releasetools: Move the AVB salt setup into common.LoadInfoDict().
We used to do this in add_img_to_target_files.AddImagesToTargetFiles(),
which didn't cover the path when calling from make_recovery_patch. As a
result, /system/bin/install-recovery.sh contains different SHA values
from the actual images.
Test: Set up aosp_bullhead to use AVB. `m dist`, then run the following
command to verify the generated install-recovery.sh.
$ ./build/make/tools/releasetools/validate_target_files.py \
out/dist/aosp_bullhead-target_files-eng.zip
Change-Id: Id7be8fb17072252fcd4d08db2057b8c4af053376
diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py
index 632cc11..d0ee6ae 100644
--- a/tools/releasetools/common.py
+++ b/tools/releasetools/common.py
@@ -31,12 +31,10 @@
import threading
import time
import zipfile
+from hashlib import sha1, sha256
import blockimgdiff
-from hashlib import sha1 as sha1
-
-
class Options(object):
def __init__(self):
platform_search_path = {
@@ -259,6 +257,20 @@
d["build.prop"] = LoadBuildProp(read_helper, 'SYSTEM/build.prop')
d["vendor.build.prop"] = LoadBuildProp(read_helper, 'VENDOR/build.prop')
+
+ # Set up the salt (based on fingerprint or thumbprint) that will be used when
+ # adding AVB footer.
+ if d.get("avb_enable") == "true":
+ fp = None
+ if "build.prop" in d:
+ build_prop = d["build.prop"]
+ if "ro.build.fingerprint" in build_prop:
+ fp = build_prop["ro.build.fingerprint"]
+ elif "ro.build.thumbprint" in build_prop:
+ fp = build_prop["ro.build.thumbprint"]
+ if fp:
+ d["avb_salt"] = sha256(fp).hexdigest()
+
return d