openkylin
/
platform_build_soong
mirror of https://gitee.com/openkylin/platform_build_soong.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge "Add signing certificate lineage support to soong" into rvc-dev am: 5c5c4d9332 

Change-Id: I8d93c7ad3fb076fa7f8b3a3d71e668b9c0a41305
This commit is contained in:
Liz Kammer 2020-05-08 20:30:38 +00:00 committed by Automerger Merge Worker
parent 2fbe70371c 5c5c4d9332
commit b339011848
4 changed files with 78 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
java/app.go
View File

@ -129,6 +129,9 @@ type overridableAppProperties struct {
// or an android_app_certificate module name in the form ":module". // or an android_app_certificate module name in the form ":module".
Certificate *string Certificate *string
// Name of the signing certificate lineage file.
Lineage *string
// the package name of this app. The package name in the manifest file is used if one was not given. // the package name of this app. The package name in the manifest file is used if one was not given.
Package_name *string Package_name *string
@ -590,7 +593,11 @@ func (a *AndroidApp) generateAndroidBuildActions(ctx android.ModuleContext) {
if v4SigningRequested { if v4SigningRequested {
v4SignatureFile = android.PathForModuleOut(ctx, a.installApkName+".apk.idsig") v4SignatureFile = android.PathForModuleOut(ctx, a.installApkName+".apk.idsig")
} }
CreateAndSignAppPackage(ctx, packageFile, a.exportPackage, jniJarFile, dexJarFile, certificates, apkDeps, v4SignatureFile) var lineageFile android.Path
if lineage := String(a.overridableAppProperties.Lineage); lineage != "" {
lineageFile = android.PathForModuleSrc(ctx, lineage)
}
CreateAndSignAppPackage(ctx, packageFile, a.exportPackage, jniJarFile, dexJarFile, certificates, apkDeps, v4SignatureFile, lineageFile)
a.outputFile = packageFile a.outputFile = packageFile
if v4SigningRequested { if v4SigningRequested {
a.extraOutputFiles = append(a.extraOutputFiles, v4SignatureFile) a.extraOutputFiles = append(a.extraOutputFiles, v4SignatureFile)
@ -602,7 +609,7 @@ func (a *AndroidApp) generateAndroidBuildActions(ctx android.ModuleContext) {
if v4SigningRequested { if v4SigningRequested {
v4SignatureFile = android.PathForModuleOut(ctx, a.installApkName+"_"+split.suffix+".apk.idsig") v4SignatureFile = android.PathForModuleOut(ctx, a.installApkName+"_"+split.suffix+".apk.idsig")
} }
CreateAndSignAppPackage(ctx, packageFile, split.path, nil, nil, certificates, apkDeps, v4SignatureFile) CreateAndSignAppPackage(ctx, packageFile, split.path, nil, nil, certificates, apkDeps, v4SignatureFile, lineageFile)
a.extraOutputFiles = append(a.extraOutputFiles, packageFile) a.extraOutputFiles = append(a.extraOutputFiles, packageFile)
if v4SigningRequested { if v4SigningRequested {
a.extraOutputFiles = append(a.extraOutputFiles, v4SignatureFile) a.extraOutputFiles = append(a.extraOutputFiles, v4SignatureFile)
@ -1257,7 +1264,7 @@ func (a *AndroidAppImport) generateAndroidBuildActions(ctx android.ModuleContext
} }
a.certificate = certificates[0] a.certificate = certificates[0]
signed := android.PathForModuleOut(ctx, "signed", apkFilename) signed := android.PathForModuleOut(ctx, "signed", apkFilename)
SignAppPackage(ctx, signed, dexOutput, certificates, nil) SignAppPackage(ctx, signed, dexOutput, certificates, nil, nil)
a.outputFile = signed a.outputFile = signed
} else { } else {
alignedApk := android.PathForModuleOut(ctx, "zip-aligned", apkFilename) alignedApk := android.PathForModuleOut(ctx, "zip-aligned", apkFilename)
@ -1516,7 +1523,7 @@ func (r *RuntimeResourceOverlay) GenerateAndroidBuildActions(ctx android.ModuleC
_, certificates := collectAppDeps(ctx, false, false) _, certificates := collectAppDeps(ctx, false, false)
certificates = processMainCert(r.ModuleBase, String(r.properties.Certificate), certificates, ctx) certificates = processMainCert(r.ModuleBase, String(r.properties.Certificate), certificates, ctx)
signed := android.PathForModuleOut(ctx, "signed", r.Name()+".apk") signed := android.PathForModuleOut(ctx, "signed", r.Name()+".apk")
SignAppPackage(ctx, signed, r.aapt.exportPackage, certificates, nil) SignAppPackage(ctx, signed, r.aapt.exportPackage, certificates, nil, nil)
r.certificate = certificates[0] r.certificate = certificates[0]
r.outputFile = signed r.outputFile = signed

