commit 00f76b61fdc8f401ae93b2300f1cc9d62d932f30
author Jay Srinivasan <jaysri@chromium.org> Mon Sep 17 18:48:36 2012 -0700
committer Gerrit <chrome-bot@google.com> Mon Sep 17 22:02:51 2012 -0700
tree 0993333ac5cdeb0e06e3ed37f3bd56b87c0eb6e3
parent 74475bfd0ed945d9035c1760c6ccf938f4f0cdff

Generate and validate per-operation hashes

As part of securing the HTTP-based updates, we want to add a SHA256 hash
of the data blob for each operation so that they can't be tampered with
by a man in the middle. This CL adds support for generating and
including such hashes for each operation in the payload as well as
validating them in update_engine, if present.

BUG=chromium-os:34298
TEST=Tested on ZGB to make sure existing functionality works fine.
     Existing unit tests cover all the new code paths.
Change-Id: Ie42ed1930a66ceaf183f36ce3af0dea719e44237
Reviewed-on: https://gerrit.chromium.org/gerrit/33389
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Ready: Jay Srinivasan <jaysri@chromium.org>
Tested-by: Jay Srinivasan <jaysri@chromium.org>

delta_performer.h

diff --git a/delta_performer.h b/delta_performer.h
index 8ea30c3..a9d70e7 100644
--- a/delta_performer.h
+++ b/delta_performer.h
@@ -155,7 +155,7 @@
   // matches what's specified in the manifest in the payload.
   // Returns kActionCodeSuccess on match or a suitable error code otherwise.
   ActionExitCode ValidateOperationHash(
-      const DeltaArchiveManifest_InstallOperation& operation);
+      const DeltaArchiveManifest_InstallOperation& operation, bool should_log);
 
   // Interprets the given |protobuf| as a DeltaArchiveManifest protocol buffer
   // of the given protobuf_length and verifies that the signed hash of the