Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 95ebe7a0 authored by Geremy Condra's avatar Geremy Condra Committed by Rom Lemarchand
Browse files

Use the specified verity key to sign boot and recovery OTA images. 

This ensures that when the verity key is rotated to a release key
both the boot and recovery images will be correctly signed. It does
mean that they will both be signed with the same key for now, but
as that doesn't change the threat model separating them is just a
distant nice-to-have.

Bug: 15725238
Change-Id: I5b75e4346fe0655065643ab553431690cc1a8cb0
parent 4faea310

tools/releasetools/common.py

+7 −0
Original line number Diff line number Diff line
@@ -335,6 +335,13 @@ def BuildBootableImage(sourcedir, fs_config_file, info_dict=None): 
  assert p.returncode == 0, "mkbootimg of %s image failed" % (

      os.path.basename(sourcedir),)



  if info_dict.get("verity_key", None):

    path = "/" + os.path.basename(sourcedir).lower()

    cmd = ["boot_signer", path, img.name, info_dict["verity_key"], img.name]

    p = Run(cmd, stdout=subprocess.PIPE)

    p.communicate()

    assert p.returncode == 0, "boot_signer of %s image failed" % path



  img.seek(os.SEEK_SET, 0)

  data = img.read()