--is_signing
Skip building & adding the images for "userdata" and "cache" if we
are signing the target files.
-
- --verity_signer_path
- Specify the signer path to build verity metadata.
"""
import sys
OPTIONS.replace_verity_public_key = False
OPTIONS.replace_verity_private_key = False
OPTIONS.is_signing = False
-OPTIONS.verity_signer_path = None
def AddSystem(output_zip, prefix="IMAGES/", recovery_img=None, boot_img=None):
"""Turn the contents of SYSTEM into a system image and store it in
OPTIONS.replace_verity_public_key = (True, a)
elif o == "--is_signing":
OPTIONS.is_signing = True
- elif o == "--verity_signer_path":
- OPTIONS.verity_signer_path = a
else:
return False
return True
extra_long_opts=["add_missing", "rebuild_recovery",
"replace_verity_public_key=",
"replace_verity_private_key=",
- "is_signing",
- "verity_signer_path="],
+ "is_signing"],
extra_option_handler=option_handler)
return True, int(output)
def GetVerityMetadataSize(partition_size):
- cmd = "system/extras/verity/build_verity_metadata.py -s %d"
+ cmd = "system/extras/verity/build_verity_metadata.py size %d"
cmd %= partition_size
status, output = commands.getstatusoutput(cmd)
return True
def BuildVerityMetadata(image_size, verity_metadata_path, root_hash, salt,
- block_device, signer_path, key):
+ block_device, signer_path, key, signer_args):
cmd_template = (
- "system/extras/verity/build_verity_metadata.py %s %s %s %s %s %s %s")
+ "system/extras/verity/build_verity_metadata.py build " +
+ "%s %s %s %s %s %s %s")
cmd = cmd_template % (image_size, verity_metadata_path, root_hash, salt,
block_device, signer_path, key)
+ if signer_args:
+ cmd += " --signer_args=\"%s\"" % (' '.join(signer_args),)
print cmd
status, output = commands.getstatusoutput(cmd)
if status:
block_dev = prop_dict["verity_block_device"]
signer_key = prop_dict["verity_key"] + ".pk8"
if OPTIONS.verity_signer_path is not None:
- signer_path = OPTIONS.verity_signer_path + ' '
- signer_path += ' '.join(OPTIONS.verity_signer_args)
+ signer_path = OPTIONS.verity_signer_path
else:
signer_path = prop_dict["verity_signer_cmd"]
+ signer_args = OPTIONS.verity_signer_args
# make a tempdir
tempdir_name = tempfile.mkdtemp(suffix="_verity_images")
root_hash = prop_dict["verity_root_hash"]
salt = prop_dict["verity_salt"]
if not BuildVerityMetadata(image_size, verity_metadata_path, root_hash, salt,
- block_dev, signer_path, signer_key):
+ block_dev, signer_path, signer_key, signer_args):
shutil.rmtree(tempdir_name, ignore_errors=True)
return False