Merge changes If4e90a6e,Ie23639f6,Iccb473a4
* changes:
Use read_u* for AftlIcpEntry parsing
Define and use read_u{8,16,64}
Unpack AftlIcpEntry structure
diff --git a/Android.bp b/Android.bp
index 4a4cfa0..19ea97e 100644
--- a/Android.bp
+++ b/Android.bp
@@ -1,5 +1,5 @@
//
-// Copyright (C) 2017 The Android Open Source Project
+// Copyright (C) 2017-2020 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
@@ -302,7 +302,8 @@
],
data: [
"avbtool",
- "test/avbtool_signing_helper_*.py",
+ "test/avbtool_signing_helper_test.py",
+ "test/avbtool_signing_helper_with_files_test.py",
"test/data/*",
],
test_config: "test/libavb_host_unittest.xml",
diff --git a/README.md b/README.md
index 8ae645e..4c15fb3 100644
--- a/README.md
+++ b/README.md
@@ -209,6 +209,11 @@
Storing signed verification data on other images - for example
`boot.img` and `system.img` - is also done with `avbtool`.
+The minimum requirement for running `avbtool` is to either have
+Python 3.5 installed or build the avbtool with the embedded launcher
+using `m avbtool` and then run it out of the build artifact directory:
+`out/soong/host/linux-x86/bin/avbtool`
+
In addition to `avbtool`, a library - `libavb` - is provided. This
library performs all verification on the device side e.g. it starts by
loading the `vbmeta` partition, checks the signature, and then goes on
diff --git a/avbtool.py b/avbtool.py
index 13bb288..7dfbbc0 100755
--- a/avbtool.py
+++ b/avbtool.py
@@ -3075,7 +3075,7 @@
if include_descriptors_from_image:
descriptors_dict = dict()
for image in include_descriptors_from_image:
- image_handler = ImageHandler(image.name)
+ image_handler = ImageHandler(image.name, read_only=True)
(_, image_vbmeta_header, image_descriptors, _) = self._parse_image(
image_handler)
# Bump the required libavb version to support all included descriptors.
diff --git a/test/avbtool_signing_helper_test.py b/test/avbtool_signing_helper_test.py
index c9bb660..aa03fcc 100755
--- a/test/avbtool_signing_helper_test.py
+++ b/test/avbtool_signing_helper_test.py
@@ -1,7 +1,7 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
#
-# Copyright (C) 2016 The Android Open Source Project
+# Copyright (C) 2016-2020 The Android Open Source Project
#
# Permission is hereby granted, free of charge, to any person
# obtaining a copy of this software and associated documentation
@@ -29,35 +29,38 @@
# to catch mistakes where the standard C library is inadvertently
# used.
-import subprocess
-import sys
import errno
import os
+import subprocess
+import sys
+
def rsa_signer(argv):
if len(argv) != 3:
- sys.stderr.write("Wrong number of arguments: {} <alg> <pub key>\n".format(argv[0]))
+ sys.stderr.write('Wrong number of arguments: {} <alg> <pub key>\n'
+ .format(argv[0]))
return errno.EINVAL
- data = sys.stdin.read()
- if len(data) == 0:
- sys.stderr.write("There is not input data\n")
+ data = sys.stdin.buffer.read()
+ if not data:
+ sys.stderr.write('There is not input data\n')
return errno.EINVAL
if os.environ.get('SIGNING_HELPER_GENERATE_WRONG_SIGNATURE'):
