releasetools: Fix the payload public key replacement.

update_engine expects the extracted public key instead of the certificate. Bug: 28701652 Change-Id: I292d39da9e039f96d01a4214226aeb46f8cb881d (cherry picked from commit afaf295cb85eb4091bc8a82950acab618b4139ca)
author: Tao Bao <tbao@google.com> 2016-07-06 15:28:59 -0700
committer: Tao Bao <tbao@google.com> 2016-07-08 12:52:45 -0700
commit: 13b6962e8d8b89a3d8679c70a391a83d2368eb42 (patch)
tree: e9c5ecd458dd8ddc0d3c1e5fcb6d42c9baa6dbb3
parent: c78147c650bf34b275ebd03eadc538760b90603f (diff)
download: build-13b6962e8d8b89a3d8679c70a391a83d2368eb42.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
index 3341f9f5d6..b11225c180 100755
--- a/tools/releasetools/sign_target_files_apks.py
+++ b/tools/releasetools/sign_target_files_apks.py
@@ -502,10 +502,14 @@ def ReplaceOtaKeys(input_tf_zip, output_tf_zip, misc_info):
             " as payload verification key.\n\n")
 
     print "Using %s for payload verification." % (mapped_keys[0],)
-    common.ZipWrite(
+    cmd = common.Run(
+        ["openssl", "x509", "-pubkey", "-noout", "-in", mapped_keys[0]],
+        stdout=subprocess.PIPE)
+    pubkey, _ = cmd.communicate()
+    common.ZipWriteStr(
         output_tf_zip,
-        mapped_keys[0],
-        arcname="SYSTEM/etc/update_engine/update-payload-key.pub.pem")
+        "SYSTEM/etc/update_engine/update-payload-key.pub.pem",
+        pubkey)
 
   return new_recovery_keys
author	Tao Bao <tbao@google.com>	2016-07-06 15:28:59 -0700
committer	Tao Bao <tbao@google.com>	2016-07-08 12:52:45 -0700
commit	13b6962e8d8b89a3d8679c70a391a83d2368eb42 (patch)
tree	e9c5ecd458dd8ddc0d3c1e5fcb6d42c9baa6dbb3
parent	c78147c650bf34b275ebd03eadc538760b90603f (diff)
download	build-13b6962e8d8b89a3d8679c70a391a83d2368eb42.tar.gz