02a0859b3c
For example, verify a target_files.zip that has system AVB-signed as a
chained partition.
$ build/make/tools/releasetools/validate_target_files.py \
signed-target_files-4904652.zip \
--verity_key verifiedboot_pub.pem \
--avb_system_key_path system_pub.pem
Note that verifiedboot_pub.pem should be the key (either public or
private) to verify vbmeta.img, and 'system_pub.pem' should be the key
(either public or private) for the chained partition of system.
testdata/testkey.key is the private key converted from
testdata/testkey.pk8 for testing purpose (`openssl pkcs8 -in
testdata/testkey.pk8 -inform DER -out testdata/testkey.key -nocrypt`).
Bug: 63706333
Test: python -m unittest test_common
Test: python -m unittest test_add_img_to_target_files
Test: `m dist` on aosp_walleye-userdebug; Run validate_target_files.py
on the generated target_files.zip.
Test: Set up walleye with chained system partition; `m dist`; Run
validate_target_files.py on the generated target_files.zip.
Change-Id: I38517ab39baf8a5bc1a6062fab2fe229b68e897d
|
||
|---|---|---|
| .. | ||
| media.x509.pem | ||
| payload_signer.sh | ||
| platform.x509.pem | ||
| sigfile.bin | ||
| signed-sigfile.bin | ||
| TestApp.apk | ||
| testkey.key | ||
| testkey.pk8 | ||
| testkey.pubkey.pem | ||
| testkey.x509.pem | ||
| testkey_mincrypt | ||
| testkey_with_passwd.pk8 | ||
| testkey_with_passwd.x509.pem | ||
| verity.x509.pem | ||