From 9788b4ed31e58301314d226ad8028610642a12e1 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Thu, 15 Nov 2018 13:46:56 -0800 Subject: [PATCH] releasetools: Temporarily disable verifying AVB-signed images. Bug: 119624011 Test: Run validate_target_files.py on aosp_blueline-target_files.zip. Change-Id: I0c3a93dd2ec9fe26c62be2ac2cc26780fb9fe1a6 --- tools/releasetools/validate_target_files.py | 28 +++------------------ 1 file changed, 3 insertions(+), 25 deletions(-) diff --git a/tools/releasetools/validate_target_files.py b/tools/releasetools/validate_target_files.py index 1cc4a600b..ae8253d69 100755 --- a/tools/releasetools/validate_target_files.py +++ b/tools/releasetools/validate_target_files.py @@ -311,31 +311,9 @@ def ValidateVerifiedBootImages(input_tmp, info_dict, options): if info_dict.get("avb_enable") == "true": logging.info('Verifying Verified Boot 2.0 (AVB) images...') - key = options['verity_key'] - if key is None: - key = info_dict['avb_vbmeta_key_path'] - - # avbtool verifies all the images that have descriptors listed in vbmeta. - image = os.path.join(input_tmp, 'IMAGES', 'vbmeta.img') - cmd = ['avbtool', 'verify_image', '--image', image, '--key', key] - - # Append the args for chained partitions if any. - for partition in common.AVB_PARTITIONS: - key_name = 'avb_' + partition + '_key_path' - if info_dict.get(key_name) is not None: - chained_partition_arg = common.GetAvbChainedPartitionArg( - partition, info_dict, options[key_name]) - cmd.extend(["--expected_chain_partition", chained_partition_arg]) - - proc = common.Run(cmd) - stdoutdata, _ = proc.communicate() - assert proc.returncode == 0, \ - 'Failed to verify {} with verity_verifier (key: {}):\n{}'.format( - image, key, stdoutdata) - - logging.info( - 'Verified %s with avbtool (key: %s):\n%s', image, key, - stdoutdata.rstrip()) + # Temporarily disable the verification for AVB-signed images, due to the + # dependency on PyCrypto in `avbtool verify_image` (Bug: 119624011). + logging.info('Temporarily disabled due to b/119624011') def main():