am 12741f5: AI 147874: Fix format and link errors in docs.
Merge commit '12741f56acf0a8a4feccea537d066ae6882499ce' into donut
* commit '12741f56acf0a8a4feccea537d066ae6882499ce':
AI 147874: Fix format and link errors in docs.
diff --git a/cleanspec.mk b/cleanspec.mk
index 22d9fe1..a3d84fa 100644
--- a/cleanspec.mk
+++ b/cleanspec.mk
@@ -75,6 +75,7 @@
$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/APPS/PinyinIMEGoogleService_intermediates)
$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/JAVA_LIBRARIES/com.android.inputmethod.pinyin.lib_intermediates)
$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/APPS/PinyinIMEGoogleService_intermediates)
+$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/JAVA_LIBRARIES/framework_intermediates/src/telephony)
# ************************************************
# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST
diff --git a/core/Makefile b/core/Makefile
index 58a9695..d4f9e18 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -62,9 +62,6 @@
# Apps are always signed with test keys, and may be re-signed in a post-build
# step. If that happens, the "test-keys" tag will be removed by that step.
BUILD_VERSION_TAGS += test-keys
-ifndef INCLUDE_TEST_OTA_KEYS
- BUILD_VERSION_TAGS += ota-rel-keys
-endif
BUILD_VERSION_TAGS := $(subst $(space),$(comma),$(sort $(BUILD_VERSION_TAGS)))
# A human-readable string that descibes this build in detail.
@@ -645,13 +642,31 @@
INTERNAL_RECOVERYIMAGE_ARGS += --cmdline "$(BOARD_KERNEL_CMDLINE)"
endif
+# Keys authorized to sign OTA packages this build will accept. The
+# build always uses test-keys for this; release packaging tools will
+# substitute other keys for this one.
+OTA_PUBLIC_KEYS := $(SRC_TARGET_DIR)/product/security/testkey.x509.pem
+
+# Generate a file containing the keys that will be read by the
+# recovery binary.
+RECOVERY_INSTALL_OTA_KEYS := \
+ $(call intermediates-dir-for,PACKAGING,ota_keys)/keys
+DUMPKEY_JAR := $(HOST_OUT_JAVA_LIBRARIES)/dumpkey.jar
+$(RECOVERY_INSTALL_OTA_KEYS): PRIVATE_OTA_PUBLIC_KEYS := $(OTA_PUBLIC_KEYS)
+$(RECOVERY_INSTALL_OTA_KEYS): $(OTA_PUBLIC_KEYS) $(DUMPKEY_JAR)
+ @echo "DumpPublicKey: $@ <= $(PRIVATE_OTA_PUBLIC_KEYS)"
+ @rm -rf $@
+ @mkdir -p $(dir $@)
+ java -jar $(DUMPKEY_JAR) $(PRIVATE_OTA_PUBLIC_KEYS) > $@
+
$(INSTALLED_RECOVERYIMAGE_TARGET): $(MKBOOTFS) $(MKBOOTIMG) \
$(INSTALLED_RAMDISK_TARGET) \
$(INSTALLED_BOOTIMAGE_TARGET) \
$(recovery_binary) \
$(recovery_initrc) $(recovery_kernel) \
$(INSTALLED_2NDBOOTLOADER_TARGET) \
- $(recovery_build_prop) $(recovery_resource_deps)
+ $(recovery_build_prop) $(recovery_resource_deps) \
+ $(RECOVERY_INSTALL_OTA_KEYS)
@echo ----- Making recovery image ------
rm -rf $(TARGET_RECOVERY_OUT)
mkdir -p $(TARGET_RECOVERY_OUT)
@@ -666,6 +681,7 @@
cp -rf $(recovery_resources_common) $(TARGET_RECOVERY_ROOT_OUT)/
$(foreach item,$(recovery_resources_private), \
cp -rf $(item) $(TARGET_RECOVERY_ROOT_OUT)/)
+ cp $(RECOVERY_INSTALL_OTA_KEYS) $(TARGET_RECOVERY_ROOT_OUT)/res/keys
cat $(INSTALLED_DEFAULT_PROP_TARGET) $(recovery_build_prop) \
> $(TARGET_RECOVERY_ROOT_OUT)/default.prop
$(MKBOOTFS) $(TARGET_RECOVERY_ROOT_OUT) | gzip > $(recovery_ramdisk)
@@ -765,15 +781,10 @@
.PHONY: otapackage
otapackage: $(INTERNAL_OTA_PACKAGE_TARGET)
-# Keys authorized to sign OTA packages this build will accept.
