Merge "Reland "Only assert-max-image-size for static partitions.""
diff --git a/core/Makefile b/core/Makefile
index 016a80e..0ccd719 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -325,7 +325,7 @@
# non-default dev keys (usually private keys from a vendor directory).
# Both of these tags will be removed and replaced with "release-keys"
# when the target-files is signed in a post-build step.
-ifeq ($(DEFAULT_SYSTEM_DEV_CERTIFICATE),build/target/product/security/testkey)
+ifeq ($(DEFAULT_SYSTEM_DEV_CERTIFICATE),build/make/target/product/security/testkey)
BUILD_KEYS := test-keys
else
BUILD_KEYS := dev-keys
@@ -483,7 +483,6 @@
echo "#" >> $@; )
$(hide) $(foreach line,$(FINAL_BUILD_PROPERTIES), \
echo "$(line)" >> $@;)
- $(hide) cat $(INSTALLED_ANDROID_INFO_TXT_TARGET) | grep 'require version-' | sed -e 's/require version-/ro.build.expect./g' >> $@
$(hide) build/make/tools/post_process_props.py $@ $(PRODUCT_SYSTEM_PROPERTY_BLACKLIST)
build_desc :=
@@ -528,10 +527,11 @@
echo "# BOOTIMAGE_BUILD_PROPERTIES" >> $@; \
echo "#" >> $@;
$(hide) $(call generate-common-build-props,bootimage,$@)
-ifdef property_overrides_split_enabled
$(hide) echo "#" >> $@; \
echo "# ADDITIONAL VENDOR BUILD PROPERTIES" >> $@; \
echo "#" >> $@;
+ $(hide) cat $(INSTALLED_ANDROID_INFO_TXT_TARGET) | grep 'require version-' | sed -e 's/require version-/ro.build.expect./g' >> $@
+ifdef property_overrides_split_enabled
$(hide) $(foreach line,$(FINAL_VENDOR_BUILD_PROPERTIES), \
echo "$(line)" >> $@;)
endif # property_overrides_split_enabled
@@ -3569,7 +3569,7 @@
OTATOOLS_DEPS := \
system/extras/ext4_utils/mke2fs.conf \
- $(sort $(shell find build/target/product/security -type f -name "*.x509.pem" -o -name "*.pk8" -o \
+ $(sort $(shell find build/make/target/product/security -type f -name "*.x509.pem" -o -name "*.pk8" -o \
-name verity_key))
ifneq (,$(wildcard device))
diff --git a/core/board_config.mk b/core/board_config.mk
index ed741c3..6f04fb3 100644
--- a/core/board_config.mk
+++ b/core/board_config.mk
@@ -89,6 +89,7 @@
BUILD_BROKEN_DUP_RULES \
BUILD_BROKEN_PHONY_TARGETS \
BUILD_BROKEN_ENG_DEBUG_TAGS \
+ BUILD_BROKEN_USES_NETWORK \
_board_true_false_vars := $(_build_broken_var_list)
_board_strip_readonly_list += $(_build_broken_var_list)
@@ -101,11 +102,7 @@
# ###############################################################
# Broken build defaults
# ###############################################################
-BUILD_BROKEN_ANDROIDMK_EXPORTS :=
-BUILD_BROKEN_DUP_COPY_HEADERS :=
-BUILD_BROKEN_DUP_RULES :=
-BUILD_BROKEN_PHONY_TARGETS :=
-BUILD_BROKEN_ENG_DEBUG_TAGS :=
+$(foreach v,$(_build_broken_var_list),$(eval $(v) :=))
# Boards may be defined under $(SRC_TARGET_DIR)/board/$(TARGET_DEVICE)
# or under vendor/*/$(TARGET_DEVICE). Search in both places, but
diff --git a/core/config.mk b/core/config.mk
index ed41d57..3788721 100644
--- a/core/config.mk
+++ b/core/config.mk
@@ -105,7 +105,7 @@
UNAME := $(shell uname -sm)
-SRC_TARGET_DIR := $(TOPDIR)build/target
+SRC_TARGET_DIR := $(TOPDIR)build/make/target
# Some specific paths to tools
SRC_DROIDDOC_DIR := $(TOPDIR)build/make/tools/droiddoc
@@ -762,7 +762,7 @@
ifdef PRODUCT_DEFAULT_DEV_CERTIFICATE
DEFAULT_SYSTEM_DEV_CERTIFICATE := $(PRODUCT_DEFAULT_DEV_CERTIFICATE)
