StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Fix error where otacerts in VENDOR_BOOT isn't replaced" am: 3c1a6ee5ad am: 484b38abc0

Browse Source 
Original change: https://android-review.googlesource.com/c/platform/build/+/1585506

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I3f41aad65377e71aeab3986b365c12d496da4ecd
This commit is contained in:
Treehugger Robot
2021-02-12 06:52:04 +00:00
committed by Automerger Merge Worker
parent a9c3916def 484b38abc0
commit c720f04885
1 changed files with 7 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
tools/releasetools/sign_target_files_apks.py
View File

@@ -579,12 +579,7 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info,
# Don't copy OTA certs if we're replacing them. # Don't copy OTA certs if we're replacing them.
# Replacement of update-payload-key.pub.pem was removed in b/116660991. # Replacement of update-payload-key.pub.pem was removed in b/116660991.
elif ( elif OPTIONS.replace_ota_keys and filename.endswith("/otacerts.zip"):
OPTIONS.replace_ota_keys and
filename in (
"BOOT/RAMDISK/system/etc/security/otacerts.zip",
"RECOVERY/RAMDISK/system/etc/security/otacerts.zip",
"SYSTEM/etc/security/otacerts.zip")):
pass pass
# Skip META/misc_info.txt since we will write back the new values later. # Skip META/misc_info.txt since we will write back the new values later.
@@ -852,20 +847,12 @@ def ReplaceOtaKeys(input_tf_zip, output_tf_zip, misc_info):
print("META/otakeys.txt has no keys; using %s for OTA package" print("META/otakeys.txt has no keys; using %s for OTA package"
" verification." % (mapped_keys[0],)) " verification." % (mapped_keys[0],))
# recovery now uses the same x509.pem version of the keys. otacerts = [info
# extra_recovery_keys are used only in recovery. for info in input_tf_zip.infolist()
if misc_info.get("recovery_as_boot") == "true": if info.filename.endswith("/otacerts.zip")]
recovery_keys_location = "BOOT/RAMDISK/system/etc/security/otacerts.zip" for info in otacerts:
else: print("Rewriting OTA key:", info.filename, mapped_keys)
recovery_keys_location = "RECOVERY/RAMDISK/system/etc/security/otacerts.zip" WriteOtacerts(output_tf_zip, info.filename, mapped_keys)
WriteOtacerts(output_tf_zip, recovery_keys_location,
mapped_keys + extra_recovery_keys)
# SystemUpdateActivity uses the x509.pem version of the keys, but
# put into a zipfile system/etc/security/otacerts.zip.
# We DO NOT include the extra_recovery_keys (if any) here.
WriteOtacerts(output_tf_zip, "SYSTEM/etc/security/otacerts.zip", mapped_keys)
def ReplaceVerityPublicKey(output_zip, filename, key_path): def ReplaceVerityPublicKey(output_zip, filename, key_path):