-ifeq ($(INCLUDE_TEST_OTA_KEYS),true)
- OTA_PUBLIC_KEYS := \
- $(sort $(SRC_TARGET_DIR)/product/security/testkey.x509.pem $(OTA_PUBLIC_KEYS))
-endif
-
-ifeq ($(OTA_PUBLIC_KEYS),)
- $(error No OTA_PUBLIC_KEYS defined)
-endif
+# Keys authorized to sign OTA packages this build will accept. The
+# build always uses test-keys for this; release packaging tools will
+# substitute other keys for this one.
+OTA_PUBLIC_KEYS := $(SRC_TARGET_DIR)/product/security/testkey.x509.pem
# Build a keystore with the authorized keys in it.
# java/android/android/server/checkin/UpdateVerifier.java uses this.
@@ -790,21 +801,6 @@
# -import -file $$f -alias $(notdir $$f) || exit 1; \
# done
-ifdef RECOVERY_INSTALL_OTA_KEYS_INC
-# Generate a C-includable file containing the keys.
-# RECOVERY_INSTALL_OTA_KEYS_INC is defined by recovery/Android.mk.
-# *** THIS IS A TOTAL HACK; EXECUTABLES MUST NOT CHANGE BETWEEN DIFFERENT
-# PRODUCTS/BUILD TYPES. ***
-# TODO: make recovery read the keys from an external file.
-DUMPKEY_JAR := $(HOST_OUT_JAVA_LIBRARIES)/dumpkey.jar
-$(RECOVERY_INSTALL_OTA_KEYS_INC): PRIVATE_OTA_PUBLIC_KEYS := $(OTA_PUBLIC_KEYS)
-$(RECOVERY_INSTALL_OTA_KEYS_INC): $(OTA_PUBLIC_KEYS) $(DUMPKEY_JAR)
- @echo "DumpPublicKey: $@ <= $(PRIVATE_OTA_PUBLIC_KEYS)"
- @rm -rf $@
- @mkdir -p $(dir $@)
- $(hide) java -jar $(DUMPKEY_JAR) $(PRIVATE_OTA_PUBLIC_KEYS) > $@
-endif
-
# -----------------------------------------------------------------
# A zip of the directories that map to the target filesystem.
# This zip can be used to create an OTA package or filesystem image
@@ -833,7 +829,7 @@
endef
built_ota_tools := \
- $(call intermediates-dir-for,EXECUTABLES,applypatch)/applypatch \
+ $(call intermediates-dir-for,EXECUTABLES,applypatch)/applypatch \
$(call intermediates-dir-for,EXECUTABLES,check_prereq)/check_prereq
$(BUILT_TARGET_FILES_PACKAGE): PRIVATE_OTA_TOOLS := $(built_ota_tools)
@@ -903,6 +899,7 @@
@# build them.
$(hide) mkdir -p $(zip_root)/META
$(hide) $(ACP) $(APKCERTS_FILE) $(zip_root)/META/apkcerts.txt
+ $(hide) echo "$(PRODUCT_OTA_PUBLIC_KEYS)" > $(zip_root)/META/otakeys.txt
@# Zip everything up, preserving symlinks
$(hide) (cd $(zip_root) && zip -qry ../$(notdir $@) .)
