| beb6afdee207db58a42b708faed15eda611477eb |
|
13-Nov-2013 |
Baligh Uddin <baligh@google.com> |
Revert the revert. (its time to sign MR1)
Revert "Waiting till post MR0 - this impacts signing tools for MR0."
This reverts commit a7b5c4a7dc77a0896d6314828b9ce85f82d103e8.
Bug: 11334314
Change-Id: I89f8996161e4258b80bf2d0bc7817f0e8e32df13
|
| a7b5c4a7dc77a0896d6314828b9ce85f82d103e8 |
|
23-Oct-2013 |
Baligh Uddin <baligh@google.com> |
Waiting till post MR0 - this impacts signing tools for MR0.
Revert "Modify release tools to replace certs in MMAC files."
This reverts commit a6e0466ab5771ab1b9f806b9411015b5ff9852f6.
Change-Id: Ib7819185bad119013f307ce4301d5f02190e14ed
|
| a6e0466ab5771ab1b9f806b9411015b5ff9852f6 |
|
19-Apr-2013 |
Robert Craig <rpcraig@tycho.ncsc.mil> |
Modify release tools to replace certs in MMAC files.
Added support to perform a string replace of specified
dev keys with release keys when using the release tool
scripts.
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
(cherry picked from commit 817c574d753191c52acd5787da02bb853d4ac090)
Change-Id: I51be8d62945436d3f374f51867295c5b792d4b53
Bug: 11334314
|
| a8608a7f7cee388192780f8988b5dc5966423eef |
|
23-Jul-2013 |
Doug Zongker <dougz@android.com> |
distinguish signed and unsigned user builds in UI
Add "dev-keys" or "test-keys" to the value of ro.build.display.id for
user builds. (This is the property that is displayed under "Build
number" in the Settings UI.) Modify the signing script to remove the
keys tag from this value when signing.
Change-Id: I3d9d92056f8567d7f84b1be047619be7c6e4c419
|
| 37e1052c99c1ba045e8d2197637055ceb4b0c308 |
|
18-Mar-2013 |
T.R. Fullhart <tfullhart@google.com> |
Add support for using custom signapk.jar.
Details:
* New --signapk_path, --extra_signapk_args, --java_path.
* New --public_key_suffix, --private_key_suffix so you can change the filenames.
* Fixes raising exceptions on error.
Change-Id: I0b7014b6d779d52ae896f95dfecb1bcccf536cf4
(cherry picked from commit a28acc6972ce35e9dfab061f175e229859d3e4db)
|
| a28acc6972ce35e9dfab061f175e229859d3e4db |
|
18-Mar-2013 |
T.R. Fullhart <tfullhart@google.com> |
Add support for using custom signapk.jar.
Details:
* New --signapk_path, --extra_signapk_args, --java_path.
* New --public_key_suffix, --private_key_suffix so you can change the filenames.
* Fixes raising exceptions on error.
Change-Id: I0b7014b6d779d52ae896f95dfecb1bcccf536cf4
|
| 8898d77418e0659de8814f4744711d0d6a7fb9fe |
|
05-Oct-2011 |
Doug Zongker <dougz@android.com> |
add missing parameter to ReplaceOtaKeys
Change-Id: Ib596235a8e3b3588d363fea82b92b69895ee5408
|
| b11e2d78ecc3eac29b259bc10a466d65d50ac653 |
|
05-Oct-2011 |
Doug Zongker <dougz@android.com> |
add missing parameter to ReplaceOtaKeys
Change-Id: Ib596235a8e3b3588d363fea82b92b69895ee5408
|
| 8b9a1b135edbf484d7590411e1254f8097cbc1d5 |
|
22-Sep-2011 |
Doug Zongker <dougz@android.com> |
change OTA tools to handle variable dev keys
The signing and OTA-building tools now understand the
default_sys_dev_certificate value which may be present in the
META/misc_info.txt file of the target-files packages.
Change-Id: I64f09ec0b77a5184b6ddb74019255518776ee773
|
| 831840e51b0403671f746ebc32090b7d6e548c08 |
|
22-Sep-2011 |
Doug Zongker <dougz@android.com> |
change OTA tools to handle variable dev keys
The signing and OTA-building tools now understand the
default_sys_dev_certificate value which may be present in the
META/misc_info.txt file of the target-files packages.
Change-Id: I64f09ec0b77a5184b6ddb74019255518776ee773
|
| afb32eaca0b0f424f7d7fc5f5979d1b8acf042e4 |
|
22-Sep-2011 |
Doug Zongker <dougz@android.com> |
change OTA tools to handle variable dev keys
The signing and OTA-building tools now understand the
default_sys_dev_certificate value which may be present in the
META/misc_info.txt file of the target-files packages.
