Don't use temp file for public key.
If using public key from Omaha response, we wrote it to a temp file
which will be read back, this is unnecessary since we can keep it in
memory.
Test: update_engine_unittests
Change-Id: Ib9f7a9292b71b9d91a0b24c687cc989b79d3812b
diff --git a/payload_consumer/payload_verifier.h b/payload_consumer/payload_verifier.h
index 8caef35..ec23ef2 100644
--- a/payload_consumer/payload_verifier.h
+++ b/payload_consumer/payload_verifier.h
@@ -32,19 +32,20 @@
class PayloadVerifier {
public:
// Interprets |signature_blob| as a protocol buffer containing the Signatures
- // message and decrypts each signature data using the |public_key_path|.
+ // message and decrypts each signature data using the |pem_public_key|.
+ // |pem_public_key| should be a PEM format RSA public key data.
// Returns whether *any* of the decrypted hashes matches the |hash_data|.
// In case of any error parsing the signatures or the public key, returns
// false.
static bool VerifySignature(const brillo::Blob& signature_blob,
- const std::string& public_key_path,
+ const std::string& pem_public_key,
const brillo::Blob& hash_data);
- // Decrypts sig_data with the given public_key_path and populates
- // out_hash_data with the decoded raw hash. Returns true if successful,
- // false otherwise.
+ // Decrypts |sig_data| with the given |pem_public_key| and populates
+ // |out_hash_data| with the decoded raw hash. |pem_public_key| should be a PEM
+ // format RSA public key data. Returns true if successful, false otherwise.
static bool GetRawHashFromSignature(const brillo::Blob& sig_data,
- const std::string& public_key_path,
+ const std::string& pem_public_key,
brillo::Blob* out_hash_data);
// Pads a SHA256 hash so that it may be encrypted/signed with RSA2048