build/android/gyp/finalize_apk.py - Issue 2193063002: [Android] [Reland] Sanitize APK signing file timestamps.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: build/android/gyp/finalize_apk.py

Issue 2193063002: [Android] [Reland] Sanitize APK signing file timestamps. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Address jbudorick's comments. Created 4 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: build/android/gyp/finalize_apk.py

diff --git a/build/android/gyp/finalize_apk.py b/build/android/gyp/finalize_apk.py

index d71cb8fc7e7704fa58c20bebb2af6e83789d59bd..532d001f72385dbee29c8c986ef5780db2830467 100755

--- a/build/android/gyp/finalize_apk.py

+++ b/build/android/gyp/finalize_apk.py

@@ -8,9 +8,16 @@

"""

import optparse

+import os

import shutil

import sys

import tempfile

+import zipfile

+# resource_sizes modifies zipfile for zip64 compatibility. See

+# https://bugs.python.org/issue14315.

+sys.path.append(os.path.join(os.path.dirname(__file__), os.pardir))

+import resource_sizes # pylint: disable=unused-import

from util import build_utils

@@ -143,6 +150,24 @@ def FinalizeApk(options):

JarSigner(options.key_path, options.key_name, options.key_passwd,

apk_to_sign, signed_apk_path)

+ # Make the signing files hermetic.

+ with tempfile.NamedTemporaryFile(suffix='.zip') as hermetic_signed_apk:

+ with zipfile.ZipFile(signed_apk_path, 'r') as zi:

+ with zipfile.ZipFile(hermetic_signed_apk, 'w') as zo:

+ for info in zi.infolist():

+ # Ignore 'extended local file headers'. Python doesn't write them

+ # properly (see https://bugs.python.org/issue1742205) which causes

+ # zipalign to miscalculate alignment. Since we don't use them except

+ # for alignment anyway, we write a stripped file here and let

+ # zipalign add them properly later. eLFHs are controlled by 'general

+ # purpose bit flag 03' (0x08) so we mask that out.

+ info.flag_bits = info.flag_bits & 0xF7

+ info.date_time = build_utils.HERMETIC_TIMESTAMP

+ zo.writestr(info, zi.read(info.filename))

+ shutil.copy(hermetic_signed_apk.name, signed_apk_path)

if options.load_library_from_zip:

# Reorder the contents of the APK. This re-establishes the canonical

# order which means the library will be back at its page aligned location.

« no previous file with comments | « no previous file | build/android/gyp/util/build_utils.py » ('j') | no next file with comments »