16
java/app_builder.go
View File

@ -45,7 +45,7 @@ var combineApk = pctx.AndroidStaticRule("combineApk",
}) })
func CreateAndSignAppPackage(ctx android.ModuleContext, outputFile android.WritablePath, func CreateAndSignAppPackage(ctx android.ModuleContext, outputFile android.WritablePath,
packageFile, jniJarFile, dexJarFile android.Path, certificates []Certificate, deps android.Paths, v4SignatureFile android.WritablePath) { packageFile, jniJarFile, dexJarFile android.Path, certificates []Certificate, deps android.Paths, v4SignatureFile android.WritablePath, lineageFile android.Path) {
unsignedApkName := strings.TrimSuffix(outputFile.Base(), ".apk") + "-unsigned.apk" unsignedApkName := strings.TrimSuffix(outputFile.Base(), ".apk") + "-unsigned.apk"
unsignedApk := android.PathForModuleOut(ctx, unsignedApkName) unsignedApk := android.PathForModuleOut(ctx, unsignedApkName)
@ -66,10 +66,10 @@ func CreateAndSignAppPackage(ctx android.ModuleContext, outputFile android.Writa
Implicits: deps, Implicits: deps,
}) })
SignAppPackage(ctx, outputFile, unsignedApk, certificates, v4SignatureFile) SignAppPackage(ctx, outputFile, unsignedApk, certificates, v4SignatureFile, lineageFile)
} }
func SignAppPackage(ctx android.ModuleContext, signedApk android.WritablePath, unsignedApk android.Path, certificates []Certificate, v4SignatureFile android.WritablePath) { func SignAppPackage(ctx android.ModuleContext, signedApk android.WritablePath, unsignedApk android.Path, certificates []Certificate, v4SignatureFile android.WritablePath, lineageFile android.Path) {
var certificateArgs []string var certificateArgs []string
var deps android.Paths var deps android.Paths
@ -79,10 +79,14 @@ func SignAppPackage(ctx android.ModuleContext, signedApk android.WritablePath, u
} }
outputFiles := android.WritablePaths{signedApk} outputFiles := android.WritablePaths{signedApk}
var flag string = "" var flags []string
if v4SignatureFile != nil { if v4SignatureFile != nil {
outputFiles = append(outputFiles, v4SignatureFile) outputFiles = append(outputFiles, v4SignatureFile)
flag = "--enable-v4" flags = append(flags, "--enable-v4")
}
if lineageFile != nil {
flags = append(flags, "--lineage", lineageFile.String())
} }
ctx.Build(pctx, android.BuildParams{ ctx.Build(pctx, android.BuildParams{
@ -93,7 +97,7 @@ func SignAppPackage(ctx android.ModuleContext, signedApk android.WritablePath, u
Implicits: deps, Implicits: deps,
Args: map[string]string{ Args: map[string]string{
"certificates": strings.Join(certificateArgs, " "), "certificates": strings.Join(certificateArgs, " "),
"flags": flag, "flags": strings.Join(flags, " "),
}, },
}) })
} }

