1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
# Copyright (C) 2021 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
load("@bazel_skylib//lib:paths.bzl", "paths")
load("//build/bazel/product_config:product_variables_providing_rule.bzl", "ProductVariablesDepsInfo", "ProductVariablesInfo")
ApexKeyInfo = provider(
"Info needed to sign APEX bundles",
fields = {
"private_key": "File containing the private key",
"public_key": "File containing the public_key",
},
)
def _apex_key_rule_impl(ctx):
public_key = ctx.file.public_key
private_key = ctx.file.private_key
# If the DefaultAppCertificate directory is specified, then look for this
# key in that directory instead, with the exact same basenames for both the
# avbpubkey and pem files.
product_var_cert = ctx.attr._product_variables[ProductVariablesInfo].DefaultAppCertificate
cert_files_to_search = ctx.attr._product_variables[ProductVariablesDepsInfo].DefaultAppCertificateFiles
if product_var_cert and cert_files_to_search:
for f in cert_files_to_search:
if f.basename == ctx.file.public_key.basename:
public_key = f
elif f.basename == ctx.file.private_key.basename:
private_key = f
public_keyname = paths.split_extension(public_key.basename)[0]
private_keyname = paths.split_extension(private_key.basename)[0]
if public_keyname != private_keyname:
fail("public_key %s (keyname:%s) and private_key %s (keyname:%s) do not have same keyname" % (
ctx.attr.public_key.label,
public_keyname,
ctx.attr.private_key.label,
private_keyname,
))
return [
ApexKeyInfo(
public_key = public_key,
private_key = private_key,
),
]
_apex_key = rule(
implementation = _apex_key_rule_impl,
attrs = {
"private_key": attr.label(mandatory = True, allow_single_file = True),
"public_key": attr.label(mandatory = True, allow_single_file = True),
"_product_variables": attr.label(
default = "//build/bazel/product_config:product_vars",
),
},
)
def _get_key_label(label, name):
if label and name:
fail("Cannot use both {public,private}_key_name and {public,private}_key attributes together. " +
"Use only one of them.")
if label:
return label
# Ensure that the name references the calling package's local BUILD target
return ":" + name
def apex_key(
name,
public_key = None,
private_key = None,
public_key_name = None,
private_key_name = None,
**kwargs):
# The keys are labels that point to either a file, or a target that provides
# a single file (e.g. a filegroup or rule that provides the key itself only).
_apex_key(
name = name,
public_key = _get_key_label(public_key, public_key_name),
private_key = _get_key_label(private_key, private_key_name),
**kwargs
)
|
