Pass signing_args to apexer to repack apex

In the build signing environment, we don't necessary have access to the physical private key. And we work around it by passing an extra signing_helper to the avbtool instead of a private key. Since we need to perform signing to add the hashtree footer when rebuilding the apex image. We should propogate the signing_helper to apexer and eventually to avbtool. Bug: 148627666 Test: unit tests pass. Smoke test by pass a public key to apexer and hardcode the private key in signing helper script. Change-Id: I56d57485493a5ba2cbe4c49e493ee9604f68088b
2020-01-30 17:12:05 -08:00
parent d0511cfbbb
commit cea6ad1fb0
2 changed files with 32 additions and 13 deletions
--- a/tools/releasetools/test_apex_utils.py
+++ b/tools/releasetools/test_apex_utils.py
@@ -176,3 +176,20 @@ class ApexUtilsTest(test_utils.ReleaseToolsTestCase):
    payload_pubkey = common.ExtractAvbPublicKey('avbtool',
                                                self.payload_key)
    signer.ProcessApexFile(apk_keys, self.payload_key, payload_pubkey)
+
+  @test_utils.SkipIfExternalToolsUnavailable()
+  def test_ApexApkSigner_withSignerHelper(self):
+    apex_path = os.path.join(self.testdata_dir, 'has_apk.apex')
+    signer = apex_utils.ApexApkSigner(apex_path, None, None)
+    apk_keys = {'wifi-service-resources.apk': os.path.join(
+        self.testdata_dir, 'testkey')}
+
+    self.payload_key = os.path.join(self.testdata_dir, 'testkey_RSA4096.key')
+    payload_pubkey = common.ExtractAvbPublicKey('avbtool', self.payload_key)
+
+    signing_helper = os.path.join(self.testdata_dir, 'signing_helper.sh')
+    os.chmod(signing_helper, 0o700)
+    payload_signer_args = '--signing_helper_with_files {}'.format(
+        signing_helper)
+    signer.ProcessApexFile(apk_keys, self.payload_key, payload_pubkey,
+                           payload_signer_args)