Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_build / 04e1f012ddcdb24b107c6955eac5d4218a54e78f
commit04e1f012ddcdb24b107c6955eac5d4218a54e78f[log] [tgz]
authorTao Bao <tbao@google.com>Sun Feb 04 12:13:35 2018 -0800
committerTao Bao <tbao@google.com>Sun Feb 04 13:59:52 2018 -0800
treea7b0b6943652ed721b71bac2411be773f458e98d
parent8a6ab0f2407152edc730d024fd185460c0f43453 [diff]
releasetools: Fix an issue with pubkey extraction.

When calling 'openssl x509 -pubkey' to extract the public key from a
certificate, openssl 1.0 and 1.1 handle the '-out' parameter
differently. openssl 1.0 doesn't write the output into the specified
filename, which leads to the payload verification failure in
check_ota_package_signature.VerifyAbOtaPayload(). This CL addresses
the issue by always collecting the output from stdout instead.

It also refactors the two copies into common.ExtractPublicKey(), and
adds unittest. get_testdata_dir() is moved into test_utils.py that holds
common utils for running the unittests.

Bug: 72884343
Test: python -m unittest test_common
Test: python -m unittest test_ota_from_target_files
Test: Run sign_target_files_apks with '--replace_ota_keys' on marlin
      target_files zip. Check the payload pubkey replacement.
Test: Trigger the tests with forrest, and tests no longer fail on
      machines with openssl 1.0.1.
Change-Id: Ib0389b360f064053e9aa7cc0546d718e7b23003b
7 files changed
tree: a7b0b6943652ed721b71bac2411be773f458e98d
  1. core/
  2. target/
  3. tests/
  4. tools/
  5. .gitignore
  6. Android.mk
  7. buildspec.mk.default
  8. Changes.md
  9. CleanSpec.mk
  10. envsetup.sh
  11. help.sh
  12. navbar.md
  13. OWNERS
  14. README.md
  15. tapasHelp.sh
  16. Usage.txt
README.md

Android Make Build System

This is the Makefile-based portion of the Android Build System.

For documentation on how to run a build, see Usage.txt

For a list of behavioral changes useful for Android.mk writers see Changes.md

For an outdated reference on Android.mk files, see build-system.html. Our Android.mk files look similar, but are entirely different from the Android.mk files used by the NDK build system. When searching for documentation elsewhere, ensure that it is for the platform build system -- most are not.

This Makefile-based system is in the process of being replaced with Soong, a new build system written in Go. During the transition, all of these makefiles are read by Kati, and generate a ninja file instead of being executed directly. That's combined with a ninja file read by Soong so that the build graph of the two systems can be combined and run as one.