Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d2052b65 authored by Nikita Ioffe's avatar Nikita Ioffe Committed by Automerger Merge Worker
Browse files

Merge "Refactor apex signing logic in preparation for compressed apexes" am: 015b6892 

Original change: https://android-review.googlesource.com/c/platform/build/+/1545992

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I2c89435f2f7916a01e1ac0df35f0fabf60f2c8c7
parents f3eaf534 015b6892

tools/releasetools/apex_utils.py

+53 −5
Original line number Diff line number Diff line
@@ -300,13 +300,13 @@ def ParseApexPayloadInfo(avbtool, payload_path): 
  return payload_info





def SignApex(avbtool, apex_data, payload_key, container_key, container_pw,

             apk_keys, codename_to_api_level_map,

def SignUncompressedApex(avbtool, apex_data, payload_key, container_key,

                         container_pw, apk_keys, codename_to_api_level_map,

                         no_hashtree, signing_args=None):

  """Signs the current APEX with the given payload/container keys.

  """Signs the current uncompressed APEX with the given payload/container keys.



  Args:

    apex_data: Raw APEX data.

    apex_data: Raw uncompressed APEX data.

    payload_key: The path to payload signing key (w/ extension).

    container_key: The path to container signing key (w/o extension).

    container_pw: The matching password of the container_key, or None.
@@ -380,3 +380,51 @@ def SignApex(avbtool, apex_data, payload_key, container_key, container_pw, 
      extra_signapk_args=extra_signapk_args)



  return signed_apex





def SignApex(avbtool, apex_data, payload_key, container_key, container_pw,

             apk_keys, codename_to_api_level_map,

             no_hashtree, signing_args=None):

  """Signs the current APEX with the given payload/container keys.



  Args:

    apex_file: Path to apex file path.

    payload_key: The path to payload signing key (w/ extension).

    container_key: The path to container signing key (w/o extension).

    container_pw: The matching password of the container_key, or None.

    apk_keys: A dict that holds the signing keys for apk files.

    codename_to_api_level_map: A dict that maps from codename to API level.

    no_hashtree: Don't include hashtree in the signed APEX.

    signing_args: Additional args to be passed to the payload signer.



  Returns:

    The path to the signed APEX file.

  """

  apex_file = common.MakeTempFile(prefix='apex-container-', suffix='.apex')

  with open(apex_file, 'wb') as output_fp:

    output_fp.write(apex_data)



  debugfs_path = os.path.join(OPTIONS.search_path, "bin", "debugfs_static")

  cmd = ['deapexer', '--debugfs_path', debugfs_path,

         'info', '--print-type', apex_file]



  try:

    apex_type = common.RunAndCheckOutput(cmd).strip()

    if apex_type == 'UNCOMPRESSED':

      return SignUncompressedApex(

          avbtool,

          apex_data,

          payload_key=payload_key,

          container_key=container_key,

          container_pw=None,

          codename_to_api_level_map=codename_to_api_level_map,

          no_hashtree=no_hashtree,

          apk_keys=apk_keys,

          signing_args=signing_args)

    else:

      # TODO(b/172912232): support signing compressed apex

      raise ApexInfoError('Unsupported apex type {}'.format(apex_type))



  except common.ExternalError as e:

    raise ApexInfoError(

        'Failed to get type for {}:\n{}'.format(apex_file))