else
- DEFAULT_SYSTEM_DEV_CERTIFICATE := build/target/product/security/testkey
+ DEFAULT_SYSTEM_DEV_CERTIFICATE := build/make/target/product/security/testkey
endif
.KATI_READONLY := DEFAULT_SYSTEM_DEV_CERTIFICATE
diff --git a/core/envsetup.mk b/core/envsetup.mk
index 1704daf..f4be2c7 100644
--- a/core/envsetup.mk
+++ b/core/envsetup.mk
@@ -25,11 +25,13 @@
#$(warning $(call find_and_earlier,A B C,D))
define version-list
-$(1)PR1 $(1)PD1 $(1)PD2 $(1)PM1 $(1)PM2
+$(1)P1A $(1)P1B $(1)P2A $(1)P2B $(1)D1A $(1)D1B $(1)D2A $(1)D2B $(1)Q1A $(1)Q1B $(1)Q2A $(1)Q2B $(1)Q3A $(1)Q3B
endef
-ALL_VERSIONS := O P Q R S T U V W X Y Z
-ALL_VERSIONS := $(foreach v,$(ALL_VERSIONS),$(call version-list,$(v)))
+PREV_VERSIONS := OPR1 OPD1 OPD2 OPM1 OPM2 PPR1 PPD1 PPD2 PPM1 PPM2 QPR1
+ALL_VERSIONS := Q R S T U V W X Y Z
+ALL_VERSIONS := $(PREV_VERSIONS) $(foreach v,$(ALL_VERSIONS),$(call version-list,$(v)))
+PREV_VERSIONS :=
# Filters ALL_VERSIONS down to the range [$1, $2], and errors if $1 > $2 or $3 is
# not in [$1, $2]
diff --git a/core/version_defaults.mk b/core/version_defaults.mk
index 28d0be8..a392924 100644
--- a/core/version_defaults.mk
+++ b/core/version_defaults.mk
@@ -39,9 +39,9 @@
include $(INTERNAL_BUILD_ID_MAKEFILE)
endif
-DEFAULT_PLATFORM_VERSION := QPR1
-MIN_PLATFORM_VERSION := QPR1
-MAX_PLATFORM_VERSION := QPR1
+DEFAULT_PLATFORM_VERSION := QP1A
+MIN_PLATFORM_VERSION := QP1A
+MAX_PLATFORM_VERSION := QP1A
ALLOWED_VERSIONS := $(call allowed-platform-versions,\
$(MIN_PLATFORM_VERSION),\
@@ -82,11 +82,11 @@
# please add that PLATFORM_VERSION as well as clean up obsolete PLATFORM_VERSION's
# in the following text file:
# cts/tests/tests/os/assets/platform_versions.txt
-PLATFORM_VERSION.QPR1 := Q
+PLATFORM_VERSION.QP1A := Q
# These are the current development codenames, if the build is not a final
# release build. If this is a final release build, it is simply "REL".
-PLATFORM_VERSION_CODENAME.QPR1 := Q
+PLATFORM_VERSION_CODENAME.QP1A := Q
ifndef PLATFORM_VERSION
PLATFORM_VERSION := $(PLATFORM_VERSION.$(TARGET_PLATFORM_VERSION))
diff --git a/target/board/generic_arm64/BoardConfig.mk b/target/board/generic_arm64/BoardConfig.mk
index 3f83edb..7d92b7d 100644
--- a/target/board/generic_arm64/BoardConfig.mk
+++ b/target/board/generic_arm64/BoardConfig.mk
@@ -67,7 +67,7 @@
# TODO(b/36764215): remove this setting when the generic system image
# no longer has QCOM-specific directories under /.
-BOARD_SEPOLICY_DIRS += build/target/board/generic_arm64_ab/sepolicy
+BOARD_SEPOLICY_DIRS += build/make/target/board/generic_arm64_ab/sepolicy
# Wifi.
BOARD_WLAN_DEVICE := emulator
diff --git a/target/board/generic_arm64_ab/BoardConfig.mk b/target/board/generic_arm64_ab/BoardConfig.mk
index 6e54d81..28140ce 100644
--- a/target/board/generic_arm64_ab/BoardConfig.mk
+++ b/target/board/generic_arm64_ab/BoardConfig.mk
@@ -36,4 +36,4 @@
# TODO(b/36764215): remove this setting when the generic system image
# no longer has QCOM-specific directories under /.
-BOARD_SEPOLICY_DIRS += build/target/board/generic_arm64_ab/sepolicy
+BOARD_SEPOLICY_DIRS += build/make/target/board/generic_arm64_ab/sepolicy
diff --git a/target/board/generic_arm_ab/BoardConfig.mk b/target/board/generic_arm_ab/BoardConfig.mk
