commit 601ddeae06d376222ce4dbdeab7192085931147f
author Baligh Uddin <baligh@google.com> Tue Jun 09 15:48:14 2015 -0700
committer Baligh Uddin <baligh@google.com> Tue Jun 09 15:48:14 2015 -0700
tree 18bac3cae8d10282626607e19618411d5b103e90
parent 18985e76617fefab2d9bf480c99994e1e9ba9143

Allow custom boot_signer and verity_signer.

Bug: 21701163
Change-Id: I85e75fd3a166a9f6a7859ebf81dee73322dc2798

tools/releasetools/build_image.py

diff --git a/tools/releasetools/build_image.py b/tools/releasetools/build_image.py
index cbcad6d..6c526c8 100755
--- a/tools/releasetools/build_image.py
+++ b/tools/releasetools/build_image.py
@@ -25,9 +25,12 @@
 import subprocess
 import sys
 import commands
+import common
 import shutil
 import tempfile
 
+OPTIONS = common.OPTIONS
+
 FIXED_SALT = "aee087a5be3b982978c923f566a94613496b417f2af592639bc80d141e34dfe7"
 
 def RunCommand(cmd):
@@ -55,6 +58,7 @@
 def GetVerityMetadataSize(partition_size):
   cmd = "system/extras/verity/build_verity_metadata.py -s %d"
   cmd %= partition_size
+
   status, output = commands.getstatusoutput(cmd)
   if status:
     print output
@@ -162,7 +166,11 @@
   image_size = prop_dict["partition_size"]
   block_dev = prop_dict["verity_block_device"]
   signer_key = prop_dict["verity_key"] + ".pk8"
-  signer_path = prop_dict["verity_signer_cmd"]
+  if OPTIONS.verity_signer_path is not None:
+    signer_path = OPTIONS.verity_signer_path + ' '
+    signer_path += ' '.join(OPTIONS.verity_signer_args)
+  else:
+    signer_path = prop_dict["verity_signer_cmd"]
 
   # make a tempdir
   tempdir_name = tempfile.mkdtemp(suffix="_verity_images")
@@ -240,6 +248,7 @@
   # adjust the partition size to make room for the hashes if this is to be verified
   if verity_supported and is_verity_partition and fs_spans_partition:
     partition_size = int(prop_dict.get("partition_size"))
+
     adjusted_size = AdjustPartitionSizeForVerity(partition_size)
     if not adjusted_size:
       return False

tools/releasetools/common.py

diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py
index c55f94c..4b276c3 100644
--- a/tools/releasetools/common.py
+++ b/tools/releasetools/common.py
@@ -51,6 +51,9 @@
     self.private_key_suffix = ".pk8"
     # use otatools built boot_signer by default
     self.boot_signer_path = "boot_signer"
+    self.boot_signer_args = []
+    self.verity_signer_path = None
+    self.verity_signer_args = []
     self.verbose = False
     self.tempfiles = []
     self.device_specific = None
@@ -362,9 +365,11 @@
   if (info_dict.get("boot_signer", None) == "true" and
       info_dict.get("verity_key", None)):
     path = "/" + os.path.basename(sourcedir).lower()
-    cmd = [OPTIONS.boot_signer_path, path, img.name,
-           info_dict["verity_key"] + ".pk8",
-           info_dict["verity_key"] + ".x509.pem", img.name]
+    cmd = [OPTIONS.boot_signer_path]
+    cmd.extend(OPTIONS.boot_signer_args)
+    cmd.extend([path, img.name,
+                info_dict["verity_key"] + ".pk8",
+                info_dict["verity_key"] + ".x509.pem", img.name])
     p = Run(cmd, stdout=subprocess.PIPE)
     p.communicate()
     assert p.returncode == 0, "boot_signer of %s image failed" % path
@@ -657,7 +662,8 @@
         argv, "hvp:s:x:" + extra_opts,
         ["help", "verbose", "path=", "signapk_path=", "extra_signapk_args=",
          "java_path=", "java_args=", "public_key_suffix=",
-         "private_key_suffix=", "boot_signer_path=", "device_specific=",
+         "private_key_suffix=", "boot_signer_path=", "boot_signer_args=",
+         "verity_signer_path=", "verity_signer_args=", "device_specific=",
          "extra="] +
         list(extra_long_opts))
   except getopt.GetoptError as err:
@@ -687,6 +693,12 @@
       OPTIONS.private_key_suffix = a
     elif o in ("--boot_signer_path",):
       OPTIONS.boot_signer_path = a
+    elif o in ("--boot_signer_args",):
+      OPTIONS.boot_signer_args = shlex.split(a)
+    elif o in ("--verity_signer_path",):
+      OPTIONS.verity_signer_path = a
+    elif o in ("--verity_signer_args",):
+      OPTIONS.verity_signer_args = shlex.split(a)
     elif o in ("-s", "--device_specific"):
       OPTIONS.device_specific = a
     elif o in ("-x", "--extra"):