diff --git a/core/build_id.mk b/core/build_id.mk
index cb18bc4..9163cdf 100644
--- a/core/build_id.mk
+++ b/core/build_id.mk
@@ -23,7 +23,7 @@
# (like "TC1-RC5"). It must be a single word, and is
# capitalized by convention.
#
-BUILD_ID := CUPCAKE
+BUILD_ID := DONUT-BURGER
# DISPLAY_BUILD_NUMBER should only be set for development branches,
# If set, the BUILD_NUMBER (cl) is appended to the BUILD_ID for
diff --git a/core/main.mk b/core/main.mk
index fdf2567..ebd2b9d 100644
--- a/core/main.mk
+++ b/core/main.mk
@@ -301,7 +301,6 @@
dalvik/tools/dmtracedump \
dalvik/tools/hprof-conv \
development/emulator/mksdcard \
- development/tools/activitycreator \
development/tools/line_endings \
development/host \
external/expat \
diff --git a/core/product_config.mk b/core/product_config.mk
index 64488d8..17cb413 100644
--- a/core/product_config.mk
+++ b/core/product_config.mk
@@ -110,11 +110,11 @@
TARGET_BUILD_VARIANT := $(word 2,$(product_goals))
# The build server wants to do make PRODUCT-dream-installclean
- # which really means TARGET_PRODUCT=dream make installclean.
+ # which really means TARGET_PRODUCT=dream make installclean.
ifneq ($(filter-out $(INTERNAL_VALID_VARIANTS),$(TARGET_BUILD_VARIANT)),)
MAKECMDGOALS := $(MAKECMDGOALS) $(TARGET_BUILD_VARIANT)
TARGET_BUILD_VARIANT := eng
- default_goal_substitution :=
+ default_goal_substitution :=
else
default_goal_substitution := $(DEFAULT_GOAL)
endif
@@ -135,7 +135,7 @@
#
# Note that modifying this will not affect the goals that make will
# attempt to build, but it's important because we inspect this value
- # in certain situations (like for "make sdk").
+ # in certain situations (like for "make sdk").
#
MAKECMDGOALS := $(patsubst $(goal_name),$(default_goal_substitution),$(MAKECMDGOALS))
@@ -185,7 +185,10 @@
# in PRODUCT_LOCALES, add them to PRODUCT_LOCALES.
extra_locales := $(filter-out $(PRODUCT_LOCALES),$(CUSTOM_LOCALES))
ifneq (,$(extra_locales))
- $(info Adding CUSTOM_LOCALES [$(extra_locales)] to PRODUCT_LOCALES [$(PRODUCT_LOCALES)])
+ ifneq ($(CALLED_FROM_SETUP),true)
+ # Don't spam stdout, because envsetup.sh may be scraping values from it.
+ $(info Adding CUSTOM_LOCALES [$(extra_locales)] to PRODUCT_LOCALES [$(PRODUCT_LOCALES)])
+ endif
PRODUCT_LOCALES += $(extra_locales)
extra_locales :=
endif
@@ -202,7 +205,7 @@
PRODUCT_MODEL := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_MODEL))
ifndef PRODUCT_MODEL
- PRODUCT_MODEL := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_NAME))
+ PRODUCT_MODEL := $(strip $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_NAME))
endif
PRODUCT_MANUFACTURER := \
@@ -245,23 +248,12 @@
$(ADDITIONAL_BUILD_PROPERTIES) \
$(PRODUCT_PROPERTY_OVERRIDES)
-# Get the list of OTA public keys for the product.
-OTA_PUBLIC_KEYS := \
- $(sort \
- $(OTA_PUBLIC_KEYS) \
- $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_OTA_PUBLIC_KEYS) \
- )
-
-# HACK: Not all products define OTA keys yet, and the -user build
-# will fail if no keys are defined.
-# TODO: Let a product opt out of needing OTA keys, and stop defaulting to
-# the test key as soon as possible.
-ifeq (,$(strip $(OTA_PUBLIC_KEYS)))
- ifeq (,$(CALLED_FROM_SETUP))
- $(warning WARNING: adding test OTA key)
- endif
- OTA_PUBLIC_KEYS := $(SRC_TARGET_DIR)/product/security/testkey.x509.pem
-endif
+# The OTA key(s) specified by the product config, if any. The names
+# of these keys are stored in the target-files zip so that post-build
+# signing tools can substitute them for the test key embedded by
+# default.
