Loading tools/releasetools/common.py +8 −2 Original line number Diff line number Diff line Loading @@ -1008,7 +1008,8 @@ def GetMinSdkVersionInt(apk_name, codename_to_api_level_map): def SignFile(input_name, output_name, key, password, min_api_level=None, codename_to_api_level_map=None, whole_file=False): codename_to_api_level_map=None, whole_file=False, extra_signapk_args=None): """Sign the input_name zip/jar/apk, producing output_name. Use the given key and password (the latter may be None if the key does not have a password. Loading @@ -1023,9 +1024,14 @@ def SignFile(input_name, output_name, key, password, min_api_level=None, codename_to_api_level_map is needed to translate the codename which may be encountered as the APK's minSdkVersion. Caller may optionally specify extra args to be passed to SignApk, which defaults to OPTIONS.extra_signapk_args if omitted. """ if codename_to_api_level_map is None: codename_to_api_level_map = {} if extra_signapk_args is None: extra_signapk_args = OPTIONS.extra_signapk_args java_library_path = os.path.join( OPTIONS.search_path, OPTIONS.signapk_shared_library_path) Loading @@ -1033,7 +1039,7 @@ def SignFile(input_name, output_name, key, password, min_api_level=None, cmd = ([OPTIONS.java_path] + OPTIONS.java_args + ["-Djava.library.path=" + java_library_path, "-jar", os.path.join(OPTIONS.search_path, OPTIONS.signapk_path)] + OPTIONS.extra_signapk_args) extra_signapk_args) if whole_file: cmd.append("-w") Loading tools/releasetools/sign_target_files_apks.py +20 −12 Original line number Diff line number Diff line Loading @@ -400,7 +400,6 @@ def SignApex(apex_data, payload_key, container_key, container_pw, APEX_PAYLOAD_IMAGE = 'apex_payload.img' # Signing an APEX is a two step process. # 1. Extract and sign the APEX_PAYLOAD_IMAGE entry with the given payload_key. payload_dir = common.MakeTempDir(prefix='apex-payload-') with zipfile.ZipFile(apex_file) as apex_fd: Loading @@ -420,21 +419,28 @@ def SignApex(apex_data, payload_key, container_key, container_pw, common.ZipWrite(apex_zip, payload_file, arcname=APEX_PAYLOAD_IMAGE) common.ZipClose(apex_zip) # 2. Sign the overall APEX container with container_key. # 2. Align the files at page boundary (same as in apexer). aligned_apex = common.MakeTempFile( prefix='apex-container-', suffix='.apex') common.RunAndCheckOutput( ['zipalign', '-f', '4096', apex_file, aligned_apex]) # 3. Sign the APEX container with container_key. signed_apex = common.MakeTempFile(prefix='apex-container-', suffix='.apex') # Specify the 4K alignment when calling SignApk. extra_signapk_args = OPTIONS.extra_signapk_args[:] extra_signapk_args.extend(['-a', '4096']) common.SignFile( apex_file, aligned_apex, signed_apex, container_key, container_pw, codename_to_api_level_map=codename_to_api_level_map) codename_to_api_level_map=codename_to_api_level_map, extra_signapk_args=extra_signapk_args) signed_and_aligned_apex = common.MakeTempFile( prefix='apex-container-', suffix='.apex') common.RunAndCheckOutput( ['zipalign', '-f', '4096', signed_apex, signed_and_aligned_apex]) return (signed_and_aligned_apex, payload_info['apex.key']) return (signed_apex, payload_info['apex.key']) def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info, Loading Loading @@ -600,7 +606,7 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info, else: common.ZipWriteStr(output_tf_zip, out_info, data) # Update APEX payload public keys. # Copy or update APEX payload public keys. for info in input_tf_zip.infolist(): filename = info.filename if (os.path.dirname(filename) != 'SYSTEM/etc/security/apex' or Loading @@ -609,8 +615,10 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info, name = os.path.basename(filename) # Skip PRESIGNED APEXes. # Copy the keys for PRESIGNED APEXes. if name not in updated_apex_payload_keys: data = input_tf_zip.read(filename) common.ZipWriteStr(output_tf_zip, info, data) continue key_path = updated_apex_payload_keys[name] Loading Loading
