Merge "A custom APEX signing tool with --signing_args" am: 3a61599999 am: 82f355046c am: 67e7bd664e

Original change: https://android-review.googlesource.com/c/platform/build/+/1974282 Change-Id: I7e6ed2114e1710a25b6800fb6f6679794664d37b
2022-02-08 12:14:18 +00:00
parent b683a82220 67e7bd664e
commit fe4f1b5169
1 changed files with 8 additions and 3 deletions
--- a/tools/releasetools/apex_utils.py
+++ b/tools/releasetools/apex_utils.py
@@ -102,14 +102,14 @@ class ApexApkSigner(object):
                       ' %s', entry)

    payload_dir, has_signed_content = self.ExtractApexPayloadAndSignContents(
-        apk_entries, apk_keys, payload_key)
+        apk_entries, apk_keys, payload_key, signing_args)
    if not has_signed_content:
      logger.info('No contents has been signed in %s', self.apex_path)
      return self.apex_path

    return self.RepackApexPayload(payload_dir, payload_key, signing_args)

-  def ExtractApexPayloadAndSignContents(self, apk_entries, apk_keys, payload_key):
+  def ExtractApexPayloadAndSignContents(self, apk_entries, apk_keys, payload_key, signing_args):
    """Extracts the payload image and signs the containing apk files."""
    if not os.path.exists(self.debugfs_path):
      raise ApexSigningError(
@@ -143,7 +143,12 @@ class ApexApkSigner(object):

    if self.sign_tool:
      logger.info('Signing payload contents in apex %s with %s', self.apex_path, self.sign_tool)
-      cmd = [self.sign_tool, '--avbtool', self.avbtool, payload_key, payload_dir]
+      # Pass avbtool to the custom signing tool
+      cmd = [self.sign_tool, '--avbtool', self.avbtool]
+      # Pass signing_args verbatim which will be forwarded to avbtool (e.g. --signing_helper=...)
+      if signing_args:
+        cmd.extend(['--signing_args', '"{}"'.format(signing_args)])
+      cmd.extend([payload_key, payload_dir])
      common.RunAndCheckOutput(cmd)
      has_signed_content = True