index 9100094..bcb4cc5 100644
--- a/target/board/generic_arm_ab/BoardConfig.mk
+++ b/target/board/generic_arm_ab/BoardConfig.mk
@@ -33,4 +33,4 @@
# TODO(b/36764215): remove this setting when the generic system image
# no longer has QCOM-specific directories under /.
-BOARD_SEPOLICY_DIRS += build/target/board/generic_arm64_ab/sepolicy
+BOARD_SEPOLICY_DIRS += build/make/target/board/generic_arm64_ab/sepolicy
diff --git a/target/board/gsi_arm64/BoardConfig.mk b/target/board/gsi_arm64/BoardConfig.mk
index 90ddd0d..571d623 100644
--- a/target/board/gsi_arm64/BoardConfig.mk
+++ b/target/board/gsi_arm64/BoardConfig.mk
@@ -34,4 +34,4 @@
# TODO(b/36764215): remove this setting when the generic system image
# no longer has QCOM-specific directories under /.
-BOARD_SEPOLICY_DIRS += build/target/board/generic_arm64_ab/sepolicy
+BOARD_SEPOLICY_DIRS += build/make/target/board/generic_arm64_ab/sepolicy
diff --git a/target/product/go_defaults.mk b/target/product/go_defaults.mk
index faa1852..cb9383f 100644
--- a/target/product/go_defaults.mk
+++ b/target/product/go_defaults.mk
@@ -15,5 +15,5 @@
#
# Inherit common Android Go defaults.
-$(call inherit-product, build/target/product/go_defaults_common.mk)
+$(call inherit-product, build/make/target/product/go_defaults_common.mk)
diff --git a/target/product/go_defaults_512.mk b/target/product/go_defaults_512.mk
index 56ab29b..985912f 100644
--- a/target/product/go_defaults_512.mk
+++ b/target/product/go_defaults_512.mk
@@ -15,7 +15,7 @@
#
# Inherit common Android Go defaults.
-$(call inherit-product, build/target/product/go_defaults_common.mk)
+$(call inherit-product, build/make/target/product/go_defaults_common.mk)
# 512MB specific properties.
diff --git a/target/product/profile_boot_common.mk b/target/product/profile_boot_common.mk
index 4147dfa..fc19954 100644
--- a/target/product/profile_boot_common.mk
+++ b/target/product/profile_boot_common.mk
@@ -19,7 +19,7 @@
# remove classes that are no longer in use.
# Ideally we would just generate an empty boot.art but we don't have the build
# support to separate the image from the compile code.
-PRODUCT_DEX_PREOPT_BOOT_IMAGE_PROFILE_LOCATION := build/target/product/empty-profile
+PRODUCT_DEX_PREOPT_BOOT_IMAGE_PROFILE_LOCATION := build/make/target/product/empty-profile
PRODUCT_DEX_PREOPT_BOOT_FLAGS := --count-hotness-in-compiled-code
DEX_PREOPT_DEFAULT := nostripping
@@ -28,7 +28,7 @@
# Use an empty preloaded-classes list.
PRODUCT_COPY_FILES += \
- build/target/product/empty-preloaded-classes:system/etc/preloaded-classes
+ build/make/target/product/empty-preloaded-classes:system/etc/preloaded-classes
# Boot image property overrides.
PRODUCT_PROPERTY_OVERRIDES += \
diff --git a/target/product/security/README b/target/product/security/README
index 6a6e62d..6e75e4d 100644
--- a/target/product/security/README
+++ b/target/product/security/README
@@ -31,7 +31,7 @@
dumpkey.jar is a Java tool that takes an x.509 certificate in PEM format as
input and prints a C structure to standard output:
- $ java -jar out/host/linux-x86/framework/dumpkey.jar build/target/product/security/testkey.x509.pem
+ $ java -jar out/host/linux-x86/framework/dumpkey.jar build/make/target/product/security/testkey.x509.pem
{64,0xc926ad21,{1795090719,2141396315,950055447,2581568430,4268923165,1920809988,546586521,3498997798,1776797858,3740060814,1805317999,1429410244,129622599,1422441418,1783893377,1222374759,2563319927,323993566,28517732,609753416,1826472888,215237850,4261642700,4049082591,3228462402,774857746,154822455,2497198897,2758199418,3019015328,2794777644,87251430,2534927978,120774784,571297800,3695899472,2479925187,3811625450,3401832990,2394869647,3267246207,950095497,555058928,414729973,1136544882,3044590084,465547824,4058146728,2731796054,1689838846,3890756939,1048029507,895090649,247140249,178744550,3547885223,3165179243,109881576,3944604415,1044303212,3772373029,2985150306,3737520932,3599964420},{3437017481,3784475129,2800224972,3086222688,251333580,2131931323,512774938,325948880,2657486437,2102694287,3820568226,792812816,1026422502,2053275343,2800889200,3113586810,165549746,4273519969,4065247892,1902789247,772932719,3941848426,3652744109,216871947,3164400649,1942378755,3996765851,1055777370,964047799,629391717,2232744317,3910558992,191868569,2758883837,3682816752,2997714732,2702529250,3570700455,3776873832,3924067546,3555689545,2758825434,1323144535,61311905,1997411085,376844204,213777604,4077323584,9135381,1625809335,2804742137,2952293945,1117190829,4237312782,1825108855,3013147971,1111251351,2568837572,1684324211,2520978805,367251975,810756730,2353784344,1175080310}}
