Gitiles
Code Review Sign In
gerrit.omnirom.org / android_build / eaed60c1a1d3e0ce3da84ac2305500e1de25e4b7^! / . / tools / releasetools / test_common.py
commiteaed60c1a1d3e0ce3da84ac2305500e1de25e4b7[log] [tgz]
authorTianjie Xu <xunchang@google.com>Thu Mar 12 00:33:28 2020 -0700
committerTianjie <xunchang@google.com>Wed Mar 18 13:11:41 2020 -0700
tree25ab37341ca68fe2d4296ca7ccbb915bde604e41
parent352e6a4d183759315de61db6a96c110f5e1d4381 [diff] [blame]
Add aftl inclusion proof

The otatools should talk to the aftl server and append the inclusion
proofs when building the vbmeta image. We should only do this during the
signing process when the network is always available.

Also the inclusion proof doesn't impact the final vbmeta image size on
coral, where the final size is 8192 after padding. This is below the
physical image of 65536.

Bug: 147870995
Test: unit tests pass, run sign_target_file_apks
Change-Id: If84c6bf5198c9b05f5e0c16ae6335971915f47e3

diff --git a/tools/releasetools/test_common.py b/tools/releasetools/test_common.py
index da92163..9621de8 100644
--- a/tools/releasetools/test_common.py
+++ b/tools/releasetools/test_common.py

@@ -1404,6 +1404,46 @@
     self.assertEqual('3', chained_partition_args[1])
     self.assertTrue(os.path.exists(chained_partition_args[2]))
 
+  @test_utils.SkipIfExternalToolsUnavailable()
+  def test_BuildVBMeta_appendAftl(self):
+    testdata_dir = test_utils.get_testdata_dir()
+    common.OPTIONS.info_dict = {
+        'ab_update': 'true',
+        'avb_avbtool': 'avbtool',
+        'build.prop': {
+            'ro.build.version.incremental': '6285659',
+            'ro.product.device': 'coral',
+            'ro.build.fingerprint': 'google/coral/coral:R/RP1A.200311.002/'
+                                    '6285659:userdebug/dev-keys'
+        }
+    }
+    common.OPTIONS.aftl_server = "log.endpoints.aftl-dev.cloud.goog:9000"
+    common.OPTIONS.aftl_key_path = os.path.join(testdata_dir,
+                                                'test_transparency_key.pub')
+    common.OPTIONS.aftl_manufacturer_key_path = os.path.join(
+        testdata_dir, 'test_aftl_rsa4096.pem')
+
+    input_dir = common.MakeTempDir()
+    system_image = common.MakeTempFile()
+    build_image_cmd = ['mkuserimg_mke2fs', input_dir, system_image, 'ext4',
+                       '/system', str(4096 * 100), '-j', '0', '-s']
+    common.RunAndCheckOutput(build_image_cmd)
+
+    add_footer_cmd = ['avbtool', 'add_hashtree_footer',
+                      '--partition_size', str(4096 * 150),
+                      '--partition_name', 'system',
+                      '--image', system_image]
+    common.RunAndCheckOutput(add_footer_cmd)
+
+    vbmeta_image = common.MakeTempFile()
+    common.BuildVBMeta(vbmeta_image, {'system': system_image}, 'vbmeta',
+                       ['system'])
+
+    verify_cmd = ['aftltool', 'verify_image_icp', '--vbmeta_image_path',
+                  vbmeta_image, '--transparency_log_pub_keys',
+                  common.OPTIONS.aftl_key_path]
+    common.RunAndCheckOutput(verify_cmd)
+
 
 class InstallRecoveryScriptFormatTest(test_utils.ReleaseToolsTestCase):
   """Checks the format of install-recovery.sh.