diff options
author | Tao Bao <tbao@google.com> | 2016-07-06 15:28:59 -0700 |
---|---|---|
committer | Tao Bao <tbao@google.com> | 2016-07-08 12:52:45 -0700 |
commit | 13b6962e8d8b89a3d8679c70a391a83d2368eb42 (patch) | |
tree | e9c5ecd458dd8ddc0d3c1e5fcb6d42c9baa6dbb3 | |
parent | c78147c650bf34b275ebd03eadc538760b90603f (diff) | |
download | build-13b6962e8d8b89a3d8679c70a391a83d2368eb42.tar.gz |
releasetools: Fix the payload public key replacement.
update_engine expects the extracted public key instead of the
certificate.
Bug: 28701652
Change-Id: I292d39da9e039f96d01a4214226aeb46f8cb881d
(cherry picked from commit afaf295cb85eb4091bc8a82950acab618b4139ca)
-rwxr-xr-x | tools/releasetools/sign_target_files_apks.py | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py index 3341f9f5d6..b11225c180 100755 --- a/tools/releasetools/sign_target_files_apks.py +++ b/tools/releasetools/sign_target_files_apks.py @@ -502,10 +502,14 @@ def ReplaceOtaKeys(input_tf_zip, output_tf_zip, misc_info): " as payload verification key.\n\n") print "Using %s for payload verification." % (mapped_keys[0],) - common.ZipWrite( + cmd = common.Run( + ["openssl", "x509", "-pubkey", "-noout", "-in", mapped_keys[0]], + stdout=subprocess.PIPE) + pubkey, _ = cmd.communicate() + common.ZipWriteStr( output_tf_zip, - mapped_keys[0], - arcname="SYSTEM/etc/update_engine/update-payload-key.pub.pem") + "SYSTEM/etc/update_engine/update-payload-key.pub.pem", + pubkey) return new_recovery_keys |