StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Refactor apex signing logic in preparation for compressed apexes" am: 015b689271

Browse Source 
Original change: https://android-review.googlesource.com/c/platform/build/+/1545992

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I2c89435f2f7916a01e1ac0df35f0fabf60f2c8c7
This commit is contained in:
Nikita Ioffe
2021-01-13 15:18:00 +00:00
committed by Automerger Merge Worker
parent f3eaf5348c 015b689271
commit d2052b6598
1 changed files with 53 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
tools/releasetools/apex_utils.py
View File

@@ -300,13 +300,13 @@ def ParseApexPayloadInfo(avbtool, payload_path):
return payload_info return payload_info
def SignApex(avbtool, apex_data, payload_key, container_key, container_pw, def SignUncompressedApex(avbtool, apex_data, payload_key, container_key,
apk_keys, codename_to_api_level_map, container_pw, apk_keys, codename_to_api_level_map,
no_hashtree, signing_args=None): no_hashtree, signing_args=None):
"""Signs the current APEX with the given payload/container keys. """Signs the current uncompressed APEX with the given payload/container keys.
Args: Args:
apex_data: Raw APEX data. apex_data: Raw uncompressed APEX data.
payload_key: The path to payload signing key (w/ extension). payload_key: The path to payload signing key (w/ extension).
container_key: The path to container signing key (w/o extension). container_key: The path to container signing key (w/o extension).
container_pw: The matching password of the container_key, or None. container_pw: The matching password of the container_key, or None.
@@ -380,3 +380,51 @@ def SignApex(avbtool, apex_data, payload_key, container_key, container_pw,
extra_signapk_args=extra_signapk_args) extra_signapk_args=extra_signapk_args)
return signed_apex return signed_apex
def SignApex(avbtool, apex_data, payload_key, container_key, container_pw,
apk_keys, codename_to_api_level_map,
no_hashtree, signing_args=None):
"""Signs the current APEX with the given payload/container keys.
Args:
apex_file: Path to apex file path.
payload_key: The path to payload signing key (w/ extension).
container_key: The path to container signing key (w/o extension).
container_pw: The matching password of the container_key, or None.
apk_keys: A dict that holds the signing keys for apk files.
codename_to_api_level_map: A dict that maps from codename to API level.
no_hashtree: Don't include hashtree in the signed APEX.
signing_args: Additional args to be passed to the payload signer.
Returns:
The path to the signed APEX file.
"""
apex_file = common.MakeTempFile(prefix='apex-container-', suffix='.apex')
with open(apex_file, 'wb') as output_fp:
output_fp.write(apex_data)
debugfs_path = os.path.join(OPTIONS.search_path, "bin", "debugfs_static")
cmd = ['deapexer', '--debugfs_path', debugfs_path,
'info', '--print-type', apex_file]
try:
apex_type = common.RunAndCheckOutput(cmd).strip()
if apex_type == 'UNCOMPRESSED':
return SignUncompressedApex(
avbtool,
apex_data,
payload_key=payload_key,
container_key=container_key,
container_pw=None,
codename_to_api_level_map=codename_to_api_level_map,
no_hashtree=no_hashtree,
apk_keys=apk_keys,
signing_args=signing_args)
else:
# TODO(b/172912232): support signing compressed apex
raise ApexInfoError('Unsupported apex type {}'.format(apex_type))
except common.ExternalError as e:
raise ApexInfoError(
'Failed to get type for {}:\n{}'.format(apex_file))