Merge "Fix error where otacerts in VENDOR_BOOT isn't replaced" am: 3c1a6ee5ad
am: 484b38abc0
am: c720f04885
Original change: https://android-review.googlesource.com/c/platform/build/+/1585506 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: Ia3233ce8864c086c95ad9aff7beacd2494388fec
This commit is contained in:
commit
6263ace16a
1 changed files with 7 additions and 20 deletions
|
@ -579,12 +579,7 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info,
|
|||
|
||||
# Don't copy OTA certs if we're replacing them.
|
||||
# Replacement of update-payload-key.pub.pem was removed in b/116660991.
|
||||
elif (
|
||||
OPTIONS.replace_ota_keys and
|
||||
filename in (
|
||||
"BOOT/RAMDISK/system/etc/security/otacerts.zip",
|
||||
"RECOVERY/RAMDISK/system/etc/security/otacerts.zip",
|
||||
"SYSTEM/etc/security/otacerts.zip")):
|
||||
elif OPTIONS.replace_ota_keys and filename.endswith("/otacerts.zip"):
|
||||
pass
|
||||
|
||||
# Skip META/misc_info.txt since we will write back the new values later.
|
||||
|
@ -852,20 +847,12 @@ def ReplaceOtaKeys(input_tf_zip, output_tf_zip, misc_info):
|
|||
print("META/otakeys.txt has no keys; using %s for OTA package"
|
||||
" verification." % (mapped_keys[0],))
|
||||
|
||||
# recovery now uses the same x509.pem version of the keys.
|
||||
# extra_recovery_keys are used only in recovery.
|
||||
if misc_info.get("recovery_as_boot") == "true":
|
||||
recovery_keys_location = "BOOT/RAMDISK/system/etc/security/otacerts.zip"
|
||||
else:
|
||||
recovery_keys_location = "RECOVERY/RAMDISK/system/etc/security/otacerts.zip"
|
||||
|
||||
WriteOtacerts(output_tf_zip, recovery_keys_location,
|
||||
mapped_keys + extra_recovery_keys)
|
||||
|
||||
# SystemUpdateActivity uses the x509.pem version of the keys, but
|
||||
# put into a zipfile system/etc/security/otacerts.zip.
|
||||
# We DO NOT include the extra_recovery_keys (if any) here.
|
||||
WriteOtacerts(output_tf_zip, "SYSTEM/etc/security/otacerts.zip", mapped_keys)
|
||||
otacerts = [info
|
||||
for info in input_tf_zip.infolist()
|
||||
if info.filename.endswith("/otacerts.zip")]
|
||||
for info in otacerts:
|
||||
print("Rewriting OTA key:", info.filename, mapped_keys)
|
||||
WriteOtacerts(output_tf_zip, info.filename, mapped_keys)
|
||||
|
||||
|
||||
def ReplaceVerityPublicKey(output_zip, filename, key_path):
|
||||
|
|
Loading…
Reference in a new issue