Sign APEXes on all partitions (5bd03955) · Commits · e / os / android_build

tools/releasetools/sign_target_files_apks.py

+7 −12

Original line number	Original line	Diff line number	Diff line
	@@ -329,9 +329,8 @@ def CheckApkAndApexKeysAvailable(input_tf_zip, known_keys,
	"""		"""
	unknown_files = []		unknown_files = []
	for info in input_tf_zip.infolist():		for info in input_tf_zip.infolist():
	# Handle APEXes first, e.g. SYSTEM/apex/com.android.tzdata.apex.		# Handle APEXes on all partitions
	if (info.filename.startswith('SYSTEM/apex') and		if info.filename.endswith('.apex'):
	info.filename.endswith('.apex')):
	name = os.path.basename(info.filename)		name = os.path.basename(info.filename)
	if name not in known_keys:		if name not in known_keys:
	unknown_files.append(name)		unknown_files.append(name)
	@@ -363,8 +362,7 @@ def CheckApkAndApexKeysAvailable(input_tf_zip, known_keys,

	invalid_apexes = []		invalid_apexes = []
	for info in input_tf_zip.infolist():		for info in input_tf_zip.infolist():
	if (not info.filename.startswith('SYSTEM/apex') or		if not info.filename.endswith('.apex'):
	not info.filename.endswith('.apex')):
	continue		continue

	name = os.path.basename(info.filename)		name = os.path.basename(info.filename)
	@@ -444,6 +442,7 @@ def SignApk(data, keyname, pw, platform_api_level, codename_to_api_level_map,

	return data		return data


	def IsBuildPropFile(filename):		def IsBuildPropFile(filename):
	return filename in (		return filename in (
	"SYSTEM/etc/prop.default",		"SYSTEM/etc/prop.default",
	@@ -462,6 +461,7 @@ def IsBuildPropFile(filename):
	# path here for clarity.		# path here for clarity.
	"RECOVERY/RAMDISK/default.prop") or filename.endswith("build.prop")		"RECOVERY/RAMDISK/default.prop") or filename.endswith("build.prop")


	def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info,		def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info,
	apk_keys, apex_keys, key_passwords,		apk_keys, apex_keys, key_passwords,
	platform_api_level, codename_to_api_level_map,		platform_api_level, codename_to_api_level_map,
	@@ -514,8 +514,8 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info,
	" (skipped due to special cert string)" % (name,))		" (skipped due to special cert string)" % (name,))
	common.ZipWriteStr(output_tf_zip, out_info, data)		common.ZipWriteStr(output_tf_zip, out_info, data)

	# Sign bundled APEX files.		# Sign bundled APEX files on all partitions
	elif filename.startswith("SYSTEM/apex") and filename.endswith(".apex"):		elif filename.endswith(".apex"):
	name = os.path.basename(filename)		name = os.path.basename(filename)
	payload_key, container_key = apex_keys[name]		payload_key, container_key = apex_keys[name]

	@@ -545,11 +545,6 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info,
	" (skipped due to special cert string)" % (name,))		" (skipped due to special cert string)" % (name,))
	common.ZipWriteStr(output_tf_zip, out_info, data)		common.ZipWriteStr(output_tf_zip, out_info, data)

	# AVB public keys for the installed APEXes, which will be updated later.
	elif (os.path.dirname(filename) == 'SYSTEM/etc/security/apex' and
	filename != 'SYSTEM/etc/security/apex/'):
	continue

	# System properties.		# System properties.
	elif IsBuildPropFile(filename):		elif IsBuildPropFile(filename):
	print("Rewriting %s:" % (filename,))		print("Rewriting %s:" % (filename,))