Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resign some APEX packages during the release build #204

Merged
merged 2 commits into from
Jul 23, 2024
Merged

Resign some APEX packages during the release build #204

merged 2 commits into from
Jul 23, 2024

Conversation

ceiba1985
Copy link
Contributor

@ceiba1985 ceiba1985 commented Jul 19, 2024
edited
Loading

  1. Add a release key for APEX.
  2. Resign some APEX packages during the release build

Tracked-On: OAM-122509

shyjumon-n
shyjumon-n approved these changes Jul 19, 2024
View reviewed changes
Copy link

@shyjumon-n shyjumon-n left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ceiba1985
Add a release key for APEX
2996f0e 
Currently APEX packages are not resigned by a release key during
a release build. Need to add a release key specific for APEX.
This key is generated like this:
	openssl genrsa -out temp.pem 2048
	openssl req -new -x509 -key temp.pem -out \
	    apexkey.x509.pem -days 10000 -subj \
	    '/C=US/ST=California/L=Santa Clara/O=Intel, \
	    Inc./OU=Intel/CN=Intel/[email protected]'
	openssl pkcs8 -in temp.pem -topk8 -outform DER -out \
	    releasekey.pk8 -nocrypt
	avbtool extract_public_key --key foo.pem --output foo.avbpubkey

This key is only for test purpose and for production it needs to
be replaced with customer specific key

Tracked-On: OAM-122509
Signed-off-by: jizhenlo <[email protected]>
@ceiba1985
Resign some APEX packages during the release build
705cd40 
APEX packages currently are not resigned by a release key
during the release build. Need to resign them to pass the
CTS tests:
	testApexPubKeyIsNotWellKnownKey
	testPackageSignatures

Test done: These two cts cases can pass with patch.

Tracked-On: OAM-122509
Signed-off-by: jizhenlo <[email protected]>
@sysopenci sysopenci added Pending Developer Approval Pending Developer Approval Pending PR Review Pending PR Review Engineering Build Not Started Engineering Build Not Started and removed Pending PR Review Pending PR Review labels Jul 19, 2024
@sysopenci sysopenci added Developer Approved and removed Pending Developer Approval Pending Developer Approval labels Jul 22, 2024
@sysopenci
Copy link

Android CI has started Engineering Build for this issue ,Please check the linked Tracked-On issue/Android CI Web for more details.

1 similar comment
@sysopenci
Copy link

Android CI has started Engineering Build for this issue ,Please check the linked Tracked-On issue/Android CI Web for more details.

@sysopenci
Copy link

FAILURE: Android CI has completed Engineering Build for this issue.Please check the linked Tracked-On issue/Android CI Web for more details.

@sysopenci sysopenci added Engineering Build Failed and removed Engineering Build Not Started Engineering Build Not Started labels Jul 22, 2024
@sysopenci
Copy link

Android CI has started Engineering Build for this issue ,Please check the linked Tracked-On issue/Android CI Web for more details.

@sysopenci
Copy link

FAILURE: Android CI has completed Engineering Build for this issue.Please check the linked Tracked-On issue/Android CI Web for more details.

@sysopenci
Copy link

SUCCESS: Android CI has completed Engineering Build for this issue.Please check the linked Tracked-On issue/Android CI Web for more details.

@sysopenci sysopenci added Engineering Build Successful Engineering Build Successful and removed Engineering Build Failed labels Jul 22, 2024
@sysopenci
Copy link

Android CI has started MERGE Build for this pr ,Please check the linked Tracked-On issue/Android CI Web for more details.

@sysopenci sysopenci merged commit e09dc24 into projectceladon:master Jul 23, 2024
34 of 36 checks passed
@sysopenci
Copy link

Android CI has completed MERGE Build for this pr, build is SUCCESS. Please check the linked Tracked-On issue/Android CI Web for more details. For Binaries: /cactus-absp-or-local/celadon-merge/682

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shyjumon-n shyjumon-n Awaiting requested review from shyjumon-n

Assignees
No one assigned
Labels
Developer Approved Engineering Build Successful Engineering Build Successful PR approved Valid commit message
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ceiba1985 @sysopenci @shyjumon-n