This is called by build/make/core/Makefile to incorporate the OTA signing keys
diff --git a/target/product/verity.mk b/target/product/verity.mk
index d954159..5f09283 100644
--- a/target/product/verity.mk
+++ b/target/product/verity.mk
@@ -23,7 +23,7 @@
# The dev key is used to sign boot and recovery images, and the verity
# metadata table. Actual product deliverables will be re-signed by hand.
# We expect this file to exist with the suffixes ".x509.pem" and ".pk8".
-PRODUCT_VERITY_SIGNING_KEY := build/target/product/security/verity
+PRODUCT_VERITY_SIGNING_KEY := build/make/target/product/security/verity
PRODUCT_PACKAGES += \
verity_key
diff --git a/tools/releasetools/blockimgdiff.py b/tools/releasetools/blockimgdiff.py
index e5a9050..b7c33f5 100644
--- a/tools/releasetools/blockimgdiff.py
+++ b/tools/releasetools/blockimgdiff.py
@@ -174,7 +174,7 @@
return h.hexdigest()
def ReadRangeSet(self, ranges):
- return [self._GetRangeData(ranges)]
+ return list(self._GetRangeData(ranges))
def TotalSha1(self, include_clobbered_blocks=False):
if not include_clobbered_blocks:
diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py
index 37f4e38..ad40bd4 100755
--- a/tools/releasetools/ota_from_target_files.py
+++ b/tools/releasetools/ota_from_target_files.py
@@ -38,7 +38,7 @@
-k (--package_key) <key>
Key to use to sign the package (default is the value of
default_system_dev_certificate from the input target-files's
- META/misc_info.txt, or "build/target/product/security/testkey" if that
+ META/misc_info.txt, or "build/make/target/product/security/testkey" if that
value is not specified).
For incremental OTAs, the default value is based on the source
@@ -168,6 +168,9 @@
--payload_signer_args <args>
Specify the arguments needed for payload signer.
+ --payload_signer_key_size <key_size>
+ Specify the key size in bytes of the payload signer.
+
--skip_postinstall
Skip the postinstall hooks when generating an A/B OTA package (default:
False). Note that this discards ALL the hooks, including non-optional
@@ -224,6 +227,7 @@
OPTIONS.log_diff = None
OPTIONS.payload_signer = None
OPTIONS.payload_signer_args = []
+OPTIONS.payload_signer_key_size = None
OPTIONS.extracted_input = None
OPTIONS.key_passwords = []
OPTIONS.skip_postinstall = False
@@ -468,9 +472,35 @@
self.signer = "openssl"
self.signer_args = ["pkeyutl", "-sign", "-inkey", signing_key,
"-pkeyopt", "digest:sha256"]
+ self.key_size = self._GetKeySizeInBytes(signing_key)
else:
self.signer = OPTIONS.payload_signer
self.signer_args = OPTIONS.payload_signer_args
+ if OPTIONS.payload_signer_key_size:
+ self.key_size = int(OPTIONS.payload_signer_key_size)
+ assert self.key_size == 256 or self.key_size == 512, \
+ "Unsupported key size {}".format(OPTIONS.payload_signer_key_size)
+ else:
+ self.key_size = 256
+
+ @staticmethod
+ def _GetKeySizeInBytes(signing_key):
+ modulus_file = common.MakeTempFile(prefix="modulus-")
+ cmd = ["openssl", "rsa", "-inform", "PEM", "-in", signing_key, "-modulus",
+ "-noout", "-out", modulus_file]
+ common.RunAndCheckOutput(cmd, verbose=False)
+
+ with open(modulus_file) as f:
+ modulus_string = f.read()
+ # The modulus string has the format "Modulus=$data", where $data is the
+ # concatenation of hex dump of the modulus.
+ MODULUS_PREFIX = "Modulus="
+ assert modulus_string.startswith(MODULUS_PREFIX)
+ modulus_string = modulus_string[len(MODULUS_PREFIX):]
+ key_size = len(modulus_string) / 2
+ assert key_size == 256 or key_size == 512, \
+ "Unsupported key size {}".format(key_size)
+ return key_size
def Sign(self, in_file):
"""Signs the given input file. Returns the output filename."""