+PRODUCT_OTA_PUBLIC_KEYS := $(sort \
+ $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_OTA_PUBLIC_KEYS))
# ---------------------------------------------------------------
# Force the simulator to be the simulator, and make BUILD_TYPE
diff --git a/core/tasks/cts.mk b/core/tasks/cts.mk
index 9444377..f804813 100644
--- a/core/tasks/cts.mk
+++ b/core/tasks/cts.mk
@@ -102,7 +102,7 @@
$(hide) java $(PRIVATE_JAVAOPTS) \
-classpath $(PRIVATE_CLASSPATH) \
$(PRIVATE_PARAMS) CollectAllTests $(1) \
- $(2) $(3) $(4)
+ $(2) $(3)
endef
CORE_INTERMEDIATES :=$(call intermediates-dir-for,JAVA_LIBRARIES,core,,COMMON)
diff --git a/target/product/core.mk b/target/product/core.mk
index d79b1e1..7c1ca00 100644
--- a/target/product/core.mk
+++ b/target/product/core.mk
@@ -12,6 +12,7 @@
Launcher \
HTMLViewer \
Phone \
+ ApplicationsProvider \
ContactsProvider \
DownloadProvider \
GoogleSearch \
diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py
index 705ed84..a512ff8 100644
--- a/tools/releasetools/common.py
+++ b/tools/releasetools/common.py
@@ -28,6 +28,7 @@
class Options(object): pass
OPTIONS = Options()
OPTIONS.signapk_jar = "out/host/linux-x86/framework/signapk.jar"
+OPTIONS.dumpkey_jar = "out/host/linux-x86/framework/dumpkey.jar"
OPTIONS.max_image_size = {}
OPTIONS.verbose = False
OPTIONS.tempfiles = []
@@ -134,6 +135,12 @@
key_passwords = {}
devnull = open("/dev/null", "w+b")
for k in sorted(keylist):
+ # An empty-string key is used to mean don't re-sign this package.
+ # Obviously we don't need a password for this non-key.
+ if not k:
+ key_passwords[k] = None
+ continue
+
p = subprocess.Popen(["openssl", "pkcs8", "-in", k+".pk8",
"-inform", "DER", "-nocrypt"],
stdin=devnull.fileno(),
diff --git a/tools/releasetools/ota_from_target_files b/tools/releasetools/ota_from_target_files
index dbac03d..c1e377a 100755
--- a/tools/releasetools/ota_from_target_files
+++ b/tools/releasetools/ota_from_target_files
@@ -33,6 +33,15 @@
Generate an incremental OTA using the given target-files zip as
the starting build.
+ -w (--wipe_user_data)
+ Generate an OTA package that will wipe the user data partition
+ when installed.
+
+ -n (--no_prereq)
+ Omit the timestamp prereq check normally included at the top of
+ the build scripts (used for developer OTA packages which
+ legitimately need to go back and forth).
+
"""
import sys
@@ -58,6 +67,8 @@
OPTIONS.require_verbatim = set()
OPTIONS.prohibit_verbatim = set(("system/build.prop",))
OPTIONS.patch_threshold = 0.95
+OPTIONS.wipe_user_data = False
+OPTIONS.omit_prereq = False
def MostPopularKey(d, default):
"""Given a dict, return the key corresponding to the largest
@@ -318,9 +329,10 @@
def WriteFullOTAPackage(input_zip, output_zip):
script = []
- ts = GetBuildProp("ro.build.date.utc", input_zip)
- script.append("run_program PACKAGE:check_prereq %s" % (ts,))
- IncludeBinary("check_prereq", input_zip, output_zip)
+ if not OPTIONS.omit_prereq:
+ ts = GetBuildProp("ro.build.date.utc", input_zip)
+ script.append("run_program PACKAGE:check_prereq %s" % (ts,))
+ IncludeBinary("check_prereq", input_zip, output_zip)
AppendAssertions(script, input_zip)
@@ -331,6 +343,9 @@
script.append("write_radio_image PACKAGE:radio.img")
script.append("show_progress 0.5 0")
+ if OPTIONS.wipe_user_data:
+ script.append("format DATA:")
+
script.append("format SYSTEM:")
