Merge "Removing AFTL integration from release tools."
This commit is contained in:
Treehugger Robot
Gerrit Code Review
commit
389f5afb83
5 changed files with 1 additions and 212 deletions
|
|
@ -4234,7 +4234,6 @@ ifeq ($(build_otatools_package),true)
|
|||
INTERNAL_OTATOOLS_MODULES := \
|
||||
aapt2 \
|
||||
add_img_to_target_files \
|
||||
aftltool \
|
||||
apksigner \
|
||||
append2simg \
|
||||
avbtool \
|
||||
|
|
|
|||
|
|
@ -80,11 +80,6 @@ class Options(object):
|
|||
self.boot_signer_args = []
|
||||
self.verity_signer_path = None
|
||||
self.verity_signer_args = []
|
||||
self.aftl_tool_path = None
|
||||
self.aftl_server = None
|
||||
self.aftl_key_path = None
|
||||
self.aftl_manufacturer_key_path = None
|
||||
self.aftl_signer_helper = None
|
||||
self.verbose = False
|
||||
self.tempfiles = []
|
||||
self.device_specific = None
|
||||
|
|
@ -1383,46 +1378,6 @@ def GetAvbChainedPartitionArg(partition, info_dict, key=None):
|
|||
return "{}:{}:{}".format(partition, rollback_index_location, pubkey_path)
|
||||
|
||||
|
||||
def ConstructAftlMakeImageCommands(output_image):
|
||||
"""Constructs the command to append the aftl image to vbmeta."""
|
||||
|
||||
# Ensure the other AFTL parameters are set as well.
|
||||
assert OPTIONS.aftl_tool_path is not None, 'No aftl tool provided.'
|
||||
assert OPTIONS.aftl_key_path is not None, 'No AFTL key provided.'
|
||||
assert OPTIONS.aftl_manufacturer_key_path is not None, \
|
||||
'No AFTL manufacturer key provided.'
|
||||
|
||||
vbmeta_image = MakeTempFile()
|
||||
os.rename(output_image, vbmeta_image)
|
||||
build_info = BuildInfo(OPTIONS.info_dict, use_legacy_id=True)
|
||||
version_incremental = build_info.GetBuildProp("ro.build.version.incremental")
|
||||
aftltool = OPTIONS.aftl_tool_path
|
||||
server_argument_list = [OPTIONS.aftl_server, OPTIONS.aftl_key_path]
|
||||
aftl_cmd = [aftltool, "make_icp_from_vbmeta",
|
||||
"--vbmeta_image_path", vbmeta_image,
|
||||
"--output", output_image,
|
||||
"--version_incremental", version_incremental,
|
||||
"--transparency_log_servers", ','.join(server_argument_list),
|
||||
"--manufacturer_key", OPTIONS.aftl_manufacturer_key_path,
|
||||
"--algorithm", "SHA256_RSA4096",
|
||||
"--padding", "4096"]
|
||||
if OPTIONS.aftl_signer_helper:
|
||||
aftl_cmd.extend(shlex.split(OPTIONS.aftl_signer_helper))
|
||||
return aftl_cmd
|
||||
|
||||
|
||||
def AddAftlInclusionProof(output_image):
|
||||
"""Appends the aftl inclusion proof to the vbmeta image."""
|
||||
|
||||
aftl_cmd = ConstructAftlMakeImageCommands(output_image)
|
||||
RunAndCheckOutput(aftl_cmd)
|
||||
|
||||
verify_cmd = ['aftltool', 'verify_image_icp', '--vbmeta_image_path',
|
||||
output_image, '--transparency_log_pub_keys',
|
||||
OPTIONS.aftl_key_path]
|
||||
RunAndCheckOutput(verify_cmd)
|
||||
|
||||
|
||||
def AppendGkiSigningArgs(cmd):
|
||||
"""Append GKI signing arguments for mkbootimg."""
