Prior to this CL, the call to delta_generator in
check_ota_package_signature.VerifyAbOtaPayload() didn't redirect stderr.
The logs (mostly INFO) on successful verification added noise to the
normal output, which also upset the unittest result parser.
This CL captures stderr outputs from delta_generator, and will only dump
them on error.
Bug: 72884343
Test: `python -m unittest -v test_ota_from_target_files > /dev/null`
gives clean output.
Test: Inject error into delta_generator. The call to
check_ota_package_signature correctly dumps both of stdout and
stderr outputs.
Change-Id: I014a4b21bf758dcf0a4b9963259d6019851935ee
When calling 'openssl x509 -pubkey' to extract the public key from a
certificate, openssl 1.0 and 1.1 handle the '-out' parameter
differently. openssl 1.0 doesn't write the output into the specified
filename, which leads to the payload verification failure in
check_ota_package_signature.VerifyAbOtaPayload(). This CL addresses
the issue by always collecting the output from stdout instead.
It also refactors the two copies into common.ExtractPublicKey(), and
adds unittest. get_testdata_dir() is moved into test_utils.py that holds
common utils for running the unittests.
Bug: 72884343
Test: python -m unittest test_common
Test: python -m unittest test_ota_from_target_files
Test: Run sign_target_files_apks with '--replace_ota_keys' on marlin
target_files zip. Check the payload pubkey replacement.
Test: Trigger the tests with forrest, and tests no longer fail on
machines with openssl 1.0.1.
Change-Id: Ib0389b360f064053e9aa7cc0546d718e7b23003b
... to include system/update_engine/scripts if ANDROID_BUILD_TOP is set
(e.g. after lunching a target).
Test: ./build/make/tools/releasetools/check_ota_package_signature.py
works without manually setting PYTHONPATH.
Change-Id: I0c5101fab2dd69cb6a598b909aa04bc4d5f45284
$ PYTHONPATH=$PYTHONPATH:system/update_engine/scripts \
./build/make/tools/releasetools/check_ota_package_signature.py \
build/target/product/security/testkey.x509.pem \
out/dist/aosp_marlin-ota-eng.zip
Package: out/dist/aosp_marlin-ota-eng.zip
Certificate: build/target/product/security/testkey.x509.pem
...
Whole package signature VERIFIED
Verifying A/B OTA payload signatures...
...
Payload signatures VERIFIED
Bug: 65261072
Test: Signed a package and its payload with the right keys; ran the
command above.
Test: Signed the payload with a different key; ran the command above and
observed the reported verification failure.
Change-Id: If626ecb327a9826cd0956eef94914c939068a7d1
tempfile.TemporaryFile() complains when 'None' is passed as the
prefix/suffix. It uses prefix='tmp' and suffix='' as the default values
and we should do the same.
Test: Call check_ota_package_signature.py and ota_from_target_files.py
and they still work.
Change-Id: I7fb023a3fd0b1a57c009631d0c57a7bb8e4cb5a3
Currently it supports verifying packages signed with RSA algorithms
(v1-v4 as in bootable/recovery/verifier.cpp). No support for ECDSA (v5)
signed packages yet.
$ ./build/tools/releasetools/check_ota_package_signature.py \
bootable/recovery/tests/testdata/testkey_v1.x509.pem \
bootable/recovery/tests/testdata/otasigned_v1.zip
Package: bootable/recovery/tests/testdata/otasigned_v1.zip
Certificate: bootable/recovery/tests/testdata/testkey_v1.x509.pem
Comment length: 1738
Signed data length: 2269
Use SHA-256: False
Digest: 115e688ec3b77743070b743453e2fc6ce8754484
VERIFIED
Bug: 31523193
Test: Used the tool to verify existing packages (like above).
Change-Id: I71d3569e858c729cb64825c5c7688ededc397aa8