@@ -539,7 +569,7 @@
metadata_sig_file = common.MakeTempFile(prefix="sig-", suffix=".bin")
cmd = ["brillo_update_payload", "hash",
"--unsigned_payload", self.payload_file,
- "--signature_size", "256",
+ "--signature_size", str(payload_signer.key_size),
"--metadata_hash_file", metadata_sig_file,
"--payload_hash_file", payload_sig_file]
common.RunAndCheckOutput(cmd)
@@ -554,7 +584,7 @@
cmd = ["brillo_update_payload", "sign",
"--unsigned_payload", self.payload_file,
"--payload", signed_payload_file,
- "--signature_size", "256",
+ "--signature_size", str(payload_signer.key_size),
"--metadata_signature_file", signed_metadata_sig_file,
"--payload_signature_file", signed_payload_sig_file]
common.RunAndCheckOutput(cmd)
@@ -2087,6 +2117,8 @@
OPTIONS.payload_signer = a
elif o == "--payload_signer_args":
OPTIONS.payload_signer_args = shlex.split(a)
+ elif o == "--payload_signer_key_size":
+ OPTIONS.payload_signer_key_size = a
elif o == "--extracted_input_target_files":
OPTIONS.extracted_input = a
elif o == "--skip_postinstall":
@@ -2125,6 +2157,7 @@
"log_diff=",
"payload_signer=",
"payload_signer_args=",
+ "payload_signer_key_size=",
"extracted_input_target_files=",
"skip_postinstall",
"retrofit_dynamic_partitions",
@@ -2199,7 +2232,7 @@
if OPTIONS.package_key is None:
OPTIONS.package_key = OPTIONS.info_dict.get(
"default_system_dev_certificate",
- "build/target/product/security/testkey")
+ "build/make/target/product/security/testkey")
# Get signing keys
OPTIONS.key_passwords = common.GetKeyPasswords([OPTIONS.package_key])
diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
index c482a49..64e7ca8 100755
--- a/tools/releasetools/sign_target_files_apks.py
+++ b/tools/releasetools/sign_target_files_apks.py
@@ -56,7 +56,7 @@
where $devkey is the directory part of the value of
default_system_dev_certificate from the input target-files's
- META/misc_info.txt. (Defaulting to "build/target/product/security"
+ META/misc_info.txt. (Defaulting to "build/make/target/product/security"
if the value is not present in misc_info.
-d and -k options are added to the set of mappings in the order
@@ -802,7 +802,7 @@
print("for OTA package verification")
else:
devkey = misc_info.get("default_system_dev_certificate",
- "build/target/product/security/testkey")
+ "build/make/target/product/security/testkey")
mapped_devkey = OPTIONS.key_map.get(devkey, devkey)
if mapped_devkey != devkey:
misc_info["default_system_dev_certificate"] = mapped_devkey
@@ -959,7 +959,7 @@
for s, d in key_mapping_options:
if s is None: # -d option
devkey = misc_info.get("default_system_dev_certificate",
- "build/target/product/security/testkey")
+ "build/make/target/product/security/testkey")
devkeydir = os.path.dirname(devkey)
OPTIONS.key_map.update({
diff --git a/tools/releasetools/test_blockimgdiff.py b/tools/releasetools/test_blockimgdiff.py
index 806ff4b..1aabaa2 100644
--- a/tools/releasetools/test_blockimgdiff.py
+++ b/tools/releasetools/test_blockimgdiff.py
@@ -16,7 +16,7 @@
import common
from blockimgdiff import (
- BlockImageDiff, EmptyImage, HeapItem, ImgdiffStats, Transfer)
+ BlockImageDiff, DataImage, EmptyImage, HeapItem, ImgdiffStats, Transfer)
from rangelib import RangeSet
from test_utils import ReleaseToolsTestCase
@@ -261,3 +261,10 @@
self.assertRaises(AssertionError, imgdiff_stats.Log, "/system/app/app1.apk",
