sign_target_files_apks: Fix password encrypted keys handle
This patch restores the possibility of using password encrypted keys for build signing. Bug: 171221825 Test: 1. Generate password encrypted keys (write non empty passwords): $ subject='/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com' $ mkdir ~/.android-certs $ for x in releasekey platform shared media; do \ ./development/tools/make_key ~/.android-certs/$x \ "$subject"; \ done 2. Create a file with passwords: Example of passwd file: [[[ 12345678 ]]] /home/user/.android-certs/releasekey [[[ 12345678 ]]] /home/user/.android-certs/platform [[[ 12345678 ]]] /home/user/.android-certs/shared [[[ 12345678 ]]] /home/user/.android-certs/media [[[ 12345678 ]]] /home/user/.android-certs/networkstack 3. Tell system where to find passwords: $ export ANDROID_PW_FILE=/path/to/file/with/passwords 4. Generate a release image: $ make dist $ sign_target_files_apks \ -o --default_key_mappings ~/.android-certs \ out/dist/*-target_files-*.zip \ signed-target_files.zip Signed-off-by: Oleh Cherpak <oleh.cherpak@globallogic.com> Change-Id: I3e9d5318f69a2c3ac6eec64b36163b6544d49c90
This commit is contained in:
parent
0071b0b56d
commit
e555ab1848
|
@ -49,7 +49,10 @@ class ApexApkSigner(object):
|
|||
|
||||
def __init__(self, apex_path, key_passwords, codename_to_api_level_map):
|
||||
self.apex_path = apex_path
|
||||
self.key_passwords = key_passwords
|
||||
if not key_passwords:
|
||||
self.key_passwords = dict()
|
||||
else:
|
||||
self.key_passwords = key_passwords
|
||||
self.codename_to_api_level_map = codename_to_api_level_map
|
||||
|
||||
def ProcessApexFile(self, apk_keys, payload_key, signing_args=None):
|
||||
|
@ -110,7 +113,7 @@ class ApexApkSigner(object):
|
|||
# signed apk file.
|
||||
unsigned_apk = common.MakeTempFile()
|
||||
os.rename(apk_path, unsigned_apk)
|
||||
common.SignFile(unsigned_apk, apk_path, key_name, self.key_passwords,
|
||||
common.SignFile(unsigned_apk, apk_path, key_name, self.key_passwords.get(key_name),
|
||||
codename_to_api_level_map=self.codename_to_api_level_map)
|
||||
has_signed_apk = True
|
||||
return payload_dir, has_signed_apk
|
||||
|
@ -356,7 +359,7 @@ def SignApex(avbtool, apex_data, payload_key, container_key, container_pw,
|
|||
aligned_apex,
|
||||
signed_apex,
|
||||
container_key,
|
||||
container_pw,
|
||||
container_pw.get(container_key),
|
||||
codename_to_api_level_map=codename_to_api_level_map,
|
||||
extra_signapk_args=extra_signapk_args)
|
||||
|
||||
|
|
|
@ -515,7 +515,7 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info,
|
|||
data,
|
||||
payload_key,
|
||||
container_key,
|
||||
key_passwords[container_key],
|
||||
key_passwords,
|
||||
apk_keys,
|
||||
codename_to_api_level_map,
|
||||
no_hashtree=True,
|
||||
|
|
Loading…
Reference in New Issue