|
||||
# e.g., --gki_signing_key path/to/signing_key
|
||||
|
|
@ -1516,10 +1471,6 @@ def BuildVBMeta(image_path, partitions, name, needed_partitions):
|
|||
|
||||
RunAndCheckOutput(cmd)
|
||||
|
||||
# Generate the AFTL inclusion proof.
|
||||
if OPTIONS.aftl_server is not None:
|
||||
AddAftlInclusionProof(image_path)
|
||||
|
||||
|
||||
def _MakeRamdisk(sourcedir, fs_config_file=None,
|
||||
ramdisk_format=RamdiskFormat.GZ):
|
||||
|
|
@ -2477,9 +2428,7 @@ def ParseOptions(argv,
|
|||
"java_path=", "java_args=", "android_jar_path=", "public_key_suffix=",
|
||||
"private_key_suffix=", "boot_signer_path=", "boot_signer_args=",
|
||||
"verity_signer_path=", "verity_signer_args=", "device_specific=",
|
||||
"extra=", "logfile=", "aftl_tool_path=", "aftl_server=",
|
||||
"aftl_key_path=", "aftl_manufacturer_key_path=",
|
||||
"aftl_signer_helper="] + list(extra_long_opts))
|
||||
"extra=", "logfile="] + list(extra_long_opts))
|
||||
except getopt.GetoptError as err:
|
||||
Usage(docstring)
|
||||
print("**", str(err), "**")
|
||||
|
|
@ -2517,16 +2466,6 @@ def ParseOptions(argv,
|
|||
OPTIONS.verity_signer_path = a
|
||||
elif o in ("--verity_signer_args",):
|
||||
OPTIONS.verity_signer_args = shlex.split(a)
|
||||
elif o in ("--aftl_tool_path",):
|
||||
OPTIONS.aftl_tool_path = a
|
||||
elif o in ("--aftl_server",):
|
||||
OPTIONS.aftl_server = a
|
||||
elif o in ("--aftl_key_path",):
|
||||
OPTIONS.aftl_key_path = a
|
||||
elif o in ("--aftl_manufacturer_key_path",):
|
||||
OPTIONS.aftl_manufacturer_key_path = a
|
||||
elif o in ("--aftl_signer_helper",):
|
||||
OPTIONS.aftl_signer_helper = a
|
||||
elif o in ("-s", "--device_specific"):
|
||||
OPTIONS.device_specific = a
|
||||
elif o in ("-x", "--extra"):
|
||||
|
|
|
|||
|
|
@ -1631,88 +1631,6 @@ class CommonUtilsTest(test_utils.ReleaseToolsTestCase):
|
|||
self.assertEqual('3', chained_partition_args[1])
|
||||
self.assertTrue(os.path.exists(chained_partition_args[2]))
|
||||
|
||||
def test_BuildVBMeta_appendAftlCommandSyntax(self):
|
||||
testdata_dir = test_utils.get_testdata_dir()
|
||||
common.OPTIONS.info_dict = {
|
||||
'ab_update': 'true',
|
||||
'avb_avbtool': 'avbtool',
|
||||
'build.prop': common.PartitionBuildProps.FromDictionary(
|
||||
'system', {
|
||||
'ro.build.version.incremental': '6285659',
|
||||
'ro.product.device': 'coral',
|
||||
'ro.build.fingerprint':
|
||||
'google/coral/coral:R/RP1A.200311.002/'
|
||||
'6285659:userdebug/dev-keys'}
|
||||
),
|
||||
}
|
||||
common.OPTIONS.aftl_tool_path = 'aftltool'
