Ensure that apex key is used by only one APEX.

Two APEXes having differnet bundle names cannot be signed with the same
APEX key. This is prohibited both by the build system and by the apexd
at runtime.

Test APEXs and keys are updated accordingly.

Bug: 115721587
Test: m checkbuild
Test: device boots, adb shell; su; setenforce 0; cmd apexservice
getActivePackages shows the installed APEXes.
Test: atest apexservice_test apex_file_test apex_manifest_test

Change-Id: I07ed767b2dcd08f93ef98cc139d911121b016f9f

1 files changed, 7 insertions, 1 deletions

diff --git a/apexer/apexer.py b/apexer/apexer.py
index df7fa35..1aeefd1 100644
--- a/apexer/apexer.py
+++ b/apexer/apexer.py
@@ -162,8 +162,14 @@ def CreateApex(args, work_dir):
   if 'name' not in manifest or manifest['name'] is None:
     print("Invalid manifest: 'name' does not exist")
     return False
+
   package_name = manifest['name']
   version_number = manifest['version']
+  key_name = os.path.basename(os.path.splitext(args.key)[0])
+
+  if package_name != key_name:
+    print("package name '" + package_name + "' does not match with key name '" + key_name + "'")
+    return False
 
   # create an empty ext4 image that is sufficiently big
   # Sufficiently big = twice the size of the input directory
@@ -232,7 +238,7 @@ def CreateApex(args, work_dir):
   cmd.append('--do_not_generate_fec')
   cmd.extend(['--algorithm', 'SHA256_RSA4096'])
   cmd.extend(['--key', args.key])
-  cmd.extend(['--prop', "apex.key:" + os.path.basename(os.path.splitext(args.key)[0])])
+  cmd.extend(['--prop', "apex.key:" + key_name])
   cmd.extend(['--image', img_file])
   RunCommand(cmd, args.verbose)