Android Recovery下升级,实际上OTA最终也是调用这个方法。
里面有个流程是需要验证verify_package,使用的是/res/keys,这个keys是从哪儿来的呢。
static constexpr const char* PUBLIC_KEYS_FILE = "/res/keys";
std::vector<Certificate> loadedKeys;
if (!load_keys(PUBLIC_KEYS_FILE, loadedKeys)) {
查看了recovery编译out目录,确实发现有这个文件呢,
recovery/root/res$ ls keys
刚开始以为是bootloader/recovery下,搜了没有。后面想了下,找下 RECOVERY文件的
编译Makefile。 在目录build/make/core/Makefile,找到了RECOVERY_INSTALL_OTA_KEYS,
顺着代码看了下:
# substitute other keys for this one.
OTA_PUBLIC_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
$(RECOVERY_INSTALL_OTA_KEYS): PRIVATE_OTA_PUBLIC_KEYS := $(OTA_PUBLIC_KEYS)
$(hide) cp $(RECOVERY_INSTALL_OTA_KEYS) $(TARGET_RECOVERY_ROOT_OUT)/res/keys
编译log:
default_system_dev_certificate = (str) device/mediatek/common/security/releasekey