script.append("copy_dir PACKAGE:system SYSTEM:")
@@ -511,6 +526,9 @@
script.append("\n# ---- start making changes here\n")
+ if OPTIONS.wipe_user_data:
+ script.append("format DATA:")
+
DeleteFiles(script, [SubstituteRoot(i[0]) for i in verbatim_targets])
if updating_boot:
@@ -602,21 +620,25 @@
def option_handler(o, a):
if o in ("-b", "--board_config"):
common.LoadBoardConfig(a)
- return True
elif o in ("-k", "--package_key"):
OPTIONS.package_key = a
- return True
elif o in ("-i", "--incremental_from"):
OPTIONS.incremental_source = a
- return True
+ elif o in ("-w", "--wipe_user_data"):
+ OPTIONS.wipe_user_data = True
+ elif o in ("-n", "--no_prereq"):
+ OPTIONS.omit_prereq = True
else:
return False
+ return True
args = common.ParseOptions(argv, __doc__,
- extra_opts="b:k:i:d:",
+ extra_opts="b:k:i:d:wn",
extra_long_opts=["board_config=",
"package_key=",
- "incremental_from="],
+ "incremental_from=",
+ "wipe_user_data",
+ "no_prereq"],
extra_option_handler=option_handler)
if len(args) != 2:
diff --git a/tools/releasetools/sign_target_files_apks b/tools/releasetools/sign_target_files_apks
index b632924..b3bfaee 100755
--- a/tools/releasetools/sign_target_files_apks
+++ b/tools/releasetools/sign_target_files_apks
@@ -47,6 +47,20 @@
-d and -k options are added to the set of mappings in the order
in which they appear on the command line.
+
+ -o (--replace_ota_keys)
+ Replace the certificate (public key) used by OTA package
+ verification with the one specified in the input target_files
+ zip (in the META/otakeys.txt file). Key remapping (-k and -d)
+ is performed on this key.
+
+ -t (--tag_changes) <+tag>,<-tag>,...
+ Comma-separated list of changes to make to the set of tags (in
+ the last component of the build fingerprint). Prefix each with
+ '+' or '-' to indicate whether that tag should be added or
+ removed. Changes are processed in the order they appear.
+ Default value is "-test-keys,+ota-rel-keys,+release-keys".
+
"""
import sys
@@ -55,6 +69,8 @@
print >> sys.stderr, "Python 2.4 or newer is required."
sys.exit(1)
+import cStringIO
+import copy
import os
import re
import subprocess
@@ -67,7 +83,8 @@
OPTIONS.extra_apks = {}
OPTIONS.key_map = {}
-
+OPTIONS.replace_ota_keys = False
+OPTIONS.tag_changes = ("-test-keys", "+ota-rel-keys", "+release-keys")
def GetApkCerts(tf_zip):
certmap = {}
@@ -103,41 +120,122 @@
def SignApks(input_tf_zip, output_tf_zip):
apk_key_map = GetApkCerts(input_tf_zip)
- key_passwords = common.GetKeyPasswords(set(apk_key_map.values()))
-
maxsize = max([len(os.path.basename(i.filename))
for i in input_tf_zip.infolist()
if i.filename.endswith('.apk')])
+ # Check that all the APKs we want to sign have keys specified, and
+ # error out if they don't. Do this before prompting for key
+ # passwords in case we're going to fail anyway.
+ unknown_apks = []
for info in input_tf_zip.infolist():
- data = input_tf_zip.read(info.filename)
if info.filename.endswith(".apk"):
name = os.path.basename(info.filename)
- key = apk_key_map.get(name, None)
- if key is not None:
- print "signing: %-*s (%s)" % (maxsize, name, key)
+ if name not in apk_key_map:
+ unknown_apks.append(name)
+ if unknown_apks:
+ print "ERROR: no key specified for:\n\n ",
+ print "\n ".join(unknown_apks)
+ print "\nUse '-e <apkname>=' to specify a key (which may be an"
+ print "empty string to not sign this apk)."
