From 4c66ff45e65ba83c734396f472d32da7b1d41d1b Mon Sep 17 00:00:00 2001
From: Ricardo Cerqueira <cyanogenmod@cerqueira.org>
Date: Mon, 1 Jul 2013 23:35:26 +0100
Subject: Sign final packages with a different key if requested

...and throw it into recovery builds as well

Change-Id: Ic96d4d49d821cb03d5318e3e9ad93d02fb92573e
---
 core/Makefile | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/core/Makefile b/core/Makefile
index 44338de..78bc02e 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -313,6 +313,9 @@ endif
 # exist with the suffixes ".x509.pem" and ".pk8".
 DEFAULT_KEY_CERT_PAIR := $(DEFAULT_SYSTEM_DEV_CERTIFICATE)
 
+ifneq ($(OTA_PACKAGE_SIGNING_KEY),)
+    DEFAULT_KEY_CERT_PAIR := $(OTA_PACKAGE_SIGNING_KEY)
+endif
 
 # Rules that need to be present for the all targets, even
 # if they don't do anything.
@@ -687,6 +690,11 @@ INTERNAL_RECOVERY_FILES := $(filter $(TARGET_RECOVERY_OUT)/%, \
 # substitute other keys for this one.
 OTA_PUBLIC_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
 
+ifneq ($(OTA_PACKAGE_SIGNING_KEY),)
+    OTA_PUBLIC_KEYS := $(OTA_PACKAGE_SIGNING_KEY).x509.pem
+    PRODUCT_EXTRA_RECOVERY_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE)
+endif
+
 # Generate a file containing the keys that will be read by the
 # recovery binary.
 RECOVERY_INSTALL_OTA_KEYS := \
-- 
cgit v1.1