From fbd7c1cdb0b361cf35f7b3323019806e149c6c00 Mon Sep 17 00:00:00 2001 From: "Brint E. Kriebel" Date: Mon, 16 May 2016 18:53:19 -0700 Subject: ereleasetools: Allow for custom boot image signing tools Some boot images will need to be signed using specific tools. Allow passing the path to this tool through an environment variable. Change-Id: I958726fdae8d63fe99d639dfa361046b528a087c Ticket: CYNGNOS-2868 --- tools/releasetools/common.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'tools') diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py index ac4cdf7..6e49629 100644 --- a/tools/releasetools/common.py +++ b/tools/releasetools/common.py @@ -339,6 +339,7 @@ def BuildBootableImage(sourcedir, fs_config_file, info_dict=None): ramdisk_img = tempfile.NamedTemporaryFile() img = tempfile.NamedTemporaryFile() bootimg_key = os.getenv("PRODUCT_PRIVATE_KEY", None) + custom_boot_signer = os.getenv("PRODUCT_BOOT_SIGNER", None) if os.access(fs_config_file, os.F_OK): cmd = ["mkbootfs", "-f", fs_config_file, os.path.join(sourcedir, "RAMDISK")] @@ -427,7 +428,15 @@ def BuildBootableImage(sourcedir, fs_config_file, info_dict=None): assert p.returncode == 0, "mkbootimg of %s image failed" % ( os.path.basename(sourcedir),) - if bootimg_key and os.path.exists(bootimg_key) and kernel_pagesize > 0: + if custom_boot_signer and bootimg_key and os.path.exists(bootimg_key): + print("Signing bootable image with custom boot signer...") + img_secure = tempfile.NamedTemporaryFile() + p = Run([custom_boot_signer, img.name, img_secure.name], stdout=subprocess.PIPE) + p.communicate() + assert p.returncode == 0, "signing of bootable image failed" + shutil.copyfile(img_secure.name, img.name) + img_secure.close() + elif bootimg_key and os.path.exists(bootimg_key) and kernel_pagesize > 0: print("Signing bootable image...") bootimg_key_passwords = {} bootimg_key_passwords.update(PasswordManager().GetPasswords(bootimg_key.split())) -- cgit v1.1