PEM files are ASCII-encoded, open them as text file (as opposed to
binary). Avoid relying on __del__. Introduce a prologue and epilogue
methods to emit the <policy> tag only once per output.
Test: build plat_mac_permissions.xml on bramble and compare with
previous version; identical
Test: build product_mac_permissions.xml on bramble and compare with
previous version; identical
Test: build system_ext_mac_permissions.xml on bramble and compare with
previous version; identical
Test: build vendor_mac_permissions.xml on bramble and compare with
previous version; identical
Bug: 200119288
Change-Id: Iced0acf75bff756453918a411aecb9f4ef8f825d
insertkeys.py used beginswith() when checking that the BEGIN
and END CERTIFICATE clauses in PEM files were correct. It should
have done an explicit check on equality.
Change-Id: I5efb48d180bc674e6281a26a955acd248588b8bd
Many keys end with whitespace or otherwise have whitespace separating the
certificates. If insertkeys is intended to support multiple certificates, we
should also support blank line separators.
Change-Id: I5fd17be5785ad1b89a6191e9ba33bbc7c5a4e8e9
Insert keys would erroneously process pem files
with openssl headers in them. Also, the tool would
be fooled into attempting to use pem files that
had private keys and other things in the format.
This patch strengthens the formatting requirements
and increases the verboseness of error messages
when processing pem files.
Change-Id: I03353faaa641233a000d1a18943024ae47c63e0f
Currently a path to a key in keys.conf must be fully qualified or have
the -d option appended. This fix will allow paths to have environment
variables that will be expanded. This will give portability to the
entries. For example the following entry will now be resolved correctly:
[@NET_APPS]
ALL : $ANDROID_BUILD_TOP/device/demo_vendor/demo_dev/security/net_apps.x509.pem
Change-Id: If4f169d9ed4f37b6ebd062508de058f3baeafead
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Allow script to union mac_permissions.xml files
specified using the BOARD_SEPOLICY_DIRS and
BOARD_SEPOLICY_UNION constructs.
Change-Id: I4fc65fd1ab4c612f25e966f030247e54a270b614
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This reverts commit cd4104e84b
This builds clean locally, but seems to explode on the build servers. Reverting until there's a solution.
Change-Id: I09200db37c193f39c77486d5957a8f5916e38aa0
Support the inseretion of the public key from pem
files into the mac_permissions.xml file at build
time.
Change-Id: Ia42b6cba39bf93723ed3fb85236eb8f80a08962a