|
||||
common.OPTIONS.aftl_server = 'log.endpoints.aftl-dev.cloud.goog:9000'
|
||||
common.OPTIONS.aftl_key_path = os.path.join(testdata_dir,
|
||||
'test_transparency_key.pub')
|
||||
common.OPTIONS.aftl_manufacturer_key_path = os.path.join(
|
||||
testdata_dir, 'test_aftl_rsa4096.pem')
|
||||
|
||||
vbmeta_image = tempfile.NamedTemporaryFile(delete=False)
|
||||
cmd = common.ConstructAftlMakeImageCommands(vbmeta_image.name)
|
||||
expected_cmd = [
|
||||
'aftltool', 'make_icp_from_vbmeta',
|
||||
'--vbmeta_image_path', 'place_holder',
|
||||
'--output', vbmeta_image.name,
|
||||
'--version_incremental', '6285659',
|
||||
'--transparency_log_servers',
|
||||
'log.endpoints.aftl-dev.cloud.goog:9000,{}'.format(
|
||||
common.OPTIONS.aftl_key_path),
|
||||
'--manufacturer_key', common.OPTIONS.aftl_manufacturer_key_path,
|
||||
'--algorithm', 'SHA256_RSA4096',
|
||||
'--padding', '4096']
|
||||
|
||||
# ignore the place holder, i.e. path to a temp file
|
||||
self.assertEqual(cmd[:3], expected_cmd[:3])
|
||||
self.assertEqual(cmd[4:], expected_cmd[4:])
|
||||
|
||||
@unittest.skip("enable after we have a server for public")
|
||||
def test_BuildVBMeta_appendAftlContactServer(self):
|
||||
testdata_dir = test_utils.get_testdata_dir()
|
||||
common.OPTIONS.info_dict = {
|
||||
'ab_update': 'true',
|
||||
'avb_avbtool': 'avbtool',
|
||||
'build.prop': common.PartitionBuildProps.FromDictionary(
|
||||
'system', {
|
||||
'ro.build.version.incremental': '6285659',
|
||||
'ro.product.device': 'coral',
|
||||
'ro.build.fingerprint':
|
||||
'google/coral/coral:R/RP1A.200311.002/'
|
||||
'6285659:userdebug/dev-keys'}
|
||||
)
|
||||
}
|
||||
common.OPTIONS.aftl_tool_path = "aftltool"
|
||||
common.OPTIONS.aftl_server = "log.endpoints.aftl-dev.cloud.goog:9000"
|
||||
common.OPTIONS.aftl_key_path = os.path.join(testdata_dir,
|
||||
'test_transparency_key.pub')
|
||||
common.OPTIONS.aftl_manufacturer_key_path = os.path.join(
|
||||
testdata_dir, 'test_aftl_rsa4096.pem')
|
||||
|
||||
input_dir = common.MakeTempDir()
|
||||
system_image = common.MakeTempFile()
|
||||
build_image_cmd = ['mkuserimg_mke2fs', input_dir, system_image, 'ext4',
|
||||
'/system', str(4096 * 100), '-j', '0', '-s']
|
||||
common.RunAndCheckOutput(build_image_cmd)
|
||||
|
||||
add_footer_cmd = ['avbtool', 'add_hashtree_footer',
|
||||
'--partition_size', str(4096 * 150),
|
||||
'--partition_name', 'system',
|
||||
'--image', system_image]
|
||||
common.RunAndCheckOutput(add_footer_cmd)
|
||||
|
||||
