Gitiles
Code Review Sign In
gerrit.omnirom.org / android_build / f98fa1094ead2e48937cc37b6666fc210ee317d1^! / . / tools / releasetools / sign_target_files_apks.py
commitf98fa1094ead2e48937cc37b6666fc210ee317d1[log] [tgz]
authorTao Bao <tbao@google.com>Wed Apr 24 14:51:25 2019 -0700
committerTao Bao <tbao@google.com>Wed Apr 24 15:17:23 2019 -0700
tree09c585c6953b67d69a2509fcfae35b28d9c2d29a
parentff14c47182a7636477432dee294dd14e9f4b1935 [diff] [blame]
releasetools: PRESIGNED APEX container entails PRESIGNED payload.

We used to require explicitly setting both (e.g. `-e foo.apex=` and
`--extra_apex_payload_key foo.apex=` to skip signing `foo.apex`).

This CL allows specifying `-e` alone to achieve the same result.
However, if a conflicting `--extra_apex_payload_key` is also specified,
that would be considered as a config error.

Bug: 131153746
Test: Run sign_target_files_apks.py with `-e foo.apex=` alone to skip
      signing foo.apex.
Test: Run sign_target_files_apks.py with `-e foo.apex=` and
      `--extra_apex_payload_key foo.apex=key` and expect assertion error.
Change-Id: Ia747f59ee726b60bdb1445024e749320171064c2

diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
index 9aa9499..7034a22 100755
--- a/tools/releasetools/sign_target_files_apks.py
+++ b/tools/releasetools/sign_target_files_apks.py

@@ -176,6 +176,9 @@
   Returns:
     A dict that contains the updated APEX key mapping, which should be used for
     the current signing.
+
+  Raises:
+    AssertionError: On invalid container / payload key overrides.
   """
   # Apply all the --extra_apex_payload_key options to override the payload
   # signing keys in the given keys_info.
@@ -197,6 +200,24 @@
       key = 'PRESIGNED'
     keys_info[apex] = (keys_info[apex][0], key_map.get(key, key))
 
+  # A PRESIGNED container entails a PRESIGNED payload. Apply this to all the
+  # APEX key pairs. However, a PRESIGNED container with non-PRESIGNED payload
+  # (overridden via commandline) indicates a config error, which should not be
+  # allowed.
+  for apex, (payload_key, container_key) in keys_info.items():
+    if container_key != 'PRESIGNED':
+      continue
+    if apex in OPTIONS.extra_apex_payload_keys:
+      payload_override = OPTIONS.extra_apex_payload_keys[apex]
+      assert payload_override == '', \
+          ("Invalid APEX key overrides: {} has PRESIGNED container but "
+           "non-PRESIGNED payload key {}").format(apex, payload_override)
+    if payload_key != 'PRESIGNED':
+      print(
+          "Setting {} payload as PRESIGNED due to PRESIGNED container".format(
+              apex))
+    keys_info[apex] = ('PRESIGNED', 'PRESIGNED')
+
   return keys_info
 
 
@@ -289,7 +310,9 @@
        "not sign this apk).".format("\n  ".join(unknown_files)))
 
   # For all the APEXes, double check that we won't have an APEX that has only
-  # one of the payload / container keys set.
+  # one of the payload / container keys set. Note that non-PRESIGNED container
+  # with PRESIGNED payload could be allowed but currently unsupported. It would
+  # require changing SignApex implementation.
   if not apex_keys:
     return