search

chriswoope / resign-android-image

Resign Android OS (esp. GrapheneOS) images with your signing keys and add ADB root and other modifications
MIT License
86 stars 6 forks source link

make_product_security failing to complete #17

Closed peterjanbalkenende closed 1 year ago

peterjanbalkenende commented 1 year ago

Hello,

Thanks for helping me in #1, and also props for maintaining this project!

I'm getting the following error upon running the script for version 2023040400 with oriole:

                                        MADE 2023040400/out_resign/target_files_intermediates with make_target_files_intermediates_base
                                        MAKING 2023040400/out_resign/certs.txt with make_certs
                                        MADE 2023040400/out_resign/certs.txt with make_certs
                                        MAKING 2023040400/out_resign/product_security with make_product_security
Could not open file or uri for loading certificate from -
804B5255D07F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:../crypto/store/store_register.c:237:scheme=file
804B5255D07F0000:error:80000002:system library:file_open:No such file or directory:../providers/implementations/storemgmt/file_store.c:267:calling stat(-)
Unable to load certificate
Could not open file or uri for loading certificate from -
800B63B5E97F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:../crypto/store/store_register.c:237:scheme=file
800B63B5E97F0000:error:80000002:system library:file_open:No such file or directory:../providers/implementations/storemgmt/file_store.c:267:calling stat(-)
Unable to load certificate
Could not open file or uri for loading certificate from -
806B764FB67F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:../crypto/store/store_register.c:237:scheme=file
806B764FB67F0000:error:80000002:system library:file_open:No such file or directory:../providers/implementations/storemgmt/file_store.c:267:calling stat(-)
Unable to load certificate
Could not open file or uri for loading certificate from -
80AB8E92247F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:../crypto/store/store_register.c:237:scheme=file
80AB8E92247F0000:error:80000002:system library:file_open:No such file or directory:../providers/implementations/storemgmt/file_store.c:267:calling stat(-)
Unable to load certificate
Could not open file or uri for loading certificate from -
806B8189247F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:../crypto/store/store_register.c:237:scheme=file
806B8189247F0000:error:80000002:system library:file_open:No such file or directory:../providers/implementations/storemgmt/file_store.c:267:calling stat(-)
Unable to load certificate
Could not open file or uri for loading certificate from -
804B36C86B7F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:../crypto/store/store_register.c:237:scheme=file
804B36C86B7F0000:error:80000002:system library:file_open:No such file or directory:../providers/implementations/storemgmt/file_store.c:267:calling stat(-)
Unable to load certificate
Failed to run: make_product_security 2023040400/out_resign/product_security.EBaDpx.tmp
Failed to run: make_target_files_intermediates 2023040400/out_resign/target_files_intermediates.done.JtWPKe.tmp
Failed to run: make_target_files_intermediates_zip 2023040400/out_resign/target_files_intermediates.zip.oJQtQE.tmp
Failed to run: make_target_files_signed 2023040400/out_resign/target_files_signed.zldEQw.tmp
Failed to run: make_target_files_base 2023040400/out_resign/target_files.VxkwMv.tmp
Failed to run: make_target_files_zip 2023040400/out_resign/target_files.zip.nc9R81.tmp

I also tried version 2023032600 as I saw in one of the commits that should be supported, but still no dice. I think it could again be something to do with the otatools.zip package.

Thanks again for this project.

Cheers.

peterjanbalkenende commented 1 year ago

Never mind, I was using Ubuntu instead of Debian.

Now I'm getting the following error when building:

++++ dtbo  ++++

Traceback (most recent call last):
  File "internal/stdlib/runpy.py", line 196, in _run_module_as_main
  File "internal/stdlib/runpy.py", line 86, in _run_code
  File "/home/runner/.resign-android-image/otatools/bin/sign_target_files_apks/__main__.py", line 12, in <module>
  File "internal/stdlib/runpy.py", line 196, in _run_module_as_main
  File "internal/stdlib/runpy.py", line 86, in _run_code
  File "sign_target_files_apks.py", line 1568, in <module>
  File "sign_target_files_apks.py", line 1561, in main
  File "add_img_to_target_files.py", line 1263, in main
  File "add_img_to_target_files.py", line 1097, in AddImagesToTargetFiles
  File "add_img_to_target_files.py", line 1069, in add_partition
  File "add_img_to_target_files.py", line 466, in AddDtbo
AssertionError
    signing: RemoteProvisioner.apk                                                                         (keys/releasekey)
    signing: PixelNfc.apk                                                                                  (keys/platform)
    signing: OemRilHookService.apk                                                                         (keys/platform)
Rewriting SYSTEM_EXT/etc/selinux/system_ext_mac_permissions.xml with new keys.
Rewriting SYSTEM_EXT/etc/build.prop:
Rewriting VENDOR/odm_dlkm/etc/build.prop:
    signing: com.google.pixel.camera.hal.apex                                                              container (keys/releasekey)
           : com.google.pixel.camera.hal.apex                                                              payload   (keys/avb.pem)
    signing: android.auto_generated_rro_vendor_adevtool__.apk                                              (keys/releasekey)
Rewriting VENDOR/build.prop:
Rewriting VENDOR/odm/etc/build.prop:
Rewriting VENDOR/etc/selinux/vendor_mac_permissions.xml with new keys.
Rewriting VENDOR_BOOT/RAMDISK/prop.default:
Rewriting VENDOR_BOOT/RAMDISK/default.prop:
Rewriting VENDOR_DLKM/etc/build.prop:
META/otakeys.txt has no keys; using keys/releasekey.x509.pem for OTA package verification.
Rewriting OTA key: SYSTEM/etc/security/otacerts.zip ['keys/releasekey.x509.pem']
Rewriting OTA key: VENDOR_BOOT/RAMDISK/system/etc/security/otacerts.zip ['keys/releasekey.x509.pem']
Replacing AVB signing key for vbmeta with "keys/avb.pem" (SHA256_RSA4096)
Rewriting AVB prop for boot:

  replace: --prop com.android.build.boot.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys --prop com.android.build.boot.os_version:12 --prop com.android.build.boot.security_patch:2022-04-05
     with: --prop com.android.build.boot.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys --prop com.android.build.boot.os_version:12 --prop com.android.build.boot.security_patch:2022-04-05
Rewriting AVB prop for dtbo:

  replace: --prop com.android.build.dtbo.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys
     with: --prop com.android.build.dtbo.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys
Rewriting AVB prop for product:

  replace: --hash_algorithm sha256 --prop com.android.build.product.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys --prop com.android.build.product.os_version:12 --prop com.android.build.product.security_patch:2022-04-05
     with: --hash_algorithm sha256 --prop com.android.build.product.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys --prop com.android.build.product.os_version:12 --prop com.android.build.product.security_patch:2022-04-05
Rewriting AVB prop for recovery:

  replace: --prop com.android.build.recovery.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys
     with: --prop com.android.build.recovery.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys
Rewriting AVB prop for system:

  replace: --hash_algorithm sha256 --prop com.android.build.system.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys --prop com.android.build.system.os_version:12 --prop com.android.build.system.security_patch:2022-04-05
     with: --hash_algorithm sha256 --prop com.android.build.system.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys --prop com.android.build.system.os_version:12 --prop com.android.build.system.security_patch:2022-04-05
Rewriting AVB prop for system_ext:

  replace: --hash_algorithm sha256 --prop com.android.build.system_ext.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys --prop com.android.build.system_ext.os_version:12 --prop com.android.build.system_ext.security_patch:2022-04-05
     with: --hash_algorithm sha256 --prop com.android.build.system_ext.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys --prop com.android.build.system_ext.os_version:12 --prop com.android.build.system_ext.security_patch:2022-04-05
Rewriting AVB prop for odm:

  replace: --hash_algorithm sha256 --prop com.android.build.odm.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys --prop com.android.build.odm.os_version:12
     with: --hash_algorithm sha256 --prop com.android.build.odm.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys --prop com.android.build.odm.os_version:12
Rewriting AVB prop for odm_dlkm:

  replace: --hash_algorithm sha256 --prop com.android.build.odm_dlkm.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys --prop com.android.build.odm_dlkm.os_version:12
     with: --hash_algorithm sha256 --prop com.android.build.odm_dlkm.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys --prop com.android.build.odm_dlkm.os_version:12
Rewriting AVB prop for vendor:

  replace: --hash_algorithm sha256 --prop com.android.build.vendor.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys --prop com.android.build.vendor.os_version:12 --prop com.android.build.vendor.security_patch:2022-04-05
     with: --hash_algorithm sha256 --prop com.android.build.vendor.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys --prop com.android.build.vendor.os_version:12 --prop com.android.build.vendor.security_patch:2022-04-05
Rewriting AVB prop for vendor_boot:

  replace: --prop com.android.build.vendor_boot.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys
     with: --prop com.android.build.vendor_boot.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys
Rewriting AVB prop for vendor_dlkm:

  replace: --hash_algorithm sha256 --prop com.android.build.vendor_dlkm.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/test-keys --prop com.android.build.vendor_dlkm.os_version:12
     with: --hash_algorithm sha256 --prop com.android.build.vendor_dlkm.fingerprint:Android/aosp_raven/raven:12/SP2A.220405.004/2022041700:user/release-keys --prop com.android.build.vendor_dlkm.os_version:12
Failed to run: go /home/runner/work/2023040400/out_resign/sign_target_files.eXFmRB.tmp /home/runner/work/2023040400/out_resign/target_files_signed.zip.Ru2Y9v.tmp
Failed to run: make_target_files_signed_zip /home/runner/work/2023040400/out_resign/target_files_signed.zip.Ru2Y9v.tmp
Failed to run: make_target_files_signed /home/runner/work/2023040400/out_resign/target_files_signed.dqDKVI.tmp
Failed to run: make_target_files_base /home/runner/work/2023040400/out_resign/target_files.N40MM3.tmp
Failed to run: make_target_files_zip /home/runner/work/2023040400/out_resign/target_files.zip.FIiQjY.tmp

Would you have any idea why this is happening?

Cheers.

peterjanbalkenende commented 1 year ago

Fixed in 9254c1c. Thanks.