vbmeta_image = common.MakeTempFile()
|
||||
common.BuildVBMeta(vbmeta_image, {'system': system_image}, 'vbmeta',
|
||||
['system'])
|
||||
|
||||
verify_cmd = ['aftltool', 'verify_image_icp', '--vbmeta_image_path',
|
||||
vbmeta_image, '--transparency_log_pub_keys',
|
||||
common.OPTIONS.aftl_key_path]
|
||||
common.RunAndCheckOutput(verify_cmd)
|
||||
|
||||
@test_utils.SkipIfExternalToolsUnavailable()
|
||||
def test_AppendGkiSigningArgs_NoSigningKeyPath(self):
|
||||
# A non-GKI boot.img has no gki_signing_key_path.
|
||||
|
|
|
|||
|
|
@ -1,52 +0,0 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDDlhUPUgtWL6LB
|
||||
Wybp6wsEJeioV1aRLPGSA2/xIpTiJUK46cb/MD5eBTWjKENoIgX23eL/ePy2I68e
|
||||
+WvcZ5ITGOTRQqNVZIdc5qvr03wkV0BsJQMHSMAHacePpB/4xM5MzN/6Ku1wA8Dw
|
||||
uK+v/Cw4hqq8H/gP0oPVQ1bwcIePzRPX4YkkyXusoyzTIm5DJ9reVtyFucKqANCN
|
||||
aFmGxcaEc2nADtARQWJpO95joFsMvr68+JBxpCt8aWbxuSz/rLJ9Y8Z46V/++XG+
|
||||
E4QEob/WVY5pUD/RyogLrfhIf+zO7R3wJklXElSFacIX9+RzR9dgkQVbqxLfBKIP
|
||||
XWLCsF4I4EnvqUtaVjIMl8UpZpoq8pDLRqZ71Os5xZYq06x9E02M6DnvFbZEdaOX
|
||||
MCz2mmNX3g5FahvJayBhCuNhyTkd79MFR71Wp48TvWxKz3S7q0T0cWHNhtPkHSCa
|
||||
KwD93AQnqtLKYDGkHIZBzJPcs+QxbzdHyGzhXZb+qh5KmQvNA9HRBQY1RkMmzIbI
|
||||
8pzYTwpOkbCEhVoCWcRaaF1Pgl+zcpgJOMbBBUabx/dConFIhMDW/I5fHgKgwGqm
|
||||
tWUibrMPdnfS6W5MXi8jC0eDuZl0VwmdE+4dLujiOofUYnb7D+GXojf3PrSLcTw1
|
||||
PmG0f7l5xDKN9a0N+IXqvD2oAANTsQIDAQABAoICAQCW5HXw8OogHvYg2HMIKrbA
|
||||
B4McRO1baWIhtRcq4PQeGIMGaA2HmS+0l65O5uRCNWWGlJ7pW+0TlCop6mHFk/4F
|
||||
T8JQk2mxmrI4ARqIAQwYeVwRUuioOP81eO1mK0gjQ6qpY7I0reOq9KpozQN18UYo
|
||||
gfS82Kkng9EDukUbkKV1UtFJTw3gXLVWdjlB1qFcnCXmPPs7DBpbz+8V+XiAWpsS
|
||||
WnwumP77IQeMiozDLdaw2YQMBHRjyDVocWTjfmpyAkleJZjcdagC7W1MKIBElomL
|
||||
EUyigTALaYZWBGy1ekQ3TIY5XUBdtZ2RpAsDNNOCAN3v+VI565zOhCOHWRO1gh24
|
||||
vyhBFR0HYqBRoLbLAqo8bM5iLPz1EWGyaTnfxt38J8Va0TD7KihcBnphiA+dkhEF
|
||||
oc0yIp/8S2o3CfkNok7Ju8Amb7M4JJuKhuP8wxn86fAHpjjd3Y4SlZp0NrTrd7T2
|
||||
msLIneb1OUZZxFxyJG1XQGEZplLPalnGadIF4p3q/3nd1rVb491qCNl/A5QwhI9r
|
||||
ZV62O90M9fu3+cAynBLbMT09IZecNwP1gXmunlY6YH+ymM+3NFqC8q2tnzomiz8/
|
||||
Fee0ftZ2C/jK62fET0Y8LPWGkVQGHtvZH0FPg4suA0GMmYAe0tQl93A+jFltfKKZ
|
||||
RgCDrYs6Wv76E9gnWVnEdQKCAQEA8L76LjZUTKOg83Bra+hP+cXnwGsgwOwJfGBp
|
||||
OM++5HzlpYjtbD38esBZVJtwb/8xJGdsHtP2n7ZgbSDuAnRj5S50QHIApvRkz1Y+
|
||||
1hL8tAdgVP2JkYjpyG3bPk4QVKyXkKvBcp2BCidXs75+HzfOxqkazumaYOYo2guh
|
||||
azHdka2xSqxcZqo4yyORc/oue25RU4skmuNDOlP0+OTxU/uXnl7QZmlaOfT5TqO4
|
||||
s7uER4BXt/87j44mnOBdXmtqrsL49+R9bzVskx76aeuaBbwf7jnpR058E71OZwSd
|
||||
