84ec9f54bd
If the --wipe_data command is being passed to recovery, skip the signature check since the data will be wiped after the update is installed Change-Id: I6641f25abd044110faaf170ab2f7982460e77bcb
25 lines
867 B
Bash
25 lines
867 B
Bash
#!/sbin/sh
|
|
|
|
# Validate that the incoming OTA is compatible with an already-installed
|
|
# system
|
|
|
|
grep -q "Command:.*\"--wipe\_data\"" /tmp/recovery.log
|
|
if [ $? -eq 0 ]; then
|
|
echo "Data will be wiped after install; skipping signature check..."
|
|
exit 0
|
|
fi
|
|
|
|
if [ -f /data/system/packages.xml -a -f /tmp/releasekey ]; then
|
|
relCert=$(grep -A3 'package name="com.android.htmlviewer"' /data/system/packages.xml | grep "cert index" | head -n 1 | sed -e 's|.*"\([[:digit:]][[:digit:]]*\)".*|\1|g')
|
|
|
|
grep "cert index=\"$relCert\"" /data/system/packages.xml | grep -q `cat /tmp/releasekey`
|
|
if [ $? -ne 0 ]; then
|
|
echo "You have an installed system that isn't signed with this build's key, aborting..."
|
|
# Edify doesn't abort on non-zero executions, so let's trash the key and use sha1sum instead
|
|
echo "INVALID" > /tmp/releasekey
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
exit 0
|