAD_PRIVATE_KEY_SUFFIX): - raise ValueError("Failed to parse payload keys: \n{}".format(line)) - + # Sanity check on the container key names, as we'll carry them without the + # extensions. This doesn't apply to payload keys though, which we will use + # full names only. container_cert = matches.group("CONTAINER_CERT") container_private_key = matches.group("CONTAINER_PRIVATE_KEY") if not CompareKeys( diff --git a/tools/releasetools/test_sign_target_files_apks.py b/tools/releasetools/test_sign_target_files_apks.py index 6082bafcbd..6a4df1a172 100644 --- a/tools/releasetools/test_sign_target_files_apks.py +++ b/tools/releasetools/test_sign_target_files_apks.py @@ -401,14 +401,14 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te 'build/target/product/security/testkey'), }, keys_info) - def test_ReadApexKeysInfo_mismatchingKeys(self): + def test_ReadApexKeysInfo_mismatchingContainerKeys(self): # Mismatching payload public / private keys. apex_keys = self.APEX_KEYS_TXT + ( 'name="apex.apexd_test_different_app2.apex" ' 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" ' - 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_3.pem" ' + 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" ' 'container_certificate="build/target/product/security/testkey.x509.pem" ' - 'container_private_key="build/target/product/security/testkey.pk8"') + 'container_private_key="build/target/product/security/testkey2.pk8"') target_files = common.MakeTempFile(suffix='.zip') with zipfile.ZipFile(target_files, 'w') as target_files_zip: target_files_zip.writestr('META/apexkeys.txt', apex_keys) @@ -416,7 +416,7 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te with zipfile.ZipFile(target_files) as target_files_zip: self.assertRaises(ValueError, ReadApexKeysInfo, target_files_zip) - def test_ReadApexKeysInfo_missingPrivateKey(self): + def test_ReadApexKeysInfo_missingPayloadPrivateKey(self): # Invalid lines will be skipped. apex_keys = self.APEX_KEYS_TXT + ( 'name="apex.apexd_test_different_app2.apex" ' @@ -438,3 +438,26 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', 'build/target/product/security/testkey'), }, keys_info) + + def test_ReadApexKeysInfo_missingPayloadPublicKey(self): + # Invalid lines will be skipped. + apex_keys = self.APEX_KEYS_TXT + ( + 'name="apex.apexd_test_different_app2.apex" ' + 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" ' + 'container_certificate="build/target/product/security/testkey.x509.pem" ' + 'container_private_key="build/target/product/security/testkey.pk8"') + target_files = common.MakeTempFile(suffix='.zip') + with zipfile.ZipFile(target_files, 'w') as target_files_zip: + target_files_zip.writestr('META/apexkeys.txt', apex_keys) + + with zipfile.ZipFile(target_files) as target_files_zip: + keys_info = ReadApexKeysInfo(target_files_zip) + + self.assertEqual({ + 'apex.apexd_test.apex': ( + 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem', + 'build/target/product/security/testkey'), + 'apex.apexd_test_different_app.apex': ( + 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', + 'build/target/product/security/testkey'), + }, keys_info)