apexkeys.txt now correctly lists prebuilt APEXes with keys specified as
PRESIGNED.
This change also fixes a bug that non-installable APEXes are listed in
the file.
Bug: 131130235
Test: m out/soong/apexkeys.txt and check that
com.android.apex.cts.shim.apex is listed there with PRESIGNED keys.
Change-Id: Ib6d391a82864714743a1cc59cd655bea917b5073
Since apex_key is used in number of apex_test host_supported modules it
is no longer a device only module.
Test: add new device target and check that the build does not fail
Change-Id: I6402e3b622d22ee0ca0e6af71dfd71a690938e49
The public key associated with an APEX is always included in the APEX.
Obviously, the public keys are no longer installed to
/system/etc/security/apex
Bug: 128344735
Test: m
Change-Id: I1e1aef1d32597a447b57d49ab80bbfb921fa8178
public_key and private_key properties support :module syntax so that the
key pairs can be dynamically created during the build, which is useful
for one-time keys.
Bug: 128960614
Test: m (apex_test amended)
Change-Id: I249b1d29f247784193b0d733a7b6a20274ece105
apex_key, when with product_specific: true, is installed to
/product/etc/security/apex.
Bug: 128519063
Test: m (apex_test.go amended)
Change-Id: I39e8ac1c486c734dfe0555cd1874468d75e71f34
ed023eca73 introduced a new (better) way
of exporting make vars from singletone. apex_keys_text singletone is
switched to the new method.
Test: inspect out/soong/make_vars-<target>.mk
Check SOONG_SOONG_APEX_KEYS_FILE is set
Change-Id: Ia218852ba9ae40070cb6c99340d97e0c77d19841
apexkeys.txt is a text file having APEX-to-keys mappings. The file is
included in the target-files package where it is used when re-sign the
APEXes with release keys.
Each line of the file consists of 5 fields:
1) name: file name of the APEX
2) public_key: the public key for the apex_payload.img of the APEX
3) private_key: the private key used to sign the apex_payload.img
4) container_certificate: the certificate used to sign the APEX zip
container
5) container_private_key: the private key used to sign the APEX zip
container
Bug: 124406181
Test: m out/soong/apexkeys.txt and inspect the content
Test: TARGET_BUILD_APPS=com.android.tzdata m dist and make sure
out/dist/apexkeys.txt exists
Change-Id: I1daa13ec50956323b97e15e8df7f1fbe5ea21d63
Build rules for both flattened and non-flattend APEXes are created
regardless of TARGET_FLATTEN_APEX. The selection is made in AndroidMk.
This allows other module to reference an APEX via :module syntax
irrespective of TARGET_FLATTEN_APEX.
Bug: 123780484
Test: TARGET_FLATTEN_APEX=true m out/soong/.intermediates/art/build/apex/art-check-debug-apex-gen/gen/art-check-debug-apex-gen.dummy
with aosp/891696 applied
Change-Id: Ia49415ec3d18cfc5081461be76900c73ea803dca
Add an empty DepsMutator to ModuleBase so it doesn't have to be
implemented on every module that doesn't need it.
Test: all soong tests
Change-Id: I545a832a0dbf27386d3080377a75ea482cd9ce59
When PRODUCT_DEFAULT_DEV_CERTIFICATE is set to /vendor/foo/devkeys/test,
then the public/private key pairs for an apex_key is searched at
/vendor/foo/devkeys directory.
To be specific,
/system/timezone/Android.bp:
apex_key {
name: "timezone.key",
public_key: "com.android.tzdata.avbpubkey",
private_key: "com.android.tzdata.pem",
}
When PRODUCT_DEFAULT_DEV_CERTIFICATE isn't set, the keys are searched at
/system/timezone, which is the path where Android.bp is located.
With PRODUCT_DEFAULT_DEV_CERTIFICATE set to /vendor/foo/devkeys/test,
the keys are searched at /vendor/foo/devkeys.
Bug: 121224311
Test: m (apex_test updated)
Test: m with crosshatch (PRODUCT_DEFAULT_DEV_CERTIFICATE is set to
/vendor/google/...)
Test: m with cheets (PRODUCT_DEFAULT_DEV_CERTIFICATE is set, but there
is no apex key there. The product is with TARGET_FLATTEN_APEX := true)
Change-Id: I213bbb96c433d851f9cc982871459fd7fb4fe47d
Setting the property to false prevents the key from being installed.
Useful for testing keys.
Bug: 122042717
Test: add 'installable: false' to the apex_key
'com.android.apex.test_package.key'. mma under
/system/apex/apexd/apexd_testdata. The key is not found under
out/target/product/..../system/etc/security/apex
Change-Id: Ibf70e4e8ea5e73432d06b1c4050df531eaafc85e
A new module type 'apex_key' is defined to specify public and private
key pair for APEXs. An APEX can refer to the module via the property
'key'. When building the APEX, the private key from the key module is
used to sign it. In addition, the public key from the key module is
automatically installed to /system/etc/security/apex.
Bug: 115721587
Test: m apex.test; m
/apex/com.android.example.apex@1 exists
Change-Id: I82666db095bd7a09f6c1b9cbea2db57ebc076cbf