commit 31b1c2b56bcba65d9b6e143e1fdfba3f548b8cad
author Jooyung Han <jooyung@google.com> Wed Oct 27 03:35:42 2021 +0900
committer Jooyung Han <jooyung@google.com> Wed Oct 27 10:33:37 2021 +0900
tree a5ee75a0c641d02241b14385bae4c979aac8b540
parent 0d6db2f482bd947dea3af53f0eed37ec4fc0ea87

sign_virt_apex: replace bootloader pubkey

VBmeta's key should match with pubkey embedded in bootloader. The
bootloader pubkey is added to the APEX so that sign_virt_apex can
replace it with a new pubkey.

Bug: 193504286
Test: sign_apex --sign_tool sign_virt_apex ...
      & install & run a VM
Change-Id: Ic8e5ec9cb45434691c8dce0ca09243e181dc59cc

apex/Android.bp

diff --git a/apex/Android.bp b/apex/Android.bp
index 20a863f..983253e 100644
--- a/apex/Android.bp
+++ b/apex/Android.bp
@@ -59,6 +59,7 @@
         "microdroid.json",
         "microdroid_uboot_env",
         "microdroid_bootloader",
+        "microdroid_bootloader.avbpubkey",
         "microdroid_bootconfig_normal",
         "microdroid_bootconfig_app_debuggable",
         "microdroid_bootconfig_full_debuggable",

apex/sign_virt_apex.py

diff --git a/apex/sign_virt_apex.py b/apex/sign_virt_apex.py
index 6ecd07e..77f54c4 100644
--- a/apex/sign_virt_apex.py
+++ b/apex/sign_virt_apex.py
@@ -214,11 +214,34 @@
         RunCommand(args, cmd)
 
 
+def ReplaceBootloaderPubkey(args, key, bootloader, bootloader_pubkey):
+    # read old pubkey before replacement
+    with open(bootloader_pubkey, 'rb') as f:
+        old_pubkey = f.read()
+
+    # replace bootloader pubkey
+    RunCommand(args, ['avbtool', 'extract_public_key', '--key', key, '--output', bootloader_pubkey])
+
+    # read new pubkey
+    with open(bootloader_pubkey, 'rb') as f:
+        new_pubkey = f.read()
+
+    assert len(old_pubkey) == len(new_pubkey)
+
+    # replace pubkey embedded in bootloader
+    with open(bootloader, 'r+b') as bl_f:
+        pos = bl_f.read().find(old_pubkey)
+        assert pos != -1
+        bl_f.seek(pos)
+        bl_f.write(new_pubkey)
+
+
 def SignVirtApex(args):
     key = args.key
     input_dir = args.input_dir
 
     # target files in the Virt APEX
+    bootloader_pubkey = os.path.join(input_dir, 'etc', 'microdroid_bootloader.avbpubkey')
     bootloader = os.path.join(input_dir, 'etc', 'microdroid_bootloader')
     boot_img = os.path.join(input_dir, 'etc', 'fs', 'microdroid_boot-5.10.img')
     vendor_boot_img = os.path.join(
@@ -226,6 +249,10 @@
     super_img = os.path.join(input_dir, 'etc', 'fs', 'microdroid_super.img')
     vbmeta_img = os.path.join(input_dir, 'etc', 'fs', 'microdroid_vbmeta.img')
 
+    # Key(pubkey) for bootloader should match with the one used to make VBmeta below
+    # while it's okay to use different keys for other image files.
+    ReplaceBootloaderPubkey(args, key, bootloader, bootloader_pubkey)
+
     # re-sign bootloader, boot.img, vendor_boot.img
     AddHashFooter(args, key, bootloader)
     AddHashFooter(args, key, boot_img)