"invalid reason")
+
+
+class DataImageTest(ReleaseToolsTestCase):
+ def test_read_range_set(self):
+ data = "file" + ('\0' * 4092)
+ image = DataImage(data)
+ self.assertEqual(data, "".join(image.ReadRangeSet(image.care_map)))
diff --git a/tools/releasetools/test_common.py b/tools/releasetools/test_common.py
index d4fa5f3..9e36c78 100644
--- a/tools/releasetools/test_common.py
+++ b/tools/releasetools/test_common.py
@@ -451,14 +451,14 @@
'name="RecoveryLocalizer.apk" certificate="certs/devkey.x509.pem"'
' private_key="certs/devkey.pk8"\n'
'name="Settings.apk"'
- ' certificate="build/target/product/security/platform.x509.pem"'
- ' private_key="build/target/product/security/platform.pk8"\n'
+ ' certificate="build/make/target/product/security/platform.x509.pem"'
+ ' private_key="build/make/target/product/security/platform.pk8"\n'
'name="TV.apk" certificate="PRESIGNED" private_key=""\n'
)
APKCERTS_CERTMAP1 = {
'RecoveryLocalizer.apk' : 'certs/devkey',
- 'Settings.apk' : 'build/target/product/security/platform',
+ 'Settings.apk' : 'build/make/target/product/security/platform',
'TV.apk' : 'PRESIGNED',
}
diff --git a/tools/releasetools/test_ota_from_target_files.py b/tools/releasetools/test_ota_from_target_files.py
index c2da907..466fde1 100644
--- a/tools/releasetools/test_ota_from_target_files.py
+++ b/tools/releasetools/test_ota_from_target_files.py
@@ -1182,6 +1182,7 @@
def test_init(self):
payload_signer = PayloadSigner()
self.assertEqual('openssl', payload_signer.signer)
+ self.assertEqual(256, payload_signer.key_size)
def test_init_withPassword(self):
common.OPTIONS.package_key = os.path.join(
@@ -1195,9 +1196,16 @@
def test_init_withExternalSigner(self):
common.OPTIONS.payload_signer = 'abc'
common.OPTIONS.payload_signer_args = ['arg1', 'arg2']
+ common.OPTIONS.payload_signer_key_size = '512'
payload_signer = PayloadSigner()
self.assertEqual('abc', payload_signer.signer)
self.assertEqual(['arg1', 'arg2'], payload_signer.signer_args)
+ self.assertEqual(512, payload_signer.key_size)
+
+ def test_GetKeySizeInBytes_512Bytes(self):
+ signing_key = os.path.join(self.testdata_dir, 'testkey_RSA4096.key')
+ key_size = PayloadSigner._GetKeySizeInBytes(signing_key)
+ self.assertEqual(512, key_size)
def test_Sign(self):
payload_signer = PayloadSigner()
diff --git a/tools/releasetools/test_sign_target_files_apks.py b/tools/releasetools/test_sign_target_files_apks.py
index 6a4df1a..d745200 100644
--- a/tools/releasetools/test_sign_target_files_apks.py
+++ b/tools/releasetools/test_sign_target_files_apks.py
@@ -34,8 +34,8 @@
</policy>"""
# pylint: disable=line-too-long
- APEX_KEYS_TXT = """name="apex.apexd_test.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem" container_certificate="build/target/product/security/testkey.x509.pem" container_private_key="build/target/product/security/testkey.pk8"
-name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" container_certificate="build/target/product/security/testkey.x509.pem" container_private_key="build/target/product/security/testkey.pk8"
+ APEX_KEYS_TXT = """name="apex.apexd_test.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8"
+name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8"
"""
def setUp(self):
@@ -395,10 +395,10 @@
self.assertEqual({
'apex.apexd_test.apex': (
'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
