Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 122a6dc0 authored by Nikita Ioffe's avatar Nikita Ioffe Committed by Automerger Merge Worker
Browse files

Merge "Refactor apex signing logic in preparation for compressed apexes" am:... 

Merge "Refactor apex signing logic in preparation for compressed apexes" am: 015b6892 am: d2052b65

Original change: https://android-review.googlesource.com/c/platform/build/+/1545992

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I57510bd7387242d6e2cfa3b56b4e7bfcb1f7f4f5
parents da5d5a71 d2052b65

tools/releasetools/apex_utils.py

+53 −5
Original line number Diff line number Diff line
@@ -300,13 +300,13 @@ def ParseApexPayloadInfo(avbtool, payload_path): 
  return payload_info





def SignApex(avbtool, apex_data, payload_key, container_key, container_pw,

             apk_keys, codename_to_api_level_map,

def SignUncompressedApex(avbtool, apex_data, payload_key, container_key,

                         container_pw, apk_keys, codename_to_api_level_map,

                         no_hashtree, signing_args=None):

  """Signs the current APEX with the given payload/container keys.

  """Signs the current uncompressed APEX with the given payload/container keys.



  Args:

    apex_data: Raw APEX data.

    apex_data: Raw uncompressed APEX data.

    payload_key: The path to payload signing key (w/ extension).

    container_key: The path to container signing key (w/o extension).

    container_pw: The matching password of the container_key, or None.
@@ -380,3 +380,51 @@ def SignApex(avbtool, apex_data, payload_key, container_key, container_pw, 
      extra_signapk_args=extra_signapk_args)



  return signed_apex





def SignApex(avbtool, apex_data, payload_key, container_key, container_pw,

             apk_keys, codename_to_api_level_map,

             no_hashtree, signing_args=None):

  """Signs the current APEX with the given payload/container keys.



  Args:

    apex_file: Path to apex file path.

    payload_key: The path to payload signing key (w/ extension).

    container_key: The path to container signing key (w/o extension).

    container_pw: The matching password of the container_key, or None.

    apk_keys: A dict that holds the signing keys for apk files.

    codename_to_api_level_map: A dict that maps from codename to API level.

    no_hashtree: Don't include hashtree in the signed APEX.

    signing_args: Additional args to be passed to the payload signer.



  Returns:

    The path to the signed APEX file.

  """

  apex_file = common.MakeTempFile(prefix='apex-container-', suffix='.apex')

  with open(apex_file, 'wb') as output_fp:

    output_fp.write(apex_data)



  debugfs_path = os.path.join(OPTIONS.search_path, "bin", "debugfs_static")

  cmd = ['deapexer', '--debugfs_path', debugfs_path,

         'info', '--print-type', apex_file]



  try:

    apex_type = common.RunAndCheckOutput(cmd).strip()

    if apex_type == 'UNCOMPRESSED':

      return SignUncompressedApex(

          avbtool,

          apex_data,

          payload_key=payload_key,

          container_key=container_key,

          container_pw=None,

          codename_to_api_level_map=codename_to_api_level_map,

          no_hashtree=no_hashtree,

          apk_keys=apk_keys,

          signing_args=signing_args)

    else:

      # TODO(b/172912232): support signing compressed apex

      raise ApexInfoError('Unsupported apex type {}'.format(apex_type))



  except common.ExternalError as e:

    raise ApexInfoError(

        'Failed to get type for {}:\n{}'.format(apex_file))