1 files changed, 20 insertions, 3 deletions

diff --git a/tools/releasetools/build_image.py b/tools/releasetools/build_image.py
index efaf7eb..d712083 100755
--- a/tools/releasetools/build_image.py
+++ b/tools/releasetools/build_image.py
@@ -106,15 +106,32 @@ def BuildVerityTree(sparse_image_path, verity_image_path, prop_dict):
 
 def BuildVerityMetadata(image_size, verity_metadata_path, root_hash, salt,
                         block_device, signer_path, key):
+  verity_key = os.getenv("PRODUCT_VERITY_KEY", None)
+  verity_key_password = None
+
+  if verity_key and os.path.exists(verity_key+".pk8"):
+    verity_key_passwords = {}
+    verity_key_passwords.update(common.PasswordManager().GetPasswords(verity_key.split()))
+    verity_key_password = verity_key_passwords[verity_key]
+
   cmd_template = (
       "system/extras/verity/build_verity_metadata.py %s %s %s %s %s %s %s")
   cmd = cmd_template % (image_size, verity_metadata_path, root_hash, salt,
                         block_device, signer_path, key)
   print(cmd)
-  status, output = getstatusoutput(cmd)
-  if status:
-    print("Could not build verity metadata! Error: %s" % output)
+  runcmd = ["system/extras/verity/build_verity_metadata.py", image_size, verity_metadata_path, root_hash, salt, block_device, signer_path, key];
+  if verity_key_password is not None:
+    sp = subprocess.Popen(runcmd, stdin=subprocess.PIPE)
+    sp.communicate(verity_key_password)
+  else:
+    sp = subprocess.Popen(runcmd)
+
+  sp.wait()
+
+  if sp.returncode != 0:
+    print("Could not build verity metadata!")
     return False
+
   return True
 
 def Append2Simg(sparse_image_path, unsparse_image_path, error_message):