F1P3fx6hl0yLOZF/5Jnq+14rEna6jH50XtzlhB6deSZFTOw2gwKCAQEAz/qXRzwH
|
||||
I0YWISgkUG2zBJseHmfHqV4CDzb5+tTJ3B2I8cXE0m2sQJXi2s7oMhWSc1cQOHCX
|
||||
txpgWaD59uBz2lcwnGRNp27TRXv8Wo+X0+O+lGWU2cO+j8AB2Vtb7F7rCySp0+Uu
|
||||
z+dBfoQ2zhKEQlkX0YldVILGzCL3QBHVvPC4iDlwkMRbcejDoh9NsBtHL8lG+MAw
|
||||
ZXbwJjhaJkhTXJFpJpejq70naS8VVlLt8Os80iuBXe5JK/ecAHtsNcJlXO02sMNZ
|
||||
Fbcy8WosGyvRKQ/tHtTjAlxZ7Ey8usWE8BvWBdUgiIBkIcjLtE2GrA8eOGNb3v1I
|
||||
HRt8NsV8yaLWuwKCAQAR7SaT6le8nTKO7gARuOq7npDzMwbtVqYeLM+o+08rlGFF
|
||||
QjzronH6cfg05J4quMXgABN8+CuVGO91MM6IQEJv/lWJtvN1ex1GkxV6u0812JbD
|
||||
vV1RCPDfi86XhRiSNYfTrfZponDJYMSXDcg2auFqyYzFe3+TV5ATLGqIoN3uyxA4
|
||||
jz0SJ/qypaNfD3IGnuBPaD0Bi4ql/TpwjhuqNUHE+SprdczSI/usb2SBfaUL7fKa
|
||||
MNcuiVc2tz48maMIAFypmMn+TewXyGa9HF4Lr0ZxZr6IIL/8eEwuP5my8v2q6Yz+
|
||||
xyRW1Q7A5vUoYoqyhUS+0Wu45JnyjJUNQFxIrg4hAoIBAF1uBIGSvN4iwRQ6FT4w
|
||||
WahrCre8BVzXh3NQTjJZXylL91YtcwLZE/Wbn+KN6o99U2IPLZE9O1qdNcVt5Hz8
|
||||
Te87FfJbuOrLhYuEbFQ+h4U/nUDK9XhyT+wB5JLBUOU5qrtByC0Rmtr411o/iONA
|
||||
PDwWC/YskEnDygywdIRKvsr3FN7VdvUB0Na2KxRsnZjMWElmUUS0Ccm7CZ0R2aWy
|
||||
/gfqpuMYYgVnnwnIhfxWmt+MvbDorGAHCMYAoQsyZuUrpB9/zP7RcvanavI6sP+v
|
||||
ynF43xvnpOdNl3Po8SuyScsXpijOmqPXkaP/sUsZPLOUww2vzPi6raetzjpIs4td
|
||||
ZLsCggEAe42Zj3FEbruJZeDgmd9lSc0j8UF90mNw8KH44IbuA6R9fGv3WkrNHEVd
|
||||
XZOwjWqAxhOj6pFoJk8n6h5d8iS/yXFZ0AfBMc21XMecu9mnfx9E9LFAIWmv7Wut
|
||||
vy3h2BqY+crglpg5RAw+3J97HAGMYCvp+hH2il+9zzjpmCtTD21LRMkw34szY7RR
|
||||
CDy9G5FTmKVlxw5eegvyj164olQRLurEdUIfSr5UnBjrWftJHy9JW8KWCeFDSmm9
|
||||
xCl3nGDyQuZmOTngxPtrOYAhb5LoKR9BeGcy6jlom7V4nYYqm3t1IDBgMqjYGT9c
|
||||
vqQgxO2OFsQOJQ/4PRYEKd1neTlZrw==
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4ilqCNsenNA013iCdwgD
|
||||
YPxZ853nbHG9lMBp9boXiwRcqT/8bUKHIL7YX5z7s+QoRYVY3rkMKppRabclXzyx
|
||||
H59YnPMaU4uv7NqwWzjgaZo7E+vo7IF+KBjV3cJulId5Av0yIYUCsrwd7MpGtWdC
|
||||
Q3S+7Vd4zwzCKEhcvliNIhnNlp1U3wNkPCxOyCAsMEn6k8O5ar12ke5TvxDv15db
|
||||
rPDeHh8G2OYWoCkWL+lSN35L2kOJqKqVbLKWrrOd96RCYrrtbPCi580OADJRcUlG
|
||||
lgcjwmNwmypBWvQMZ6ITj0P0ksHnl1zZz1DE2rXe1goLI1doghb5KxLaezlR8c2C
|
||||
E3w/uo9KJgNmNgUVzzqZZ6FE0moyIDNOpP7KtZAL0DvEZj6jqLbB0ccPQElrg52m
|
||||
Dv2/A3nYSr0mYBKeskT4+Bg7PGgoC8p7WyLSxMyzJEDYdtrj9OFx6eZaA23oqTQx
|
||||
k3Qq5H8RfNBeeSUEeKF7pKH/7gyqZ2bNzBFMA2EBZgBozwRfaeN/HCv3qbaCnwvu
|
||||
6caacmAsK+RxiYxSL1QsJqyhCWWGxVyenmxdc1KG/u5ypi7OIioztyzR3t2tAzD3
|
||||
Nb+2t8lgHBRxbV24yiPlnvPmB1ZYEctXnlRR9Evpl1o9xA9NnybPHKr9rozN39CZ
|
||||
V/USB8K6ao1y5xPZxa8CZksCAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
|
||||
Loading…
Reference in a new issue