fix signing user builds

When unzipping a target-files which has been signed with OTA key
replacement, you'll get "overwrite this file?" prompts because the key
files appear in the zip files twice.  Suppress these prompts.

Many developer phone products don't define PRODUCT_OTA_PUBLIC_KEYS, so
add a default key.

This change doesn't affect device code.

tools/releasetools/common.py

@@ -144,7 +144,7 @@ def UnzipTemp(filename):
 
   tmp = tempfile.mkdtemp(prefix="targetfiles-")
   OPTIONS.tempfiles.append(tmp)
-  p = Run(["unzip", "-q", filename, "-d", tmp], stdout=subprocess.PIPE)
+  p = Run(["unzip", "-o", "-q", filename, "-d", tmp], stdout=subprocess.PIPE)
   p.communicate()
   if p.returncode != 0:
     raise ExternalError("failed to unzip input target-files \"%s\"" %

tools/releasetools/sign_target_files_apks

@@ -272,8 +272,13 @@ def ReplaceOtaKeys(input_tf_zip, output_tf_zip):
     k = m.group(1)
     mapped_keys.append(OPTIONS.key_map.get(k, k) + ".x509.pem")
 
-  print "using:\n   ", "\n   ".join(mapped_keys)
+  if mapped_keys:
-  print "for OTA package verification"
+    print "using:\n   ", "\n   ".join(mapped_keys)
+    print "for OTA package verification"
+  else:
+    mapped_keys.append(
+        OPTIONS.key_map["build/target/product/security/testkey"] + ".x509.pem")
+    print "META/otakeys.txt has no keys; using", mapped_keys[0]
 
   # recovery uses a version of the key that has been slightly
   # predigested (by DumpPublicKey.java) and put in res/keys.