Change-Id: I64f09ec0b77a5184b6ddb74019255518776ee773
|
| e121d6acf47c3056e079ff62c82171e889cec3e0 |
|
01-Feb-2011 |
Doug Zongker <dougz@android.com> |
support TARGET_EXTRA_RECOVERY_KEYS
Specifying one or more key files (without .x509.pem extension) as
TARGET_EXTRA_RECOVERY_KEYS causes them to be included as acceptable
keys for recovery packages. They are *not* included in otacerts.zip,
so actual downloaded over-the-air packages can't use them, but they
can be used to sign sideload-only packages.
Bug: 3413359
Change-Id: I6f248ffa35f0c6b125dd8a7517493017e236c776
|
| 7ba6359d3f09a0b2760265f0b41e8a2208251347 |
|
13-Jan-2010 |
The Android Open Source Project <initial-contribution@android.com> |
android-2.1_r1 snapshot
|
| c09abc8103a4c029cc2c6d59226a2a74be57d082 |
|
11-Jan-2010 |
Doug Zongker <dougz@android.com> |
update ro.build.tags when signing release builds
Apply the same changes to tags to ro.build.tags that we do for the
tags in the fingerprint (ro.build.fingerprint) and the description
(ro.build.description).
Change-Id: Ie5a057d8f04cbc32d849f91e1f9d2ea7832e81f6
http://b/2363735 - release-key user builds ship with property ro.build.tags == test-keys
|
| decf995c5956e6f64f858d1c4e51a3f3b9829a51 |
|
16-Dec-2009 |
Doug Zongker <dougz@android.com> |
map -e with no cert to PRESIGNED
Needed for backwards compatibility with scripts that use -e.
|
| f6a53aa5f24878ad9098409ed3d3f41bb5c63fb5 |
|
16-Dec-2009 |
Doug Zongker <dougz@android.com> |
add "EXTERNAL" as special value of LOCAL_CERTIFICATE
Setting LOCAL_CERTIFICATE to "EXTERNAL" now marks an apk (either a
prebuilt or otherwise) as needing the default test key within the
system, but one that should be signed after the target_files is
produced but before sign_target_files_apks does the rest of the
signing. (We use this to ship apps on the system that are signed by
third parties, like Facebook.)
|
| 714111cbdde0fd5c4f276d4666ddb99cbf0c5008 |
|
14-Dec-2009 |
Doug Zongker <dougz@android.com> |
include pre-signed prebuilt .apks in apkcerts.txt
|
| bbfb96f46472c74e2dbdd190fb67cdda13347eb4 |
|
10-Dec-2009 |
Doug Zongker <dougz@android.com> |
remove shared_uid cert check from sign_targt_file_apks
This check (and others) are now done by the separate script
check_target_files_signatures; the one here is redundant.
|
| d97eba9f3938661bdf1f86a3a9d1289854883110 |
|
04-Dec-2009 |
Doug Zongker <dougz@android.com> |
don't add "ota-rel-keys" tag to build fingerprints
This tag is obsolete; we no longer need to distinguish the OTA keys
from the app keys.
This change does not affect device code.
|
| e6b4e5b20ac8a3b01f1a99dd877a98c92036ce5e |
|
13-Nov-2009 |
Jean-Baptiste Queru <jbq@google.com> |
eclair snapshot
|
| 5f5f08dd226a153ff4c73c0b1918bd5cc1afcffb |
|
23-Oct-2009 |
Doug Zongker <dougz@android.com> |
stop adding ota-rel-keys tag when signing
ota-rel-keys is now redundant with release-keys, since there are no
"half-signed" builds any more.
|
| e05628cc8df4ec4b69befa9652d81eb81f0ab008 |
|
21-Aug-2009 |
Doug Zongker <dougz@android.com> |
fix signing user builds
When unzipping a target-files which has been signed with OTA key
replacement, you'll get "overwrite this file?" prompts because the key
files appear in the zip files twice. Suppress these prompts.
Many developer phone products don't define PRODUCT_OTA_PUBLIC_KEYS, so
add a default key.
This change doesn't affect device code.
|
| 05d3dea519688b61d86e30c2d4b99ff494aeca73 |
|
22-Jun-2009 |
Doug Zongker <dougz@android.com> |
support hooks for device-specific code in OTA package generation
Replace the installation of the "radio image", which is an
HTC-specific notion, with calls to device-specific python modules that
can add whatever additional OTA script commands are necessary. Add
the -s flag to specify the location of the device-specific script
(replacing the unused -s flag in sign_target_files_apks).
|
| 602a84e0bbf1807a9403cfa50184241f6fc035c4 |
|
18-Jun-2009 |
Doug Zongker <dougz@android.com> |
fix releasetools for non-linux architectures
The ota and img building scripts contained some hardcoded 'linux-x86'
paths. Remove and replace with a slightly redefined -p option.