71
java/app_test.go
View File

@ -1115,7 +1115,8 @@ func TestCertificates(t *testing.T) {
name string name string
bp string bp string
certificateOverride string certificateOverride string
expected string expectedLineage string
expectedCertificate string
}{ }{
{ {
name: "default", name: "default",
@ -1127,7 +1128,8 @@ func TestCertificates(t *testing.T) {
} }
`, `,
certificateOverride: "", certificateOverride: "",
expected: "build/make/target/product/security/testkey.x509.pem build/make/target/product/security/testkey.pk8", expectedLineage: "",
expectedCertificate: "build/make/target/product/security/testkey.x509.pem build/make/target/product/security/testkey.pk8",
}, },
{ {
name: "module certificate property", name: "module certificate property",
@ -1145,7 +1147,8 @@ func TestCertificates(t *testing.T) {
} }
`, `,
certificateOverride: "", certificateOverride: "",
expected: "cert/new_cert.x509.pem cert/new_cert.pk8", expectedLineage: "",
expectedCertificate: "cert/new_cert.x509.pem cert/new_cert.pk8",
}, },
{ {
name: "path certificate property", name: "path certificate property",
@ -1158,7 +1161,8 @@ func TestCertificates(t *testing.T) {
} }
`, `,
certificateOverride: "", certificateOverride: "",
expected: "build/make/target/product/security/expiredkey.x509.pem build/make/target/product/security/expiredkey.pk8", expectedLineage: "",
expectedCertificate: "build/make/target/product/security/expiredkey.x509.pem build/make/target/product/security/expiredkey.pk8",
}, },
{ {
name: "certificate overrides", name: "certificate overrides",
@ -1176,7 +1180,28 @@ func TestCertificates(t *testing.T) {
} }
`, `,
certificateOverride: "foo:new_certificate", certificateOverride: "foo:new_certificate",
expected: "cert/new_cert.x509.pem cert/new_cert.pk8", expectedLineage: "",
expectedCertificate: "cert/new_cert.x509.pem cert/new_cert.pk8",
},
{
name: "certificate lineage",
bp: `
android_app {
name: "foo",
srcs: ["a.java"],
certificate: ":new_certificate",
lineage: "lineage.bin",
sdk_version: "current",
}
android_app_certificate {
name: "new_certificate",
certificate: "cert/new_cert",
}
`,
certificateOverride: "",
expectedLineage: "--lineage lineage.bin",
expectedCertificate: "cert/new_cert.x509.pem cert/new_cert.pk8",
}, },
} }
@ -1192,9 +1217,14 @@ func TestCertificates(t *testing.T) {
foo := ctx.ModuleForTests("foo", "android_common") foo := ctx.ModuleForTests("foo", "android_common")
signapk := foo.Output("foo.apk") signapk := foo.Output("foo.apk")
signFlags := signapk.Args["certificates"] signCertificateFlags := signapk.Args["certificates"]
if test.expected != signFlags { if test.expectedCertificate != signCertificateFlags {
t.Errorf("Incorrect signing flags, expected: %q, got: %q", test.expected, signFlags) t.Errorf("Incorrect signing flags, expected: %q, got: %q", test.expectedCertificate, signCertificateFlags)
}
signFlags := signapk.Args["flags"]
if test.expectedLineage != signFlags {
t.Errorf("Incorrect signing flags, expected: %q, got: %q", test.expectedLineage, signFlags)
} }
}) })
} }
@ -1368,6 +1398,7 @@ func TestOverrideAndroidApp(t *testing.T) {
name: "bar", name: "bar",
base: "foo", base: "foo",
certificate: ":new_certificate", certificate: ":new_certificate",
lineage: "lineage.bin",
logging_parent: "bah", logging_parent: "bah",
} }
@ -1388,7 +1419,8 @@ func TestOverrideAndroidApp(t *testing.T) {
variantName string variantName string
apkName string apkName string
