Remove the key parameter when verifying avb images in validate_target_files If a key is specified, the avbtool always use the input key to verify all the chained images. And this will cause failures when the vbmeta & system use different keys (e.g. RSA 4096 vs RSA2048). Because the public key to vbmeta will always fail to verify the system image. Remove the '--key' parameter in the verification command, so the avbtool will use the embedded public in the image. Test: validate target-file from sdk_gphone_x86_64 Bug: 148916990 Change-Id: I9d31be0f8c32af605af94fa73d07818f40f51ec4

commit: 9bd832a0122b76bce3fe10790b04aabf0099a7ff [log] [tgz]
author: Tianjie Xu <xunchang@google.com> Thu Feb 06 13:12:56 2020 -0800
committer: Tianjie Xu <xunchang@google.com> Thu Feb 06 13:31:26 2020 -0800
tree: e9928d9853bf4201817ddb70db6d34b9f4037af4
parent: 24e2f7c0f1cb6521041cebe7625794c25c8ab71f [diff] [blame]
diff --git a/tools/releasetools/validate_target_files.py b/tools/releasetools/validate_target_files.py
index 9c2bc51..1b918cc 100755
--- a/tools/releasetools/validate_target_files.py
+++ b/tools/releasetools/validate_target_files.py

@@ -350,7 +350,7 @@
     # vbmeta partitions (e.g. vbmeta_system).
     image = os.path.join(input_tmp, 'IMAGES', 'vbmeta.img')
     cmd = [info_dict['avb_avbtool'], 'verify_image', '--image', image,
-           '--key', key, '--follow_chain_partitions']
+           '--follow_chain_partitions']
 
     # Append the args for chained partitions if any.
     for partition in common.AVB_PARTITIONS + common.AVB_VBMETA_PARTITIONS:
commit	9bd832a0122b76bce3fe10790b04aabf0099a7ff	[log] [tgz]
author	Tianjie Xu <xunchang@google.com>	Thu Feb 06 13:12:56 2020 -0800
committer	Tianjie Xu <xunchang@google.com>	Thu Feb 06 13:31:26 2020 -0800
tree	e9928d9853bf4201817ddb70db6d34b9f4037af4
parent	24e2f7c0f1cb6521041cebe7625794c25c8ab71f [diff] [blame]