releasetools: Support verity signer args.

author Tao Bao <tbao@google.com>

Mon, 17 Oct 2016 23:20:12 +0000 (16:20 -0700)

committer Tao Bao <tbao@google.com>

Mon, 17 Oct 2016 23:25:22 +0000 (16:25 -0700)
author Tao Bao <tbao@google.com>
Mon, 17 Oct 2016 23:20:12 +0000 (16:20 -0700)
committer Tao Bao <tbao@google.com>
Mon, 17 Oct 2016 23:25:22 +0000 (16:25 -0700)
diff --git a/tools/releasetools/add_img_to_target_files.py b/tools/releasetools/add_img_to_target_files.py

index 2e26514..3884f49 100755 (executable)
--- a/tools/releasetools/add_img_to_target_files.py
+++ b/tools/releasetools/add_img_to_target_files.py
@@ -41,9 +41,6 @@ Usage:  add_img_to_target_files [flag] target_files
    --is_signing
        Skip building & adding the images for "userdata" and "cache" if we
        are signing the target files.
-
-  --verity_signer_path
-      Specify the signer path to build verity metadata.
  """
  
  import sys
@@ -71,7 +68,6 @@ OPTIONS.rebuild_recovery = False
  OPTIONS.replace_verity_public_key = False
  OPTIONS.replace_verity_private_key = False
  OPTIONS.is_signing = False
-OPTIONS.verity_signer_path = None
  
  def AddSystem(output_zip, prefix="IMAGES/", recovery_img=None, boot_img=None):
    """Turn the contents of SYSTEM into a system image and store it in
@@ -452,8 +448,6 @@ def main(argv):
        OPTIONS.replace_verity_public_key = (True, a)
      elif o == "--is_signing":
        OPTIONS.is_signing = True
-    elif o == "--verity_signer_path":
-      OPTIONS.verity_signer_path = a
      else:
        return False
      return True
@@ -463,8 +457,7 @@ def main(argv):
        extra_long_opts=["add_missing", "rebuild_recovery",
                         "replace_verity_public_key=",
                         "replace_verity_private_key=",
-                       "is_signing",
-                       "verity_signer_path="],
+                       "is_signing"],
        extra_option_handler=option_handler)
  
  
diff --git a/tools/releasetools/build_image.py b/tools/releasetools/build_image.py

index 50e81bf..6bf42d1 100755 (executable)
--- a/tools/releasetools/build_image.py
+++ b/tools/releasetools/build_image.py
@@ -69,7 +69,7 @@ def GetVerityTreeSize(partition_size):
    return True, int(output)
  
  def GetVerityMetadataSize(partition_size):
-  cmd = "system/extras/verity/build_verity_metadata.py -s %d"
+  cmd = "system/extras/verity/build_verity_metadata.py size %d"
    cmd %= partition_size
  
    status, output = commands.getstatusoutput(cmd)
@@ -214,11 +214,14 @@ def BuildVerityTree(sparse_image_path, verity_image_path, prop_dict):
    return True
  
  def BuildVerityMetadata(image_size, verity_metadata_path, root_hash, salt,
-                        block_device, signer_path, key):
+                        block_device, signer_path, key, signer_args):
    cmd_template = (
-      "system/extras/verity/build_verity_metadata.py %s %s %s %s %s %s %s")
+      "system/extras/verity/build_verity_metadata.py build " +
+      "%s %s %s %s %s %s %s")
    cmd = cmd_template % (image_size, verity_metadata_path, root_hash, salt,
                          block_device, signer_path, key)
+  if signer_args:
+    cmd += " --signer_args=\"%s\"" % (' '.join(signer_args),)
    print cmd
    status, output = commands.getstatusoutput(cmd)
    if status:
@@ -305,10 +308,10 @@ def MakeVerityEnabledImage(out_file, fec_supported, prop_dict):
    block_dev = prop_dict["verity_block_device"]
    signer_key = prop_dict["verity_key"] + ".pk8"
    if OPTIONS.verity_signer_path is not None:
-    signer_path = OPTIONS.verity_signer_path + ' '
-    signer_path += ' '.join(OPTIONS.verity_signer_args)
+    signer_path = OPTIONS.verity_signer_path
    else:
      signer_path = prop_dict["verity_signer_cmd"]
+  signer_args = OPTIONS.verity_signer_args
  
    # make a tempdir
    tempdir_name = tempfile.mkdtemp(suffix="_verity_images")
@@ -327,7 +330,7 @@ def MakeVerityEnabledImage(out_file, fec_supported, prop_dict):
    root_hash = prop_dict["verity_root_hash"]
    salt = prop_dict["verity_salt"]
    if not BuildVerityMetadata(image_size, verity_metadata_path, root_hash, salt,
-                             block_dev, signer_path, signer_key):
+                             block_dev, signer_path, signer_key, signer_args):
      shutil.rmtree(tempdir_name, ignore_errors=True)
      return False
author	Tao Bao <tbao@google.com>
	Mon, 17 Oct 2016 23:20:12 +0000 (16:20 -0700)
committer	Tao Bao <tbao@google.com>
	Mon, 17 Oct 2016 23:25:22 +0000 (16:25 -0700)
tools/releasetools/add_img_to_target_files.py		patch \| blob \| history
tools/releasetools/build_image.py		patch \| blob \| history