aboutsummaryrefslogtreecommitdiff
path: root/tools/releasetools/test_sign_target_files_apks.py
diff options
context:
space:
mode:
Diffstat (limited to 'tools/releasetools/test_sign_target_files_apks.py')
-rw-r--r--tools/releasetools/test_sign_target_files_apks.py99
1 files changed, 74 insertions, 25 deletions
diff --git a/tools/releasetools/test_sign_target_files_apks.py b/tools/releasetools/test_sign_target_files_apks.py
index 308172f356..ad9e657554 100644
--- a/tools/releasetools/test_sign_target_files_apks.py
+++ b/tools/releasetools/test_sign_target_files_apks.py
@@ -23,8 +23,8 @@ import common
import test_utils
from sign_target_files_apks import (
CheckApkAndApexKeysAvailable, EditTags, GetApkFileInfo, ReadApexKeysInfo,
- ReplaceCerts, ReplaceVerityKeyId, RewriteAvbProps, RewriteProps,
- WriteOtacerts)
+ ReplaceCerts, ReplaceGkiSigningKey, ReplaceVerityKeyId, RewriteAvbProps,
+ RewriteProps, WriteOtacerts)
class SignTargetFilesApksTest(test_utils.ReleaseToolsTestCase):
@@ -164,15 +164,15 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
"veritykeyid=id:d24f2590e9abab5cff5f59da4c4f0366e3f43e94\n")
input_file = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(input_file, 'w') as input_zip:
+ with zipfile.ZipFile(input_file, 'w', allowZip64=True) as input_zip:
input_zip.writestr('BOOT/cmdline', BOOT_CMDLINE1)
# Test with the first certificate.
cert_file = os.path.join(self.testdata_dir, 'verity.x509.pem')
output_file = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(input_file, 'r') as input_zip, \
- zipfile.ZipFile(output_file, 'w') as output_zip:
+ with zipfile.ZipFile(input_file, 'r', allowZip64=True) as input_zip, \
+ zipfile.ZipFile(output_file, 'w', allowZip64=True) as output_zip:
ReplaceVerityKeyId(input_zip, output_zip, cert_file)
with zipfile.ZipFile(output_file) as output_zip:
@@ -181,8 +181,8 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
# Test with the second certificate.
cert_file = os.path.join(self.testdata_dir, 'testkey.x509.pem')
- with zipfile.ZipFile(input_file, 'r') as input_zip, \
- zipfile.ZipFile(output_file, 'w') as output_zip:
+ with zipfile.ZipFile(input_file, 'r', allowZip64=True) as input_zip, \
+ zipfile.ZipFile(output_file, 'w', allowZip64=True) as output_zip:
ReplaceVerityKeyId(input_zip, output_zip, cert_file)
with zipfile.ZipFile(output_file) as output_zip:
@@ -195,12 +195,12 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
"loop.max_part=7\n")
input_file = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(input_file, 'w') as input_zip:
+ with zipfile.ZipFile(input_file, 'w', allowZip64=True) as input_zip:
input_zip.writestr('BOOT/cmdline', BOOT_CMDLINE)
output_file = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(input_file, 'r') as input_zip, \
- zipfile.ZipFile(output_file, 'w') as output_zip:
+ with zipfile.ZipFile(input_file, 'r', allowZip64=True) as input_zip, \
+ zipfile.ZipFile(output_file, 'w', allowZip64=True) as output_zip:
ReplaceVerityKeyId(input_zip, output_zip, None)
with zipfile.ZipFile(output_file) as output_zip:
@@ -284,7 +284,7 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
]
entry_name = 'SYSTEM/etc/security/otacerts.zip'
output_file = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(output_file, 'w') as output_zip:
+ with zipfile.ZipFile(output_file, 'w', allowZip64=True) as output_zip:
WriteOtacerts(output_zip, entry_name, certs)
with zipfile.ZipFile(output_file) as input_zip:
self.assertIn(entry_name, input_zip.namelist())
@@ -294,7 +294,7 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
def test_CheckApkAndApexKeysAvailable(self):
input_file = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(input_file, 'w') as input_zip:
+ with zipfile.ZipFile(input_file, 'w', allowZip64=True) as input_zip:
input_zip.writestr('SYSTEM/app/App1.apk', "App1-content")
input_zip.writestr('SYSTEM/app/App2.apk.gz', "App2-content")
@@ -318,7 +318,7 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
def test_CheckApkAndApexKeysAvailable_invalidApexKeys(self):
input_file = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(input_file, 'w') as input_zip:
+ with zipfile.ZipFile(input_file, 'w', allowZip64=True) as input_zip:
input_zip.writestr('SYSTEM/apex/Apex1.apex', "Apex1-content")
input_zip.writestr('SYSTEM/apex/Apex2.apex', "Apex2-content")
@@ -466,10 +466,10 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
def test_ReadApexKeysInfo(self):
target_files = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(target_files, 'w') as target_files_zip:
+ with zipfile.ZipFile(target_files, 'w', allowZip64=True) as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', self.APEX_KEYS_TXT)
- with zipfile.ZipFile(target_files) as target_files_zip:
+ with zipfile.ZipFile(target_files, allowZip64=True) as target_files_zip:
keys_info = ReadApexKeysInfo(target_files_zip)
self.assertEqual({
@@ -491,10 +491,10 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
'container_private_key="build/make/target/product/security/testkey2.pk8" '
'partition="system"')
target_files = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(target_files, 'w') as target_files_zip:
+ with zipfile.ZipFile(target_files, 'w', allowZip64=True) as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', apex_keys)
- with zipfile.ZipFile(target_files) as target_files_zip:
+ with zipfile.ZipFile(target_files, allowZip64=True) as target_files_zip:
self.assertRaises(ValueError, ReadApexKeysInfo, target_files_zip)
def test_ReadApexKeysInfo_missingPayloadPrivateKey(self):
@@ -505,10 +505,10 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
'container_certificate="build/make/target/product/security/testkey.x509.pem" '
'container_private_key="build/make/target/product/security/testkey.pk8"')
target_files = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(target_files, 'w') as target_files_zip:
+ with zipfile.ZipFile(target_files, 'w', allowZip64=True) as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', apex_keys)
- with zipfile.ZipFile(target_files) as target_files_zip:
+ with zipfile.ZipFile(target_files, allowZip64=True) as target_files_zip:
keys_info = ReadApexKeysInfo(target_files_zip)
self.assertEqual({
@@ -528,10 +528,10 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
'container_certificate="build/make/target/product/security/testkey.x509.pem" '
'container_private_key="build/make/target/product/security/testkey.pk8"')
target_files = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(target_files, 'w') as target_files_zip:
+ with zipfile.ZipFile(target_files, 'w', allowZip64=True) as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', apex_keys)
- with zipfile.ZipFile(target_files) as target_files_zip:
+ with zipfile.ZipFile(target_files, allowZip64=True) as target_files_zip:
keys_info = ReadApexKeysInfo(target_files_zip)
self.assertEqual({
@@ -551,10 +551,10 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
'container_certificate="PRESIGNED" '
'container_private_key="PRESIGNED"')
target_files = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(target_files, 'w') as target_files_zip:
+ with zipfile.ZipFile(target_files, 'w', allowZip64=True) as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', apex_keys)
- with zipfile.ZipFile(target_files) as target_files_zip:
+ with zipfile.ZipFile(target_files, allowZip64=True) as target_files_zip:
keys_info = ReadApexKeysInfo(target_files_zip)
self.assertEqual({
@@ -574,10 +574,10 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
'container_certificate="PRESIGNED" '
'container_private_key="PRESIGNED"')
target_files = common.MakeTempFile(suffix='.zip')
- with zipfile.ZipFile(target_files, 'w') as target_files_zip:
+ with zipfile.ZipFile(target_files, 'w', allowZip64=True) as target_files_zip:
target_files_zip.writestr('META/apexkeys.txt', apex_keys)
- with zipfile.ZipFile(target_files) as target_files_zip:
+ with zipfile.ZipFile(target_files, allowZip64=True) as target_files_zip:
keys_info = ReadApexKeysInfo(target_files_zip)
self.assertEqual({
@@ -588,3 +588,52 @@ name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_te
'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
'build/make/target/product/security/testkey'),
}, keys_info)
+
+ def test_ReplaceGkiSigningKey(self):
+ common.OPTIONS.gki_signing_key = 'release_gki_key'
+ common.OPTIONS.gki_signing_algorithm = 'release_gki_algorithm'
+ common.OPTIONS.gki_signing_extra_args = 'release_gki_signature_extra_args'
+
+ misc_info = {
+ 'gki_signing_key_path': 'default_gki_key',
+ 'gki_signing_algorithm': 'default_gki_algorithm',
+ 'gki_signing_signature_args': 'default_gki_signature_args',
+ }
+ expected_dict = {
+ 'gki_signing_key_path': 'release_gki_key',
+ 'gki_signing_algorithm': 'release_gki_algorithm',
+ 'gki_signing_signature_args': 'release_gki_signature_extra_args',
+ }
+ ReplaceGkiSigningKey(misc_info)
+ self.assertDictEqual(expected_dict, misc_info)
+
+ def test_ReplaceGkiSigningKey_MissingSigningAlgorithm(self):
+ common.OPTIONS.gki_signing_key = 'release_gki_key'
+ common.OPTIONS.gki_signing_algorithm = None
+ common.OPTIONS.gki_signing_extra_args = 'release_gki_signature_extra_args'
+
+ misc_info = {
+ 'gki_signing_key_path': 'default_gki_key',
+ 'gki_signing_algorithm': 'default_gki_algorithm',
+ 'gki_signing_signature_args': 'default_gki_signature_args',
+ }
+ self.assertRaises(ValueError, ReplaceGkiSigningKey, misc_info)
+
+ def test_ReplaceGkiSigningKey_MissingSigningKeyNop(self):
+ common.OPTIONS.gki_signing_key = None
+ common.OPTIONS.gki_signing_algorithm = 'release_gki_algorithm'
+ common.OPTIONS.gki_signing_extra_args = 'release_gki_signature_extra_args'
+
+ # No change to misc_info if common.OPTIONS.gki_signing_key is missing.
+ misc_info = {
+ 'gki_signing_key_path': 'default_gki_key',
+ 'gki_signing_algorithm': 'default_gki_algorithm',
+ 'gki_signing_signature_args': 'default_gki_signature_args',
+ }
+ expected_dict = {
+ 'gki_signing_key_path': 'default_gki_key',
+ 'gki_signing_algorithm': 'default_gki_algorithm',
+ 'gki_signing_signature_args': 'default_gki_signature_args',
+ }
+ ReplaceGkiSigningKey(misc_info)
+ self.assertDictEqual(expected_dict, misc_info)
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-04 18:44:29 +0000