Modify Makefile to pass correct -p when building.
|
| 048e7ca15f6391681490ce564bc71194adf146aa |
|
15-Jun-2009 |
Doug Zongker <dougz@android.com> |
fix archive files being created with perms 000
In python 2.5 and earlier, ZipFile.writestr(filename, data) results in
the file being added to the archive with permissions 000. (See
http://svn.python.org/view?view=rev&revision=65235.) Work around this
by creating a ZipInfo object and setting the permissions explicitly.
|
| 8ce7c25e905bc14382359e1cd45d41832bcc7ffa |
|
22-May-2009 |
Doug Zongker <dougz@android.com> |
improve password entry for signing keys
Allow the user to set ANDROID_PW_FILE to the name of a file for
storing password keys. When the tools need additional passwords, they
will rewrite this file and invoke the user's editor for the new
passwords to be added. This allows passwords to be reused across
invocations of the signing tools, without making the user reenter them
every time.
Paranoid users can use a file stored in a ramdisk, or not use this
feature at all (the code will prompt for passwords in the ordinary way
when ANDROID_PW_FILE is not set).
|
| eb338efd2eae20962c7ca75baf161be540b3d664 |
|
21-May-2009 |
Doug Zongker <dougz@android.com> |
make sure package keys are consistent with shared users
All APKs that want to share a given user id must be signed with the
same key. Look inside each APK for what (if any) shared user id it
requests, and error out if any with the same shared user are being
signed with different keys.
|
| ae877013ab8d87b9f0da111adcb7621f477451c6 |
|
21-Apr-2009 |
Doug Zongker <dougz@android.com> |
generalize -t option to add and remove tags in fingerprints
To support devphone and holiday builds we need more control over the
build fingerprint tags; generalize the -t option so we can arbitrarily
add and remove tags.
|
| 1928af7eb684836932e42842b7f40529858d54c8 |
|
19-Apr-2009 |
Doug Zongker <> |
AI 146544: am: CL 146194 am: CL 146193 Fix signing script so keys specified in -e options get passed
through the key map. Clarify the help for the -e option to
make clear this should happen.
(This change doesn't affect device code.)
Original author: dougz
Merged from: //branches/cupcake/...
Original author: android-build
Automated import of CL 146544
|
| 17aa944001e7ae2425beec75d3ebc280413631ee |
|
17-Apr-2009 |
Doug Zongker <dougz@android.com> |
add option to modify build fingerprint tags when signing
Adds the -t option to sign_target_files_apks, which lets the user
specify extra tags that should be added to the build fingerprint
during the signing process.
|
| 43874f8c864972b9dae7e4927aa347455b774c94 |
|
14-Apr-2009 |
Doug Zongker <dougz@android.com> |
make unsigned apks explicit
Allow user to explicitly specify that an apk is not to be
re-signed. Fail if we have any apks that for which no key is provided.
|
| ad88c7ce4f3a65827d4cd5b5ed01324b3b368dd9 |
|
14-Apr-2009 |
Doug Zongker <> |
AI 146194: am: CL 146193 Fix signing script so keys specified in -e options get passed
through the key map. Clarify the help for the -e option to
make clear this should happen.
(This change doesn't affect device code.)
Original author: dougz
Merged from: //branches/cupcake/...
Automated import of CL 146194
|
| 8c61c301b278974dc3e5569e94b9924acbf388c7 |
|
14-Apr-2009 |
Doug Zongker <> |
AI 146193: Fix signing script so keys specified in -e options get passed
through the key map. Clarify the help for the -e option to
make clear this should happen.
(This change doesn't affect device code.)
Automated import of CL 146193
|
| 8e931bf999693cac54c99deb1ef668d0e6164ecf |
|
07-Apr-2009 |
Doug Zongker <dougz@android.com> |
update the cert used for OTA verification when signing
The build system now (in donut) produces builds that use the testkey
cert for OTA package verification. Change the app-signing script to
also optionally substitute the "real" cert in both the recovery and
system images. Also fix bug where the build fingerprint and
description were not getting properly updated in the recovery
partition.
|
| dbfb20ccd895d6ed84b95670fe2b9a0a34b17b7c |
|
03-Apr-2009 |
Doug Zongker <> |
AI 144399: am: CL 144270 am: CL 144269 Relocate the new (google-indepedent) tools for signing and
building images & OTA packages out of vendor/google.
No device code is touched by this change.
Original author: dougz
Merged from: //branches/cupcake/...
Original author: android-build
Automated import of CL 144399
|
| eef3944eb3673329b5e89cf188ac592805a0b08d |
|
02-Apr-2009 |
Doug Zongker <> |
AI 144270: am: CL 144269 Relocate the new (google-indepedent) tools for signing and
building images & OTA packages out of vendor/google.
No device code is touched by this change.
Original author: dougz
Merged from: //branches/cupcake/...
Automated import of CL 144270
|
| ad44c07ac7c505a7b6b5ef14c7234c58e3b919d0 |
|
02-Apr-2009 |
Doug Zongker <> |
AI 144269: Relocate the new (google-indepedent) tools for signing and
building images & OTA packages out of vendor/google.
No device code is touched by this change.
BUG=1753409
Automated import of CL 144269
|