Delay the write-back of misc_info in sign_target_files_apks.py.
Currently we're writing META/misc_info.txt to the new TF.zip during
ReplaceVerityPrivateKey(). We should delay that until we have replaced
everything in need. Otherwise we won't be able to replace/overwrite
that zip entry (unless `zip -d` first).
This CL also cleans up the return value of ReplaceVerityPublicKey() and
ReplaceVerityKeyId(), since the caller no longer needs the values.
Test: sign_target_files_apks.py and check the generated signed TF.zip.
Change-Id: I9fbd7182247728281519e5e3971557f6b018ad65
diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
index b9bb4d0..cabceec 100755
--- a/tools/releasetools/sign_target_files_apks.py
+++ b/tools/releasetools/sign_target_files_apks.py
@@ -240,9 +240,8 @@
"SYSTEM/etc/update_engine/update-payload-key.pub.pem")):
pass
- # Skip META/misc_info.txt if we will replace the verity private key later.
- elif (OPTIONS.replace_verity_private_key and
- info.filename == "META/misc_info.txt"):
+ # Skip META/misc_info.txt since we will write back the new values later.
+ elif info.filename == "META/misc_info.txt":
pass
# Skip verity public key if we will replace it.
@@ -267,10 +266,9 @@
if OPTIONS.replace_ota_keys:
ReplaceOtaKeys(input_tf_zip, output_tf_zip, misc_info)
- # Replace the keyid string in META/misc_info.txt.
+ # Replace the keyid string in misc_info dict.
if OPTIONS.replace_verity_private_key:
- ReplaceVerityPrivateKey(input_tf_zip, output_tf_zip, misc_info,
- OPTIONS.replace_verity_private_key[1])
+ ReplaceVerityPrivateKey(misc_info, OPTIONS.replace_verity_private_key[1])
if OPTIONS.replace_verity_public_key:
if system_root_image:
@@ -287,6 +285,9 @@
ReplaceVerityKeyId(input_tf_zip, output_tf_zip,
OPTIONS.replace_verity_keyid[1])
+ # Write back misc_info with the latest values.
+ ReplaceMiscInfoTxt(input_tf_zip, output_tf_zip, misc_info)
+
def ReplaceCerts(data):
"""Given a string of data, replace all occurences of a set
@@ -464,20 +465,12 @@
def ReplaceVerityPublicKey(targetfile_zip, filename, key_path):
- print "Replacing verity public key with %s" % key_path
- with open(key_path) as f:
- data = f.read()
- common.ZipWriteStr(targetfile_zip, filename, data)
- return data
+ print "Replacing verity public key with %s" % (key_path,)
+ common.ZipWrite(targetfile_zip, key_path, arcname=filename)
-def ReplaceVerityPrivateKey(targetfile_input_zip, targetfile_output_zip,
- misc_info, key_path):
- print "Replacing verity private key with %s" % key_path
- current_key = misc_info["verity_key"]
- original_misc_info = targetfile_input_zip.read("META/misc_info.txt")
- new_misc_info = original_misc_info.replace(current_key, key_path)
- common.ZipWriteStr(targetfile_output_zip, "META/misc_info.txt", new_misc_info)
+def ReplaceVerityPrivateKey(misc_info, key_path):
+ print "Replacing verity private key with %s" % (key_path,)
misc_info["verity_key"] = key_path
@@ -506,7 +499,21 @@
out_cmdline = out_cmdline.strip()
print "out_cmdline %s" % (out_cmdline)
common.ZipWriteStr(targetfile_output_zip, "BOOT/cmdline", out_cmdline)
- return out_cmdline
+
+
+def ReplaceMiscInfoTxt(input_zip, output_zip, misc_info):
+ """Replaces META/misc_info.txt.
+
+ Only writes back the ones in the original META/misc_info.txt. Because the
+ current in-memory dict contains additional items computed at runtime.
+ """
+ misc_info_old = common.LoadDictionaryFromLines(
+ input_zip.read('META/misc_info.txt').split('\n'))
+ items = []
+ for key in sorted(misc_info):
+ if key in misc_info_old:
+ items.append('%s=%s' % (key, misc_info[key]))
+ common.ZipWriteStr(output_zip, "META/misc_info.txt", '\n'.join(items))
def BuildKeyMap(misc_info, key_mapping_options):