p96705831
/
platform_build
forked from openkylin/platform_build
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge "releasetools: Remove the sanity check on APEX payload key names." 

am: c292edc22c

Change-Id: I3ff4de4afde65971f9967db73a6373107517c8fa
This commit is contained in:
Tao Bao 2019-03-27 08:51:33 -07:00 committed by android-build-merger
parent 969c3cd3ba c292edc22c
commit ea673330bd
2 changed files with 30 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
tools/releasetools/sign_target_files_apks.py
View File

@ -1081,7 +1081,6 @@ def ReadApexKeysInfo(tf_zip):
continue continue
name = matches.group('NAME') name = matches.group('NAME')
payload_public_key = matches.group("PAYLOAD_PUBLIC_KEY")
payload_private_key = matches.group("PAYLOAD_PRIVATE_KEY") payload_private_key = matches.group("PAYLOAD_PRIVATE_KEY")
def CompareKeys(pubkey, pubkey_suffix, privkey, privkey_suffix): def CompareKeys(pubkey, pubkey_suffix, privkey, privkey_suffix):
@ -1091,13 +1090,9 @@ def ReadApexKeysInfo(tf_zip):
privkey.endswith(privkey_suffix) and privkey.endswith(privkey_suffix) and
pubkey[:-pubkey_suffix_len] == privkey[:-privkey_suffix_len]) pubkey[:-pubkey_suffix_len] == privkey[:-privkey_suffix_len])
PAYLOAD_PUBLIC_KEY_SUFFIX = '.avbpubkey' # Sanity check on the container key names, as we'll carry them without the
PAYLOAD_PRIVATE_KEY_SUFFIX = '.pem' # extensions. This doesn't apply to payload keys though, which we will use
if not CompareKeys( # full names only.
payload_public_key, PAYLOAD_PUBLIC_KEY_SUFFIX,
payload_private_key, PAYLOAD_PRIVATE_KEY_SUFFIX):
raise ValueError("Failed to parse payload keys: \n{}".format(line))
container_cert = matches.group("CONTAINER_CERT") container_cert = matches.group("CONTAINER_CERT")
container_private_key = matches.group("CONTAINER_PRIVATE_KEY") container_private_key = matches.group("CONTAINER_PRIVATE_KEY")
if not CompareKeys( if not CompareKeys(

31
tools/releasetools/test_sign_target_files_apks.py
View File

@ -401,14 +401,14 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
'build/target/product/security/testkey'), 'build/target/product/security/testkey'),
}, keys_info) }, keys_info)
def test_ReadApexKeysInfo_mismatchingKeys(self): def test_ReadApexKeysInfo_mismatchingContainerKeys(self):
# Mismatching payload public / private keys. # Mismatching payload public / private keys.
apex_keys = self.APEX_KEYS_TXT + ( apex_keys = self.APEX_KEYS_TXT + (
'name="apex.apexd_test_different_app2.apex" ' 'name="apex.apexd_test_different_app2.apex" '
'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" ' 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" '
'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_3.pem" ' 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" '
'container_certificate="build/target/product/security/testkey.x509.pem" ' 'container_certificate="build/target/product/security/testkey.x509.pem" '
'container_private_key="build/target/product/security/testkey.pk8"') 'container_private_key="build/target/product/security/testkey2.pk8"')
target_files = common.MakeTempFile(suffix='.zip') target_files = common.MakeTempFile(suffix='.zip')
with zipfile.ZipFile(target_files, 'w') as target_files_zip: with zipfile.ZipFile(target_files, 'w') as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', apex_keys) target_files_zip.writestr('META/apexkeys.txt', apex_keys)
@ -416,7 +416,7 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
with zipfile.ZipFile(target_files) as target_files_zip: with zipfile.ZipFile(target_files) as target_files_zip:
self.assertRaises(ValueError, ReadApexKeysInfo, target_files_zip) self.assertRaises(ValueError, ReadApexKeysInfo, target_files_zip)
def test_ReadApexKeysInfo_missingPrivateKey(self): def test_ReadApexKeysInfo_missingPayloadPrivateKey(self):
# Invalid lines will be skipped. # Invalid lines will be skipped.
apex_keys = self.APEX_KEYS_TXT + ( apex_keys = self.APEX_KEYS_TXT + (
'name="apex.apexd_test_different_app2.apex" ' 'name="apex.apexd_test_different_app2.apex" '
@ -438,3 +438,26 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
'build/target/product/security/testkey'), 'build/target/product/security/testkey'),
}, keys_info) }, keys_info)
def test_ReadApexKeysInfo_missingPayloadPublicKey(self):
# Invalid lines will be skipped.
apex_keys = self.APEX_KEYS_TXT + (
'name="apex.apexd_test_different_app2.apex" '
'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" '
'container_certificate="build/target/product/security/testkey.x509.pem" '
'container_private_key="build/target/product/security/testkey.pk8"')
target_files = common.MakeTempFile(suffix='.zip')
with zipfile.ZipFile(target_files, 'w') as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', apex_keys)
with zipfile.ZipFile(target_files) as target_files_zip:
keys_info = ReadApexKeysInfo(target_files_zip)
self.assertEqual({
'apex.apexd_test.apex': (
'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
'build/target/product/security/testkey'),
'apex.apexd_test_different_app.apex': (
'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
'build/target/product/security/testkey'),
}, keys_info)