- 'build/target/product/security/testkey'),
+ 'build/make/target/product/security/testkey'),
'apex.apexd_test_different_app.apex': (
'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
- 'build/target/product/security/testkey'),
+ 'build/make/target/product/security/testkey'),
}, keys_info)
def test_ReadApexKeysInfo_mismatchingContainerKeys(self):
@@ -407,8 +407,8 @@
'name="apex.apexd_test_different_app2.apex" '
'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" '
'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" '
- 'container_certificate="build/target/product/security/testkey.x509.pem" '
- 'container_private_key="build/target/product/security/testkey2.pk8"')
+ 'container_certificate="build/make/target/product/security/testkey.x509.pem" '
+ 'container_private_key="build/make/target/product/security/testkey2.pk8"')
target_files = common.MakeTempFile(suffix='.zip')
with zipfile.ZipFile(target_files, 'w') as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', apex_keys)
@@ -421,8 +421,8 @@
apex_keys = self.APEX_KEYS_TXT + (
'name="apex.apexd_test_different_app2.apex" '
'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" '
- 'container_certificate="build/target/product/security/testkey.x509.pem" '
- 'container_private_key="build/target/product/security/testkey.pk8"')
+ 'container_certificate="build/make/target/product/security/testkey.x509.pem" '
+ 'container_private_key="build/make/target/product/security/testkey.pk8"')
target_files = common.MakeTempFile(suffix='.zip')
with zipfile.ZipFile(target_files, 'w') as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', apex_keys)
@@ -433,10 +433,10 @@
self.assertEqual({
'apex.apexd_test.apex': (
'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
- 'build/target/product/security/testkey'),
+ 'build/make/target/product/security/testkey'),
'apex.apexd_test_different_app.apex': (
'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
- 'build/target/product/security/testkey'),
+ 'build/make/target/product/security/testkey'),
}, keys_info)
def test_ReadApexKeysInfo_missingPayloadPublicKey(self):
@@ -444,8 +444,8 @@
apex_keys = self.APEX_KEYS_TXT + (
'name="apex.apexd_test_different_app2.apex" '
'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" '
- 'container_certificate="build/target/product/security/testkey.x509.pem" '
- 'container_private_key="build/target/product/security/testkey.pk8"')
+ 'container_certificate="build/make/target/product/security/testkey.x509.pem" '
+ 'container_private_key="build/make/target/product/security/testkey.pk8"')
target_files = common.MakeTempFile(suffix='.zip')
with zipfile.ZipFile(target_files, 'w') as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', apex_keys)
@@ -456,8 +456,8 @@
self.assertEqual({
'apex.apexd_test.apex': (
'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
- 'build/target/product/security/testkey'),
+ 'build/make/target/product/security/testkey'),
'apex.apexd_test_different_app.apex': (
'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
- 'build/target/product/security/testkey'),
+ 'build/make/target/product/security/testkey'),
}, keys_info)
diff --git a/tools/releasetools/testdata/testkey_RSA4096.key b/tools/releasetools/testdata/testkey_RSA4096.key
new file mode 100644
index 0000000..07115e1
--- /dev/null
