replicant-vendor_replicant/prebuilt/common/bin/otasigcheck.sh
Brint E. Kriebel 84ec9f54bd otasigcheck: Don't fail a signature check if data will be wiped
If the --wipe_data command is being passed to recovery, skip the
signature check since the data will be wiped after the update is
installed

Change-Id: I6641f25abd044110faaf170ab2f7982460e77bcb
2014-09-24 12:53:22 -07:00

25 lines
867 B
Bash

#!/sbin/sh
# Validate that the incoming OTA is compatible with an already-installed
# system
grep -q "Command:.*\"--wipe\_data\"" /tmp/recovery.log
if [ $? -eq 0 ]; then
echo "Data will be wiped after install; skipping signature check..."
exit 0
fi
if [ -f /data/system/packages.xml -a -f /tmp/releasekey ]; then
relCert=$(grep -A3 'package name="com.android.htmlviewer"' /data/system/packages.xml | grep "cert index" | head -n 1 | sed -e 's|.*"\([[:digit:]][[:digit:]]*\)".*|\1|g')
grep "cert index=\"$relCert\"" /data/system/packages.xml | grep -q `cat /tmp/releasekey`
if [ $? -ne 0 ]; then
echo "You have an installed system that isn't signed with this build's key, aborting..."
# Edify doesn't abort on non-zero executions, so let's trash the key and use sha1sum instead
echo "INVALID" > /tmp/releasekey
exit 1
fi
fi
exit 0