tools/releasetools/common.py +8 −2 Original line number Diff line number Diff line Loading @@ -1008,7 +1008,8 @@ def GetMinSdkVersionInt(apk_name, codename_to_api_level_map): def SignFile(input_name, output_name, key, password, min_api_level=None, codename_to_api_level_map=None, whole_file=False): codename_to_api_level_map=None, whole_file=False, extra_signapk_args=None): """Sign the input_name zip/jar/apk, producing output_name. Use the given key and password (the latter may be None if the key does not have a password. Loading @@ -1023,9 +1024,14 @@ def SignFile(input_name, output_name, key, password, min_api_level=None, codename_to_api_level_map is needed to translate the codename which may be encountered as the APK's minSdkVersion. Caller may optionally specify extra args to be passed to SignApk, which defaults to OPTIONS.extra_signapk_args if omitted. """ if codename_to_api_level_map is None: codename_to_api_level_map = {} if extra_signapk_args is None: extra_signapk_args = OPTIONS.extra_signapk_args java_library_path = os.path.join( OPTIONS.search_path, OPTIONS.signapk_shared_library_path) Loading @@ -1033,7 +1039,7 @@ def SignFile(input_name, output_name, key, password, min_api_level=None, cmd = ([OPTIONS.java_path] + OPTIONS.java_args + ["-Djava.library.path=" + java_library_path, "-jar", os.path.join(OPTIONS.search_path, OPTIONS.signapk_path)] + OPTIONS.extra_signapk_args) extra_signapk_args) if whole_file: cmd.append("-w") Loading
tools/releasetools/sign_target_files_apks.py +20 −12 Original line number Diff line number Diff line Loading @@ -400,7 +400,6 @@ def SignApex(apex_data, payload_key, container_key, container_pw, APEX_PAYLOAD_IMAGE = 'apex_payload.img' # Signing an APEX is a two step process. # 1. Extract and sign the APEX_PAYLOAD_IMAGE entry with the given payload_key. payload_dir = common.MakeTempDir(prefix='apex-payload-') with zipfile.ZipFile(apex_file) as apex_fd: Loading @@ -420,21 +419,28 @@ def SignApex(apex_data, payload_key, container_key, container_pw, common.ZipWrite(apex_zip, payload_file, arcname=APEX_PAYLOAD_IMAGE) common.ZipClose(apex_zip) # 2. Sign the overall APEX container with container_key. # 2. Align the files at page boundary (same as in apexer). aligned_apex = common.MakeTempFile( prefix='apex-container-', suffix='.apex') common.RunAndCheckOutput( ['zipalign', '-f', '4096', apex_file, aligned_apex]) # 3. Sign the APEX container with container_key. signed_apex = common.MakeTempFile(prefix='apex-container-', suffix='.apex') # Specify the 4K alignment when calling SignApk. extra_signapk_args = OPTIONS.extra_signapk_args[:] extra_signapk_args.extend(['-a', '4096']) common.SignFile( apex_file, aligned_apex, signed_apex, container_key, container_pw, codename_to_api_level_map=codename_to_api_level_map) codename_to_api_level_map=codename_to_api_level_map, extra_signapk_args=extra_signapk_args) signed_and_aligned_apex = common.MakeTempFile( prefix='apex-container-', suffix='.apex') common.RunAndCheckOutput( ['zipalign', '-f', '4096', signed_apex, signed_and_aligned_apex]) return (signed_and_aligned_apex, payload_info['apex.key']) return (signed_apex, payload_info['apex.key']) def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info, Loading Loading @@ -600,7 +606,7 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info, else: common.ZipWriteStr(output_tf_zip, out_info, data) # Update APEX payload public keys. # Copy or update APEX payload public keys. for info in input_tf_zip.infolist(): filename = info.filename if (os.path.dirname(filename) != 'SYSTEM/etc/security/apex' or Loading @@ -609,8 +615,10 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info, name = os.path.basename(filename) # Skip PRESIGNED APEXes. # Copy the keys for PRESIGNED APEXes. if name not in updated_apex_payload_keys: data = input_tf_zip.read(filename) common.ZipWriteStr(output_tf_zip, info, data) continue key_path = updated_apex_payload_keys[name] Loading
