Revert "ota: Validate any installed data's signature against our own"

* otasigcheck doesn't work on encrypted devices and makes the zip installation fail since oreo. * The build part of this was never ported to oreo. This reverts commit aff5e54c4e. Change-Id: I411f33c1db64844091c1692ef4706ae541925d4f
6 years ago · 95621f3c73
parent 03a83c3b9a
commit 95621f3c73
2 changed files with 0 additions and 95 deletions
--- a/config/common.mk
+++ b/config/common.mk
@ -61,10 +61,6 @@ PRODUCT_COPY_FILES += \
 PRODUCT_COPY_FILES += \
    vendor/lineage/config/permissions/lineage-sysconfig.xml:system/etc/sysconfig/lineage-sysconfig.xml

-# Signature compatibility validation
-PRODUCT_COPY_FILES += \
-    vendor/lineage/prebuilt/common/bin/otasigcheck.sh:install/bin/otasigcheck.sh
-
 # init.d support
 PRODUCT_COPY_FILES += \
    vendor/lineage/prebuilt/common/etc/init.d/00banner:system/etc/init.d/00banner \
--- a/prebuilt/common/bin/otasigcheck.sh
+++ b/prebuilt/common/bin/otasigcheck.sh
@ -1,91 +0,0 @@
-#!/sbin/sh
-
-# Validate that the incoming OTA is compatible with an already-installed
-# system
-
-grep -q "Command:.*\"--wipe\_data\"" /tmp/recovery.log
-if [ $? -eq 0 ]; then
-  echo "Data will be wiped after install; skipping signature check..."
-  exit 0
-fi
-
-grep -q "Command:.*\"--headless\"" /tmp/recovery.log
-if [ $? -eq 0 ]; then
-  echo "Headless mode install; skipping signature check..."
-  exit 0
-fi
-
-if [ -f "/data/system/packages.xml" -a -f "/tmp/releasekey" ]; then
-  relkey=$(cat "/tmp/releasekey")
-  OLDIFS="$IFS"
-  IFS=""
-  while read line; do
-    if [ "${#line}" -gt 4094 ]; then
-      continue
-    fi
-    params=${line# *<package *}
-    if [ "$line" != "$params" ]; then
-      kvp=${params%% *}
-      params=${params#* }
-      while [ "$kvp" != "$params" ]; do
-        key=${kvp%%=*}
-        val=${kvp#*=}
-        vlen=$(( ${#val} - 2 ))
-        val=${val:1:$vlen}
-        if [ "$key" = "name" ]; then
-          package="$val"
-        fi
-        kvp=${params%% *}
-        params=${params#* }
-      done
-      continue
-    fi
-    params=${line# *<cert *}
-    if [ "$line" != "$params" ]; then
-      keyidx=""
-      keyval=""
-      kvp=${params%% *}
-      params=${params#* }
-      while [ "$kvp" != "$params" ]; do
-        key=${kvp%%=*}
-        val=${kvp#*=}
-        vlen=$(( ${#val} - 2 ))
-        val=${val:1:$vlen}
-        if [ "$key" = "index" ]; then
-          keyidx="$val"
-        fi
-        if [ "$key" = "key" ]; then
-          keyval="$val"
-        fi
-        kvp=${params%% *}
-        params=${params#* }
-      done
-      if [ -n "$keyidx" ]; then
-        if [ "$package" = "com.android.htmlviewer" ]; then
-          cert_idx="$keyidx"
-        fi
-      fi
-      if [ -n "$keyval" ]; then
-        eval "key_$keyidx=$keyval"
-      fi
-      continue
-    fi
-  done < "/data/system/packages.xml"
-  IFS="$OLDIFS"
-
-  # Tools missing? Err on the side of caution and exit cleanly
-  if [ -z "$cert_idx" ]; then
-    echo "Package cert index not found; skipping signature check..."
-    exit 0
-  fi
-
-  varname="key_$cert_idx"
-  eval "pkgkey=\$$varname"
-
-  if [ "$pkgkey" != "$relkey" ]; then
-     echo "You have an installed system that isn't signed with this build's key, aborting..."
-     exit 124
-  fi
-fi
-
-exit 0