From 548db7d797f685d055c18465dc92845afd7b4b43 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Wed, 24 Apr 2019 23:53:42 -0700 Subject: [PATCH] releasetools: Accept PRESIGNED keys in apexkeys.txt. For an PRESIGNED APEX, it has the following format, which should be considered as a valid input. name="foo.apex" public_key="PRESIGNED" private_key="PRESIGNED" container_certificate="PRESIGNED" container_private_key="PRESIGNED" Bug: 131153746 Test: Run sign_target_files_apks.py on a target_files.zip with PRESIGNED APEXes. Test: python -m unittest sign_target_files_apks Change-Id: I51076b0c6eddfb75637d37659a08009f0a88e931 (cherry picked from commit f454c3a0b4fc4adfc26efa13da7ad794ae8029e2) --- tools/releasetools/sign_target_files_apks.py | 9 +++++--- .../test_sign_target_files_apks.py | 23 +++++++++++++++++++ 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py index f05a27d80..c2acd8ec2 100755 --- a/tools/releasetools/sign_target_files_apks.py +++ b/tools/releasetools/sign_target_files_apks.py @@ -1074,13 +1074,16 @@ def ReadApexKeysInfo(tf_zip): # full names only. container_cert = matches.group("CONTAINER_CERT") container_private_key = matches.group("CONTAINER_PRIVATE_KEY") - if not CompareKeys( + if container_cert == 'PRESIGNED' and container_private_key == 'PRESIGNED': + container_key = 'PRESIGNED' + elif CompareKeys( container_cert, OPTIONS.public_key_suffix, container_private_key, OPTIONS.private_key_suffix): + container_key = container_cert[:-len(OPTIONS.public_key_suffix)] + else: raise ValueError("Failed to parse container keys: \n{}".format(line)) - keys[name] = (payload_private_key, - container_cert[:-len(OPTIONS.public_key_suffix)]) + keys[name] = (payload_private_key, container_key) return keys diff --git a/tools/releasetools/test_sign_target_files_apks.py b/tools/releasetools/test_sign_target_files_apks.py index 6a4df1a17..a4d51cf55 100644 --- a/tools/releasetools/test_sign_target_files_apks.py +++ b/tools/releasetools/test_sign_target_files_apks.py @@ -461,3 +461,26 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', 'build/target/product/security/testkey'), }, keys_info) + + def test_ReadApexKeysInfo_presignedKeys(self): + apex_keys = self.APEX_KEYS_TXT + ( + 'name="apex.apexd_test_different_app2.apex" ' + 'private_key="PRESIGNED" ' + 'public_key="PRESIGNED" ' + 'container_certificate="PRESIGNED" ' + 'container_private_key="PRESIGNED"') + target_files = common.MakeTempFile(suffix='.zip') + with zipfile.ZipFile(target_files, 'w') as target_files_zip: + target_files_zip.writestr('META/apexkeys.txt', apex_keys) + + with zipfile.ZipFile(target_files) as target_files_zip: + keys_info = ReadApexKeysInfo(target_files_zip) + + self.assertEqual({ + 'apex.apexd_test.apex': ( + 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem', + 'build/make/target/product/security/testkey'), + 'apex.apexd_test_different_app.apex': ( + 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', + 'build/make/target/product/security/testkey'), + }, keys_info)