+++ b/tools/releasetools/testdata/testkey_RSA4096.key
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQC7y8EH4O8M9aA7
+UhaWLlW5ceQxZi0P7DNOgog/82SIZh1/Vv0S8KCu9LcngK60oIejPU3k9zb0Mpl2
+4OEtupbOq9SV0nyRIp33rs9EJ0zm8keZ2jEfwTubdhE4GumlwkbfYHlMPmpufqOq
+uxKfCOUZk3ZEC5RFDBqVLGrf9m22ITMQwNGj/u/mtAg2UXRGy534eU1evHOFH8tD
+IxXd378m+gRY+bPi6fOkrJgAw6N01NwwsHRxxQsVgp8m1EKpPJ+ARRtP6YYtNsNB
+KTOXqZw18OD7eG7yVONAf7oSOMNRK7qg6ZU6YN/y1k+YZF3D/1HU9THoDXIpBHoW
+R2SpEM63Ua8ilSmx9PfoaDn27VrpjIcq50HqKAXOvclxOCyVD0pRkrryPpevYCVu
+x9/InmW3K4dPiAy0KmmS4ZSLUJnr6Lnkt8C3VxXHqZ4T7MlgrjrO70YqCxeDvYE0
+KL/e/UeJ69nANybkDThhBkxkOC1vvik3VXO4ITPEKCnLHdvdj8rwkjqf3Ex5A0g8
+XaH0l6I72pqxXi8nnU9udLrUEdHUT1KHzjnZBVP6aomcDy5Gnbb6wXTBTkB7fdQB
+nGcqT0DH67PqJE/rCUguVSmX4KGyOVrr5S1GQTg1EmHbF2Kf6P0YJpcVU7PHRE8s
+BisP39wzoE5XsIpn/aKpWdpcfqxjTQIDAQABAoICAQCB/vtyLryLpgPyzFIiR5TD
+uBkUMPyEhybE9ArI6fzvhnBo05h/4d34/iFC0QsesfjygN9I3fBGfjhJWEXH19/I
+1J1l0Ly14taiu3lyXhoXzCLQV3+l0acnaEVnJwoR2jghLLEKnDIkprk42CJ9wDSG
+zdMSK0nJuiU0mfipa/ZqGvU0ZaU49qKuenUs1Jm+3/hMJfvu1ljJEEcuBD2Axv+V
+RYB47vEc5IHpvifCb6rYlviNI7iXgKS5kSAGSuySJgrrSessGCTva3chxhmWpKwj
+ksjKioWSbjyZS1FMh8p8h966wLayIJklikCy5tcZc8X7und/gL9DsXuprGX7uky8
+3ZS2cJjiVimkwoROq5VPa+0SBmNJWRBNvRfARiaKkyyidVxIsvjFNDFPQp1jYlzM
+fvGJwgnCiUQP56hvri3irriWN8Le2U8lqQQ7YaDLKcsf6iiMGwfxcK+6E4MUv797
+V5CZXSC7RrPd9wdj6UIqtgSGVUH3BV7kB+fYYfvV15kpj6IXYTxElfAZ2ak3g9sv
+JZ6moKbRN0xSufkDftMGv77cH13v97Iy3Whp8zEPMBnbsdpPp6DpIH8sl2R7O+zr
+uMty6vXw0Ux69LEpz4b4HyD7t65zTSwpou5YhfZt/yRzovawsQIRGlc4E1FJDFjf
+e9LvazMXo/us3T5LNv5pAQKCAQEA5Kq1RJgMlvKOfGaEah1xu65s3I1lGuz+9c1x
+geYFlta9H2vG1aADUtgmIBjjC+1z4KLD9jrjrwwbqKnisu7/qUOR6Qf8BHFbrMSs
+J8IMOD3Vw/UVc/8LCjoI4n1XaKYJtOyIxKJtWKAbgtvgVOAGSt47LEOOchXNnAKv
+C3Flak3ADYaUQFLoiwmp6WdSL+uiLisukKNjmYu8vxhg9255p31PB6xixd0raoF/
+oDTfgY1fG/OFXvQd+GcjrTJ2Lqk1GtZqau5MEkS5jsKKnPJ6+ozd2t+QVkMrIQER
+WeTtZ7gimJo6QF8uyyG8WqT1qxbO2zV4Nrwak6ozRFhEJdnJrQKCAQEA0j5hY6sr
+apIvEUFsK6k1rEb77+1p85eyCOSYZpHEIe0hy89MjMUFA5IKhsXnUqhkiuJURUrD
+VtccWWJt5DUgS6HzJUGjeXo07wkqVz+10l+l+RSHleNBYlbxSpZQtvkKQkISF56c
+bSjLzOGM4RE8NxBdFg6EijwlKlZ8kW1ZJaQv9fuR+QS9DFXSiYUJSDiwLF0F6ogQ
+i1h3RN3RIKYc9kizYqBKaksg8EfQEyJs2Rhl5JrPmdZvDTpSeGRqz66WbdL4gSNv
+ud64BYY+Uhec9yH2HDal1l/j1dFbh+Nzs2v4b5TYmCO/zX5GfucUrZaGHbZcovlo
+/abKhURKW/N0IQKCAQEAhz0PCAqFJ6E89AYNulS/tyhp6ecWLN6NzAI9Z34LQDKw
+l6y+ZAnG7XA43DLb1WoSZoDdNPuPPTAEC7SuBvWi7xCvcwrt2hLRDVUkHD9/yqOH
+keWZUok8lkfMiWdoEtRgWUireuA1m3zVyIcSHiCAmDbm+D7cOEz81ZAgxrvCJyTk
+uRsnAwQF1HVasFgTG5RYzsVrPM/lUCJ89ugMMUp9WLmbzAYARNWRn+QG/1FF/vEF
+lxpnfskSEJ+vUffOPbqFVeIJ/kQBaayLsgsMv9YJNbWqYJBoZRxEnbhr8qaaYgVd
+MLPGT9v7aNgC9fkp8o4CuVLeTkDh1wOKXpl1dI1h4QKCAQEAgfNExxI517lbllLV
+xXblUgLeHkKkxofw50ZEXMGkdUPZK9yJ+Eie/MH796nDfXfQDXgvllTLwJVdVHJe
+cjvUJmuHmnOj06YRqd4EacFbZRjxwa9Kzv6Un3AV3IBki3QLP0EPZcIH9gDNV2ni
+Zgr9KRvYLZXznm3mmvCyNkFcZMPDUUuZwk2HfGRfqditEBLZ8dHdokVP1JFtxwdE
+B+Yk6KWvGzrwRBsD1QDOP8V7egR2loKJ5xB/u7Fc4EVRL+U93cwVBd0dZcmf/Oop
+AxzNTIOVV4L/pi3G6ZZp+OhBz5jhCjb6Wa9fEmkGsdGrGlB7vUnGoIWAu6eobg7z
+1zn3gQKCAQBwyViGs7b5HuYQ8UNkvBK9MxUE6h/qHEshbw+QtD/wcdNNpwLTawoW
+JH3bWzD01p1DsbRx/bcV5yaiWDhuslSH2xB6+N1gx2ohg8lPmFhKQiR1OTQ3L603
+Y+3h8FNO/c3YPcNr/k4N+tVKPSJvz0NcbkNs9qGUUsiEppVtc17VFAv/yPicV/wP
+0vC4Qw4xitSlIzD1QtPl0HfhA3ZM6fBb0lYx3tpJjmkrWPVjwWhYIAVLD6j7Jark
+NtMW9wSG21atSgWX1jFOiVsu3qzDpMvLXbH2FpAO9t+9GSDcSzfUMQLymWyW1+Dl
+L0rBGoJyEopSbtycAkWEHb/YLolfaTRd
+-----END PRIVATE KEY-----