Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 389c621d authored by Ricardo Cerqueira's avatar Ricardo Cerqueira Committed by Brint E. Kriebel
Browse files

Store the base64 release key in the OTA zips 

This can be directly grepped in pre-existing package.xml tables
to make sure we're not trying to update to a differently signed
build

Change-Id: I7528a8e7c484ea9209cd665b9263328ae834586a
parent be532ab6

core/Makefile

+5 −0
Original line number Diff line number Diff line
@@ -1380,6 +1380,11 @@ endif 
	$(hide) echo "use_set_metadata=1" >> $(zip_root)/META/misc_info.txt

	$(hide) echo "update_rename_support=1" >> $(zip_root)/META/misc_info.txt

	$(call generate-userimage-prop-dictionary, $(zip_root)/META/misc_info.txt)

ifdef PRODUCT_DEFAULT_DEV_CERTIFICATE

	$(hide) build/tools/getb64key.py $(PRODUCT_DEFAULT_DEV_CERTIFICATE).x509.pem > $(zip_root)/META/releasekey.txt

else

	$(hide) build/tools/getb64key.py $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem > $(zip_root)/META/releasekey.txt

endif

	@# Zip everything up, preserving symlinks

	$(hide) (cd $(zip_root) && zip -qry ../$(notdir $@) .)

	@# Run fs_config on all the system, boot ramdisk, and recovery ramdisk files in the zip, and save the output

tools/releasetools/ota_from_target_files

+3 −1
Original line number Diff line number Diff line
@@ -507,6 +507,9 @@ def WriteFullOTAPackage(input_zip, output_zip): 
  script.AddToZip(input_zip, output_zip)

  WriteMetadata(metadata, output_zip)



  common.ZipWriteStr(output_zip, "META-INF/org/cyanogenmod/releasekey",

                     ""+input_zip.read("META/releasekey.txt"))



def WritePolicyConfig(file_context, output_zip):

  f = open(file_context, 'r');

  basename = os.path.basename(file_context)
@@ -839,7 +842,6 @@ def WriteIncrementalOTAPackage(target_zip, source_zip, output_zip): 
  script.AddToZip(target_zip, output_zip)

  WriteMetadata(metadata, output_zip)





def main(argv):



  def option_handler(o, a):

tools/releasetools/sign_target_files_apks

+8 −0
Original line number Diff line number Diff line
@@ -294,6 +294,14 @@ def ReplaceOtaKeys(input_tf_zip, output_tf_zip, misc_info): 
    raise common.ExternalError("failed to run dumpkeys")

  common.ZipWriteStr(output_tf_zip, "RECOVERY/RAMDISK/res/keys", data)



  # Save the base64 key representation in the update for key-change

  # validations

  p = common.Run(["python", "build/tools/getb64key.py", mapped_keys[0]],

                 stdout=subprocess.PIPE)

  data, _ = p.communicate()

  if p.returncode == 0:

    common.ZipWriteStr(output_tf_zip, "META/releasekey.txt", data)



  # SystemUpdateActivity uses the x509.pem version of the keys, but

  # put into a zipfile system/etc/security/otacerts.zip.

  # We DO NOT include the extra_recovery_keys (if any) here.