apkPath string apkPath string
signFlag string certFlag string
lineageFlag string
overrides []string overrides []string
aaptFlag string aaptFlag string
logging_parent string logging_parent string
@ -1397,7 +1429,8 @@ func TestOverrideAndroidApp(t *testing.T) {
moduleName: "foo", moduleName: "foo",
variantName: "android_common", variantName: "android_common",
apkPath: "/target/product/test_device/system/app/foo/foo.apk", apkPath: "/target/product/test_device/system/app/foo/foo.apk",
signFlag: "build/make/target/product/security/expiredkey.x509.pem build/make/target/product/security/expiredkey.pk8", certFlag: "build/make/target/product/security/expiredkey.x509.pem build/make/target/product/security/expiredkey.pk8",
lineageFlag: "",
overrides: []string{"qux"}, overrides: []string{"qux"},
aaptFlag: "", aaptFlag: "",
logging_parent: "", logging_parent: "",
@ -1406,7 +1439,8 @@ func TestOverrideAndroidApp(t *testing.T) {
moduleName: "bar", moduleName: "bar",
variantName: "android_common_bar", variantName: "android_common_bar",
apkPath: "/target/product/test_device/system/app/bar/bar.apk", apkPath: "/target/product/test_device/system/app/bar/bar.apk",
signFlag: "cert/new_cert.x509.pem cert/new_cert.pk8", certFlag: "cert/new_cert.x509.pem cert/new_cert.pk8",
lineageFlag: "--lineage lineage.bin",
overrides: []string{"qux", "foo"}, overrides: []string{"qux", "foo"},
aaptFlag: "", aaptFlag: "",
logging_parent: "bah", logging_parent: "bah",
@ -1415,7 +1449,8 @@ func TestOverrideAndroidApp(t *testing.T) {
moduleName: "baz", moduleName: "baz",
variantName: "android_common_baz", variantName: "android_common_baz",
apkPath: "/target/product/test_device/system/app/baz/baz.apk", apkPath: "/target/product/test_device/system/app/baz/baz.apk",
signFlag: "build/make/target/product/security/expiredkey.x509.pem build/make/target/product/security/expiredkey.pk8", certFlag: "build/make/target/product/security/expiredkey.x509.pem build/make/target/product/security/expiredkey.pk8",
lineageFlag: "",
overrides: []string{"qux", "foo"}, overrides: []string{"qux", "foo"},
aaptFlag: "--rename-manifest-package org.dandroid.bp", aaptFlag: "--rename-manifest-package org.dandroid.bp",
logging_parent: "", logging_parent: "",
@ -1440,9 +1475,15 @@ func TestOverrideAndroidApp(t *testing.T) {
// Check the certificate paths // Check the certificate paths
signapk := variant.Output(expected.moduleName + ".apk") signapk := variant.Output(expected.moduleName + ".apk")
signFlag := signapk.Args["certificates"] certFlag := signapk.Args["certificates"]
if expected.signFlag != signFlag { if expected.certFlag != certFlag {
t.Errorf("Incorrect signing flags, expected: %q, got: %q", expected.signFlag, signFlag) t.Errorf("Incorrect signing flags, expected: %q, got: %q", expected.certFlag, certFlag)
}
// Check the lineage flags
lineageFlag := signapk.Args["flags"]
if expected.lineageFlag != lineageFlag {
t.Errorf("Incorrect signing flags, expected: %q, got: %q", expected.lineageFlag, lineageFlag)
} }
// Check if the overrides field values are correctly aggregated. // Check if the overrides field values are correctly aggregated.

1
java/testing.go
View File

@ -116,6 +116,7 @@ func TestConfig(buildDir string, env map[string]string, bp string, fs map[string
"cert/new_cert.x509.pem": nil, "cert/new_cert.x509.pem": nil,
"cert/new_cert.pk8": nil, "cert/new_cert.pk8": nil,
"lineage.bin": nil,
"testdata/data": nil, "testdata/data": nil,