# We're only called with this algorithm which signature size is 256.
assert sys.argv[1] == 'SHA256_RSA2048'
- sys.stdout.write('X'*256)
+ sys.stdout.buffer.write(b'X' * 256)
return 0
- if 'SIGNING_HELPER_TEST' not in os.environ or os.environ['SIGNING_HELPER_TEST'] == "":
- sys.stderr.write("env SIGNING_HELPER_TEST is not set or empty\n")
+ if not os.getenv('SIGNING_HELPER_TEST'):
+ sys.stderr.write('env SIGNING_HELPER_TEST is not set or empty\n')
return errno.EINVAL
test_file_name = os.environ['SIGNING_HELPER_TEST']
if os.path.isfile(test_file_name) and not os.access(test_file_name, os.W_OK):
- sys.stderr.write("no permission to write into {} file\n".format(test_file_name))
- return errno.EACCESS
+ sys.stderr.write('no permission to write into {} file\n'
+ .format(test_file_name))
+ return errno.EACCES
p = subprocess.Popen(
['openssl', 'rsautl', '-sign', '-inkey', argv[2], '-raw'],
@@ -68,10 +71,10 @@
if retcode != 0:
return retcode
- with open(test_file_name, "w") as f:
- f.write("DONE")
+ with open(test_file_name, 'w') as f:
+ f.write('DONE')
return 0
if __name__ == '__main__':
- sys.exit(rsa_signer(sys.argv))
+ sys.exit(rsa_signer(sys.argv))
diff --git a/test/avbtool_signing_helper_with_files_test.py b/test/avbtool_signing_helper_with_files_test.py
index 9811225..2be3e97 100755
--- a/test/avbtool_signing_helper_with_files_test.py
+++ b/test/avbtool_signing_helper_with_files_test.py
@@ -1,7 +1,7 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
#
-# Copyright (C) 2017 The Android Open Source Project
+# Copyright (C) 2017-2020 The Android Open Source Project
#
# Permission is hereby granted, free of charge, to any person
# obtaining a copy of this software and associated documentation
@@ -24,37 +24,40 @@
# SOFTWARE.
#
-import subprocess
-import sys
import errno
import os
+import subprocess
+import sys
+
def rsa_signer_with_files(argv):
if len(argv) != 4:
- sys.stderr.write("Wrong number of arguments: {} <alg> <pub key> <file>\n".format(argv[0]))
+ sys.stderr.write('Wrong number of arguments: {} <alg> <pub key> <file>\n'
+ .format(argv[0]))
return errno.EINVAL
- signing_file = open(argv[3], mode='rw+')
+ signing_file = open(argv[3], mode='rb+')
data = signing_file.read()
- if len(data) == 0:
- sys.stderr.write("There is no input data\n")
+ if not data:
+ sys.stderr.write('There is no input data\n')
return errno.EINVAL
if os.environ.get('SIGNING_HELPER_GENERATE_WRONG_SIGNATURE'):
# We're only called with this algorithm which signature size is 256.
assert argv[1] == 'SHA256_RSA2048'
signing_file.seek(0)
- signing_file.write('X'*256)
+ signing_file.write(b'X' * 256)
return 0
- if 'SIGNING_HELPER_TEST' not in os.environ or os.environ['SIGNING_HELPER_TEST'] == "":
- sys.stderr.write("env SIGNING_HELPER_TEST is not set or empty\n")
+ if not os.getenv('SIGNING_HELPER_TEST'):
+ sys.stderr.write('env SIGNING_HELPER_TEST is not set or empty\n')
return errno.EINVAL
test_file_name = os.environ['SIGNING_HELPER_TEST']
if os.path.isfile(test_file_name) and not os.access(test_file_name, os.W_OK):
- sys.stderr.write("no permission to write into {} file\n".format(test_file_name))
- return errno.EACCESS
+ sys.stderr.write('no permission to write into {} file\n'
+ .format(test_file_name))
+ return errno.EACCES
p = subprocess.Popen(
['openssl', 'rsautl', '-sign', '-inkey', argv[2], '-raw'],
@@ -68,8 +71,8 @@
signing_file.seek(0)
signing_file.write(pout)
- with open(test_file_name, "w") as f:
- f.write("DONE")
+ with open(test_file_name, 'w') as f:
+ f.write('DONE')
return 0