Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / 7a78d630e11532d6f854ba7d794362804b33c950^! / . / Android.bp
commit7a78d630e11532d6f854ba7d794362804b33c950[log] [tgz]
authorTianjie Xu <xunchang@google.com>Tue Oct 08 16:32:39 2019 -0700
committerTianjie Xu <xunchang@google.com>Tue Oct 15 18:15:29 2019 -0700
treec442a3ed386ae1623defd9647c6f81e65c3db8f4
parent9cad266457c59e8330c830c369784764b36386c1 [diff] [blame]
Allow update engine read public keys from otacerts.zip

The android build system installs both otacerts.zip and
update-payload-key.pub.pem on the device. And the latter is
converted from the X509 certificates inside the otacerts.zip
during the build time.

We can consolidate these two by letting update engine to parse
the public keys from otacerts.zip directly. This also allows
update engine to use multiple keys to verify the payload.

Bug: 116660991
Test: unittests pass
Change-Id: I0a499405f2835e1ff8b7916452cb3123046306a7

diff --git a/Android.bp b/Android.bp
index e5e592c..a691e7e 100644
--- a/Android.bp
+++ b/Android.bp

@@ -128,6 +128,7 @@
         "libverity_tree",
     ],
     shared_libs: [
+        "libziparchive",
         "libbase",
         "libcrypto",
         "libfec",
@@ -164,6 +165,7 @@
         "common/utils.cc",
         "payload_consumer/bzip_extent_writer.cc",
         "payload_consumer/cached_file_descriptor.cc",
+        "payload_consumer/certificate_parser_android.cc",
         "payload_consumer/delta_performer.cc",
         "payload_consumer/download_action.cc",
         "payload_consumer/extent_reader.cc",
@@ -659,6 +661,7 @@
         ":ue_unittest_delta_generator",
         ":ue_unittest_disk_imgs",
         ":ue_unittest_keys",
+        "otacerts.zip",
         "unittest_key.pem",
         "unittest_key2.pem",
         "unittest_key_RSA4096.pem",
@@ -693,6 +696,7 @@
         "dynamic_partition_control_android_unittest.cc",
         "payload_consumer/bzip_extent_writer_unittest.cc",
         "payload_consumer/cached_file_descriptor_unittest.cc",
+        "payload_consumer/certificate_parser_android_unittest.cc",
         "payload_consumer/delta_performer_integration_test.cc",
         "payload_consumer/delta_performer_unittest.cc",
         "payload_consumer/extent_reader_unittest.cc",