Reland "apex: use the same key for all microdroid items"
This reverts commit aea73f82a095871ac5537ef162ed716842169cff.
Relanding with the fix for arm & x86 builds.
apex: use the same key for all microdroid items
The pubkey embedded in bootloader should match with the key signing
VBmeta. The updated build graph is to ensure bootloader and VBmeta to be
generated with the same key.
All other filesystem images are signed with the same key for
convenience even though it's not necessary.
Bug: 193504286
Bug: 203726593
Test: atest MicrodroidHostTestCases
Change-Id: Iae93934b18955e86ee6b73ad204c68a3f7456102
diff --git a/apex/Android.bp b/apex/Android.bp
index 9d4cfdf..88487e4 100644
--- a/apex/Android.bp
+++ b/apex/Android.bp
@@ -109,3 +109,20 @@
"simg2img",
],
}
+
+// custom tool to replace bytes in a file
+python_binary_host {
+ name: "replace_bytes",
+ srcs: [
+ "replace_bytes.py",
+ ],
+ version: {
+ py2: {
+ enabled: false,
+ },
+ py3: {
+ enabled: true,
+ embedded_launcher: true,
+ },
+ },
+}
diff --git a/apex/replace_bytes.py b/apex/replace_bytes.py
new file mode 100644
index 0000000..b22f132
--- /dev/null
+++ b/apex/replace_bytes.py
@@ -0,0 +1,72 @@
+#!/usr/bin/env python
+#
+# Copyright (C) 2021 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+"""replace_bytes is a command line tool to replace bytes in a file.
+
+Typical usage: replace_bytes target_file old_file new_file
+
+ replace bytes of old_file with bytes of new_file in target_file. old_file and new_file should be
+ the same size.
+
+"""
+import argparse
+import sys
+
+
+def ParseArgs(argv):
+ parser = argparse.ArgumentParser(description='Replace bytes')
+ parser.add_argument(
+ 'target_file',
+ help='path to the target file.')
+ parser.add_argument(
+ 'old_file',
+ help='path to the file containing old bytes')
+ parser.add_argument(
+ 'new_file',
+ help='path to the file containing new bytes')
+ return parser.parse_args(argv)
+
+
+def ReplaceBytes(target_file, old_file, new_file):
+ # read old bytes
+ with open(old_file, 'rb') as f:
+ old_bytes = f.read()
+
+ # read new bytes
+ with open(new_file, 'rb') as f:
+ new_bytes = f.read()
+
+ assert len(old_bytes) == len(new_bytes), 'Pubkeys should be the same size. (%d != %d)' % (
+ len(old_bytes), len(new_bytes))
+
+ # replace bytes in target_file
+ with open(target_file, 'r+b') as f:
+ pos = f.read().find(old_bytes)
+ assert pos != -1, 'Pubkey not found'
+ f.seek(pos)
+ f.write(new_bytes)
+
+
+def main(argv):
+ try:
+ args = ParseArgs(argv)
+ ReplaceBytes(args.target_file, args.old_file, args.new_file)
+ except Exception as e:
+ print(e)
+ sys.exit(1)
+
+
+if __name__ == '__main__':
+ main(sys.argv[1:])