From ce54189f4551fda90f95d6a015bd0b897c9c73a3 Mon Sep 17 00:00:00 2001 From: Tom Powell Date: Fri, 20 Jan 2017 20:47:49 -0800 Subject: releasetools: support reading release keys out of some sort of command key passphrases may live in some sort of secure storage, support running an arbitrary command to retrieve them. Change-Id: I49862cf60f1b73a2356e0c492e1038beef28a95f --- tools/releasetools/common.py | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py index 32bbc68..ea7312a 100644 --- a/tools/releasetools/common.py +++ b/tools/releasetools/common.py @@ -863,6 +863,7 @@ class PasswordManager(object): def __init__(self): self.editor = os.getenv("EDITOR", None) self.pwfile = os.getenv("ANDROID_PW_FILE", None) + self.secure_storage_cmd = os.getenv("ANDROID_SECURE_STORAGE_CMD", None) def GetPasswords(self, items): """Get passwords corresponding to each string in 'items', @@ -882,9 +883,23 @@ class PasswordManager(object): missing = [] for i in items: if i not in current or not current[i]: - missing.append(i) + #Attempt to load using ANDROID_SECURE_STORAGE_CMD + if self.secure_storage_cmd: + try: + os.environ["TMP__KEY_FILE_NAME"] = str(i) + ps = subprocess.Popen(self.secure_storage_cmd, shell=True, stdout=subprocess.PIPE) + output = ps.communicate()[0] + if ps.returncode == 0: + current[i] = output + except Exception as e: + print(e) + pass + if i not in current or not current[i]: + missing.append(i) # Are all the passwords already in the file? if not missing: + if "ANDROID_SECURE_STORAGE_CMD" in os.environ: + del os.environ["ANDROID_SECURE_STORAGE_CMD"] return current for i in missing: -- cgit v1.1