commit 08c6da1bdd79f457bd05654b5eb03cc0e58e5375
author Sen Jiang <senj@google.com> Mon Jan 07 18:28:56 2019 -0800
committer Treehugger Robot <treehugger-gerrit@google.com> Wed Jan 09 22:56:34 2019 +0000
tree 5856733bc8688ad9c188b8a3f38b14517b759c40
parent 642b32b723c832782a4e3372724207f8e3b2e863

Don't use temp file for public key.

If using public key from Omaha response, we wrote it to a temp file
which will be read back, this is unnecessary since we can keep it in
memory.

Test: update_engine_unittests
Change-Id: Ib9f7a9292b71b9d91a0b24c687cc989b79d3812b

payload_consumer/payload_verifier.cc

diff --git a/payload_consumer/payload_verifier.cc b/payload_consumer/payload_verifier.cc
index ab5238c..f3d4626 100644
--- a/payload_consumer/payload_verifier.cc
+++ b/payload_consumer/payload_verifier.cc
@@ -16,6 +16,8 @@
 
 #include "update_engine/payload_consumer/payload_verifier.h"
 
+#include <vector>
+
 #include <base/logging.h>
 #include <openssl/pem.h>
 
@@ -85,10 +87,8 @@
 }  // namespace
 
 bool PayloadVerifier::VerifySignature(const brillo::Blob& signature_blob,
-                                      const string& public_key_path,
+                                      const string& pem_public_key,
                                       const brillo::Blob& hash_data) {
-  TEST_AND_RETURN_FALSE(!public_key_path.empty());
-
   Signatures signatures;
   LOG(INFO) << "signature blob size = " <<  signature_blob.size();
   TEST_AND_RETURN_FALSE(signatures.ParseFromArray(signature_blob.data(),
@@ -105,7 +105,7 @@
     const Signatures_Signature& signature = signatures.signatures(i);
     brillo::Blob sig_data(signature.data().begin(), signature.data().end());
     brillo::Blob sig_hash_data;
-    if (!GetRawHashFromSignature(sig_data, public_key_path, &sig_hash_data))
+    if (!GetRawHashFromSignature(sig_data, pem_public_key, &sig_hash_data))
       continue;
 
     if (hash_data == sig_hash_data) {
@@ -125,28 +125,19 @@
   return false;
 }
 
-
-bool PayloadVerifier::GetRawHashFromSignature(
-    const brillo::Blob& sig_data,
-    const string& public_key_path,
-    brillo::Blob* out_hash_data) {
-  TEST_AND_RETURN_FALSE(!public_key_path.empty());
-
+bool PayloadVerifier::GetRawHashFromSignature(const brillo::Blob& sig_data,
+                                              const string& pem_public_key,
+                                              brillo::Blob* out_hash_data) {
   // The code below executes the equivalent of:
   //
-  // openssl rsautl -verify -pubin -inkey |public_key_path|
+  // openssl rsautl -verify -pubin -inkey <(echo |pem_public_key|)
   //   -in |sig_data| -out |out_hash_data|
 
-  // Loads the public key.
-  FILE* fpubkey = fopen(public_key_path.c_str(), "rb");
-  if (!fpubkey) {
-    LOG(ERROR) << "Unable to open public key file: " << public_key_path;
-    return false;
-  }
+  BIO* bp = BIO_new_mem_buf(pem_public_key.data(), pem_public_key.size());
+  char dummy_password[] = {' ', 0};  // Ensure no password is read from stdin.
+  RSA* rsa = PEM_read_bio_RSA_PUBKEY(bp, nullptr, nullptr, dummy_password);
+  BIO_free(bp);
 
-  char dummy_password[] = { ' ', 0 };  // Ensure no password is read from stdin.
-  RSA* rsa = PEM_read_RSA_PUBKEY(fpubkey, nullptr, nullptr, dummy_password);
-  fclose(fpubkey);
   TEST_AND_RETURN_FALSE(rsa != nullptr);
   unsigned int keysize = RSA_size(rsa);
   if (sig_data.size() > 2 * keysize) {