Loading tools/releasetools/sign_target_files_apks.py +3 −8 Original line number Diff line number Diff line Loading @@ -1081,7 +1081,6 @@ def ReadApexKeysInfo(tf_zip): continue name = matches.group('NAME') payload_public_key = matches.group("PAYLOAD_PUBLIC_KEY") payload_private_key = matches.group("PAYLOAD_PRIVATE_KEY") def CompareKeys(pubkey, pubkey_suffix, privkey, privkey_suffix): Loading @@ -1091,13 +1090,9 @@ def ReadApexKeysInfo(tf_zip): privkey.endswith(privkey_suffix) and pubkey[:-pubkey_suffix_len] == privkey[:-privkey_suffix_len]) PAYLOAD_PUBLIC_KEY_SUFFIX = '.avbpubkey' PAYLOAD_PRIVATE_KEY_SUFFIX = '.pem' if not CompareKeys( payload_public_key, PAYLOAD_PUBLIC_KEY_SUFFIX, payload_private_key, PAYLOAD_PRIVATE_KEY_SUFFIX): raise ValueError("Failed to parse payload keys: \n{}".format(line)) # Sanity check on the container key names, as we'll carry them without the # extensions. This doesn't apply to payload keys though, which we will use # full names only. container_cert = matches.group("CONTAINER_CERT") container_private_key = matches.group("CONTAINER_PRIVATE_KEY") if not CompareKeys( Loading tools/releasetools/test_sign_target_files_apks.py +27 −4 Original line number Diff line number Diff line Loading @@ -401,14 +401,14 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te 'build/target/product/security/testkey'), }, keys_info) def test_ReadApexKeysInfo_mismatchingKeys(self): def test_ReadApexKeysInfo_mismatchingContainerKeys(self): # Mismatching payload public / private keys. apex_keys = self.APEX_KEYS_TXT + ( 'name="apex.apexd_test_different_app2.apex" ' 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" ' 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_3.pem" ' 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" ' 'container_certificate="build/target/product/security/testkey.x509.pem" ' 'container_private_key="build/target/product/security/testkey.pk8"') 'container_private_key="build/target/product/security/testkey2.pk8"') target_files = common.MakeTempFile(suffix='.zip') with zipfile.ZipFile(target_files, 'w') as target_files_zip: target_files_zip.writestr('META/apexkeys.txt', apex_keys) Loading @@ -416,7 +416,7 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te with zipfile.ZipFile(target_files) as target_files_zip: self.assertRaises(ValueError, ReadApexKeysInfo, target_files_zip) def test_ReadApexKeysInfo_missingPrivateKey(self): def test_ReadApexKeysInfo_missingPayloadPrivateKey(self): # Invalid lines will be skipped. apex_keys = self.APEX_KEYS_TXT + ( 'name="apex.apexd_test_different_app2.apex" ' Loading @@ -438,3 +438,26 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', 'build/target/product/security/testkey'), }, keys_info) def test_ReadApexKeysInfo_missingPayloadPublicKey(self): # Invalid lines will be skipped. apex_keys = self.APEX_KEYS_TXT + ( 'name="apex.apexd_test_different_app2.apex" ' 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" ' 'container_certificate="build/target/product/security/testkey.x509.pem" ' 'container_private_key="build/target/product/security/testkey.pk8"') target_files = common.MakeTempFile(suffix='.zip') with zipfile.ZipFile(target_files, 'w') as target_files_zip: target_files_zip.writestr('META/apexkeys.txt', apex_keys) with zipfile.ZipFile(target_files) as target_files_zip: keys_info = ReadApexKeysInfo(target_files_zip) self.assertEqual({ 'apex.apexd_test.apex': ( 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem', 'build/target/product/security/testkey'), 'apex.apexd_test_different_app.apex': ( 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', 'build/target/product/security/testkey'), }, keys_info) Loading
tools/releasetools/sign_target_files_apks.py +3 −8 Original line number Diff line number Diff line Loading @@ -1081,7 +1081,6 @@ def ReadApexKeysInfo(tf_zip): continue name = matches.group('NAME') payload_public_key = matches.group("PAYLOAD_PUBLIC_KEY") payload_private_key = matches.group("PAYLOAD_PRIVATE_KEY") def CompareKeys(pubkey, pubkey_suffix, privkey, privkey_suffix): Loading @@ -1091,13 +1090,9 @@ def ReadApexKeysInfo(tf_zip): privkey.endswith(privkey_suffix) and pubkey[:-pubkey_suffix_len] == privkey[:-privkey_suffix_len]) PAYLOAD_PUBLIC_KEY_SUFFIX = '.avbpubkey' PAYLOAD_PRIVATE_KEY_SUFFIX = '.pem' if not CompareKeys( payload_public_key, PAYLOAD_PUBLIC_KEY_SUFFIX, payload_private_key, PAYLOAD_PRIVATE_KEY_SUFFIX): raise ValueError("Failed to parse payload keys: \n{}".format(line)) # Sanity check on the container key names, as we'll carry them without the # extensions. This doesn't apply to payload keys though, which we will use # full names only. container_cert = matches.group("CONTAINER_CERT") container_private_key = matches.group("CONTAINER_PRIVATE_KEY") if not CompareKeys( Loading
tools/releasetools/test_sign_target_files_apks.py +27 −4 Original line number Diff line number Diff line Loading @@ -401,14 +401,14 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te 'build/target/product/security/testkey'), }, keys_info) def test_ReadApexKeysInfo_mismatchingKeys(self): def test_ReadApexKeysInfo_mismatchingContainerKeys(self): # Mismatching payload public / private keys. apex_keys = self.APEX_KEYS_TXT + ( 'name="apex.apexd_test_different_app2.apex" ' 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" ' 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_3.pem" ' 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" ' 'container_certificate="build/target/product/security/testkey.x509.pem" ' 'container_private_key="build/target/product/security/testkey.pk8"') 'container_private_key="build/target/product/security/testkey2.pk8"') target_files = common.MakeTempFile(suffix='.zip') with zipfile.ZipFile(target_files, 'w') as target_files_zip: target_files_zip.writestr('META/apexkeys.txt', apex_keys) Loading @@ -416,7 +416,7 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te with zipfile.ZipFile(target_files) as target_files_zip: self.assertRaises(ValueError, ReadApexKeysInfo, target_files_zip) def test_ReadApexKeysInfo_missingPrivateKey(self): def test_ReadApexKeysInfo_missingPayloadPrivateKey(self): # Invalid lines will be skipped. apex_keys = self.APEX_KEYS_TXT + ( 'name="apex.apexd_test_different_app2.apex" ' Loading @@ -438,3 +438,26 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', 'build/target/product/security/testkey'), }, keys_info) def test_ReadApexKeysInfo_missingPayloadPublicKey(self): # Invalid lines will be skipped. apex_keys = self.APEX_KEYS_TXT + ( 'name="apex.apexd_test_different_app2.apex" ' 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" ' 'container_certificate="build/target/product/security/testkey.x509.pem" ' 'container_private_key="build/target/product/security/testkey.pk8"') target_files = common.MakeTempFile(suffix='.zip') with zipfile.ZipFile(target_files, 'w') as target_files_zip: target_files_zip.writestr('META/apexkeys.txt', apex_keys) with zipfile.ZipFile(target_files) as target_files_zip: keys_info = ReadApexKeysInfo(target_files_zip) self.assertEqual({ 'apex.apexd_test.apex': ( 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem', 'build/target/product/security/testkey'), 'apex.apexd_test_different_app.apex': ( 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem', 'build/target/product/security/testkey'), }, keys_info)