+ sys.exit(1)
+
+ key_passwords = common.GetKeyPasswords(set(apk_key_map.values()))
+
+ for info in input_tf_zip.infolist():
+ data = input_tf_zip.read(info.filename)
+ out_info = copy.copy(info)
+ if info.filename.endswith(".apk"):
+ name = os.path.basename(info.filename)
+ key = apk_key_map[name]
+ if key:
+ print " signing: %-*s (%s)" % (maxsize, name, key)
signed_data = SignApk(data, key, key_passwords[key])
- output_tf_zip.writestr(info, signed_data)
+ output_tf_zip.writestr(out_info, signed_data)
else:
# an APK we're not supposed to sign.
- print "skipping: %s" % (name,)
- output_tf_zip.writestr(info, data)
- elif info.filename == "SYSTEM/build.prop":
- # Change build fingerprint to reflect the fact that apps are signed.
- m = re.search(r"ro\.build\.fingerprint=.*\b(test-keys)\b.*", data)
- if not m:
- print 'WARNING: ro.build.fingerprint does not contain "test-keys"'
- else:
- data = data[:m.start(1)] + "release-keys" + data[m.end(1):]
- m = re.search(r"ro\.build\.description=.*\b(test-keys)\b.*", data)
- if not m:
- print 'WARNING: ro.build.description does not contain "test-keys"'
- else:
- data = data[:m.start(1)] + "release-keys" + data[m.end(1):]
- output_tf_zip.writestr(info, data)
+ print "NOT signing: %s" % (name,)
+ output_tf_zip.writestr(out_info, data)
+ elif info.filename in ("SYSTEM/build.prop",
+ "RECOVERY/RAMDISK/default.prop"):
+ print "rewriting %s:" % (info.filename,)
+ new_data = RewriteProps(data)
+ output_tf_zip.writestr(out_info, new_data)
else:
# a non-APK file; copy it verbatim
- output_tf_zip.writestr(info, data)
+ output_tf_zip.writestr(out_info, data)
+
+
+def RewriteProps(data):
+ output = []
+ for line in data.split("\n"):
+ line = line.strip()
+ original_line = line
+ if line and line[0] != '#':
+ key, value = line.split("=", 1)
+ if key == "ro.build.fingerprint":
+ pieces = line.split("/")
+ tags = set(pieces[-1].split(","))
+ for ch in OPTIONS.tag_changes:
+ if ch[0] == "-":
+ tags.discard(ch[1:])
+ elif ch[0] == "+":
+ tags.add(ch[1:])
+ line = "/".join(pieces[:-1] + [",".join(sorted(tags))])
+ elif key == "ro.build.description":
+ pieces = line.split(" ")
+ assert len(pieces) == 5
+ tags = set(pieces[-1].split(","))
+ for ch in OPTIONS.tag_changes:
+ if ch[0] == "-":
+ tags.discard(ch[1:])
+ elif ch[0] == "+":
+ tags.add(ch[1:])
+ line = " ".join(pieces[:-1] + [",".join(sorted(tags))])
+ if line != original_line:
+ print " replace: ", original_line
+ print " with: ", line
+ output.append(line)
+ return "\n".join(output) + "\n"
+
+
+def ReplaceOtaKeys(input_tf_zip, output_tf_zip):
+ try:
+ keylist = input_tf_zip.read("META/otakeys.txt").split()
+ except KeyError:
+ raise ExternalError("can't read META/otakeys.txt from input")
+
+ mapped_keys = []
+ for k in keylist:
+ m = re.match(r"^(.*)\.x509\.pem$", k)
+ if not m:
+ raise ExternalError("can't parse \"%s\" from META/otakeys.txt" % (k,))
+ k = m.group(1)
+ mapped_keys.append(OPTIONS.key_map.get(k, k) + ".x509.pem")
+
+ print "using:\n ", "\n ".join(mapped_keys)
+ print "for OTA package verification"
+
+ # recovery uses a version of the key that has been slightly
+ # predigested (by DumpPublicKey.java) and put in res/keys.
+
+ p = common.Run(["java", "-jar", OPTIONS.dumpkey_jar] + mapped_keys,
+ stdout=subprocess.PIPE)
+ data, _ = p.communicate()
+ if p.returncode != 0:
+ raise ExternalError("failed to run dumpkeys")
+ output_tf_zip.writestr("RECOVERY/RAMDISK/res/keys", data)
+
+ # SystemUpdateActivity uses the x509.pem version of the keys, but
+ # put into a zipfile system/etc/security/otacerts.zip.
