summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xtools/releasetools/sign_target_files_apks.py27
1 files changed, 7 insertions, 20 deletions
diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
index 70f4a04fc3..890cb51c25 100755
--- a/tools/releasetools/sign_target_files_apks.py
+++ b/tools/releasetools/sign_target_files_apks.py
@@ -579,12 +579,7 @@ def ProcessTargetFiles(input_tf_zip, output_tf_zip, misc_info,
# Don't copy OTA certs if we're replacing them.
# Replacement of update-payload-key.pub.pem was removed in b/116660991.
- elif (
- OPTIONS.replace_ota_keys and
- filename in (
- "BOOT/RAMDISK/system/etc/security/otacerts.zip",
- "RECOVERY/RAMDISK/system/etc/security/otacerts.zip",
- "SYSTEM/etc/security/otacerts.zip")):
+ elif OPTIONS.replace_ota_keys and filename.endswith("/otacerts.zip"):
pass
# Skip META/misc_info.txt since we will write back the new values later.
@@ -852,20 +847,12 @@ def ReplaceOtaKeys(input_tf_zip, output_tf_zip, misc_info):
print("META/otakeys.txt has no keys; using %s for OTA package"
" verification." % (mapped_keys[0],))
- # recovery now uses the same x509.pem version of the keys.
- # extra_recovery_keys are used only in recovery.
- if misc_info.get("recovery_as_boot") == "true":
- recovery_keys_location = "BOOT/RAMDISK/system/etc/security/otacerts.zip"
- else:
- recovery_keys_location = "RECOVERY/RAMDISK/system/etc/security/otacerts.zip"
-
- WriteOtacerts(output_tf_zip, recovery_keys_location,
- mapped_keys + extra_recovery_keys)
-
- # SystemUpdateActivity uses the x509.pem version of the keys, but
- # put into a zipfile system/etc/security/otacerts.zip.
- # We DO NOT include the extra_recovery_keys (if any) here.
- WriteOtacerts(output_tf_zip, "SYSTEM/etc/security/otacerts.zip", mapped_keys)
+ otacerts = [info
+ for info in input_tf_zip.infolist()
+ if info.filename.endswith("/otacerts.zip")]
+ for info in otacerts:
+ print("Rewriting OTA key:", info.filename, mapped_keys)
+ WriteOtacerts(output_tf_zip, info.filename, mapped_keys)
def ReplaceVerityPublicKey(output_zip, filename, key_path):
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-07 11:17:50 +0000