Skip metadata signature when hashing payload in major version 2. We should skip metadata signature when hashing the payload, so that the payload signature won't depend on metadata signature. VerifySignedPayload will also verify metadata signature now if it exist. Bug: 23981164 TEST=cros_workon_make update_engine --test Change-Id: I3e52b7bf8ddf1539bbb6934e8a5ec1112b94ae62

commit: 720df3eeaecfc9ad229440c59e08c8d52f13dc1e [log] [tgz]
author: Sen Jiang <senj@google.com> Thu Oct 01 13:10:44 2015 -0700
committer: Sen Jiang <senj@google.com> Thu Oct 22 13:16:07 2015 -0700
tree: fe07787244ec3eb0ce2147c17973627ea99147dd
parent: abdc0115548985d8ca3f3f2aeb1283741ce409a6 [diff] [blame]
diff --git a/payload_generator/payload_file.cc b/payload_generator/payload_file.cc
index 15dd35e..22efb94 100644
--- a/payload_generator/payload_file.cc
+++ b/payload_generator/payload_file.cc

@@ -230,6 +230,9 @@
     TEST_AND_RETURN_FALSE(PayloadSigner::SignPayload(
         payload_file,
         vector<string>(1, private_key_path),
+        metadata_size,
+        0,
+        metadata_size + manifest_.signatures_offset(),
         &signature_blob));
     TEST_AND_RETURN_FALSE(writer.Write(signature_blob.data(),
                                        signature_blob.size()));
commit	720df3eeaecfc9ad229440c59e08c8d52f13dc1e	[log] [tgz]
author	Sen Jiang <senj@google.com>	Thu Oct 01 13:10:44 2015 -0700
committer	Sen Jiang <senj@google.com>	Thu Oct 22 13:16:07 2015 -0700
tree	fe07787244ec3eb0ce2147c17973627ea99147dd
parent	abdc0115548985d8ca3f3f2aeb1283741ce409a6 [diff] [blame]