+
+ tempfile = cStringIO.StringIO()
+ certs_zip = zipfile.ZipFile(tempfile, "w")
+ for k in mapped_keys:
+ certs_zip.write(k)
+ certs_zip.close()
+ output_tf_zip.writestr("SYSTEM/etc/security/otacerts.zip",
+ tempfile.getvalue())
def main(argv):
@@ -160,16 +258,28 @@
elif o in ("-k", "--key_mapping"):
s, d = a.split("=")
OPTIONS.key_map[s] = d
+ elif o in ("-o", "--replace_ota_keys"):
+ OPTIONS.replace_ota_keys = True
+ elif o in ("-t", "--tag_changes"):
+ new = []
+ for i in a.split(","):
+ i = i.strip()
+ if not i or i[0] not in "-+":
+ raise ValueError("Bad tag change '%s'" % (i,))
+ new.append(i[0] + i[1:].strip())
+ OPTIONS.tag_changes = tuple(new)
else:
return False
return True
args = common.ParseOptions(argv, __doc__,
- extra_opts="s:e:d:k:",
+ extra_opts="s:e:d:k:ot:",
extra_long_opts=["signapk_jar=",
"extra_apks=",
"default_key_mappings=",
- "key_mapping="],
+ "key_mapping=",
+ "replace_ota_keys",
+ "tag_changes="],
extra_option_handler=option_handler)
if len(args) != 2:
@@ -181,6 +291,9 @@
SignApks(input_zip, output_zip)
+ if OPTIONS.replace_ota_keys:
+ ReplaceOtaKeys(input_zip, output_zip)
+
input_zip.close()
output_zip.close()
diff --git a/tools/zipalign/ZipAlign.cpp b/tools/zipalign/ZipAlign.cpp
index 9e3cb66..058f9ed 100644
--- a/tools/zipalign/ZipAlign.cpp
+++ b/tools/zipalign/ZipAlign.cpp
@@ -30,7 +30,8 @@
{
fprintf(stderr, "Zip alignment utility\n");
fprintf(stderr,
- "Usage: zipalign [-f] [-v] <align> infile.zip outfile.zip\n");
+ "Usage: zipalign [-f] [-v] <align> infile.zip outfile.zip\n"
+ " zipalign -c [-v] <align> infile.zip\n" );
}
/*
@@ -152,14 +153,14 @@
pEntry = zipFile.getEntryByIndex(i);
if (pEntry->isCompressed()) {
if (verbose) {
- printf("%8ld %s (OK - compressed)\n",
+ printf("%8ld %s (OK - compressed)\n",
(long) pEntry->getFileOffset(), pEntry->getFileName());
}
} else {
long offset = pEntry->getFileOffset();
if ((offset % alignment) != 0) {
if (verbose) {
- printf("%8ld %s (BAD - %ld)\n",
+ printf("%8ld %s (BAD - %ld)\n",
(long) offset, pEntry->getFileName(),
offset % alignment);
}
@@ -185,6 +186,7 @@
int main(int argc, char* const argv[])
{
bool wantUsage = false;
+ bool check = false;
bool force = false;
bool verbose = false;
int result = 1;
@@ -204,6 +206,9 @@
while (*cp != '\0') {
switch (*cp) {
+ case 'c':
+ check = true;
+ break;
case 'f':
force = true;
break;
@@ -223,7 +228,7 @@
argv++;
}
- if (argc != 3) {
+ if (!((check && argc == 2) || (!check && argc == 3))) {
wantUsage = true;
goto bail;
}
@@ -235,12 +240,17 @@
goto bail;
}
- /* create the new archive */
- result = process(argv[1], argv[2], alignment, force);
+ if (check) {
+ /* check existing archive for correct alignment */
+ result = verify(argv[1], alignment, verbose);
+ } else {
+ /* create the new archive */
+ result = process(argv[1], argv[2], alignment, force);
- /* trust, but verify */
- if (result == 0)
- result = verify(argv[2], alignment, verbose);
+ /* trust, but verify */
+ if (result == 0)
+ result = verify(argv[2], alignment, verbose);
+ }
bail:
if (wantUsage) {
@@ -250,4 +260,3 @@
return result;
}
-