add "EXTERNAL" as special value of LOCAL_CERTIFICATE
Setting LOCAL_CERTIFICATE to "EXTERNAL" now marks an apk (either a
prebuilt or otherwise) as needing the default test key within the
system, but one that should be signed after the target_files is
produced but before sign_target_files_apks does the rest of the
signing. (We use this to ship apps on the system that are signed by
third parties, like Facebook.)
diff --git a/tools/releasetools/sign_target_files_apks b/tools/releasetools/sign_target_files_apks
index 03610b2..4ec9347 100755
--- a/tools/releasetools/sign_target_files_apks
+++ b/tools/releasetools/sign_target_files_apks
@@ -83,23 +83,16 @@
OPTIONS.tag_changes = ("-test-keys", "+release-keys")
def GetApkCerts(tf_zip):
- certmap = {}
- for line in tf_zip.read("META/apkcerts.txt").split("\n"):
- line = line.strip()
- if not line: continue
- m = re.match(r'^name="(.*)"\s+certificate="(.*)\.x509\.pem"\s+'
- r'private_key="\2\.pk8"$', line)
- if m:
- certmap[m.group(1)] = OPTIONS.key_map.get(m.group(2), m.group(2))
- else:
- m = re.match(r'^name="(.*)"\s+certificate="PRESIGNED"\s+'
- r'private_key=""$', line)
- if m:
- certmap[m.group(1)] = None
- else:
- raise ValueError("failed to parse line from apkcerts.txt:\n" + line)
+ certmap = common.ReadApkCerts(tf_zip)
+
+ # apply the key remapping to the contents of the file
+ for apk, cert in certmap.iteritems():
+ certmap[apk] = OPTIONS.key_map.get(cert, cert)
+
+ # apply all the -e options, overriding anything in the file
for apk, cert in OPTIONS.extra_apks.iteritems():
certmap[apk] = OPTIONS.key_map.get(cert, cert)
+
return certmap
@@ -147,7 +140,7 @@
if info.filename.endswith(".apk"):
name = os.path.basename(info.filename)
key = apk_key_map[name]
- if key:
+ if key not in common.SPECIAL_CERT_STRINGS:
print " signing: %-*s (%s)" % (maxsize, name, key)
signed_data = SignApk(data, key, key_passwords[key])
output_tf_zip.writestr(out_info, signed_data)