Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / 8cebf22a8a45a02e0e8aa3e5a0b636c0986304a3^1..8cebf22a8a45a02e0e8aa3e5a0b636c0986304a3 / .
commit8cebf22a8a45a02e0e8aa3e5a0b636c0986304a3[log] [tgz]
authorKelvin Zhang <zhangkelvin@google.com>Tue Jan 05 00:53:29 2021 +0000
committerAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>Tue Jan 05 00:53:29 2021 +0000
treeed0c2cf00d663e01b1ca013e01f66a8dc094a99a
parentc4b131b668b9f525ae6111c1236ce19a7abb941b [diff]
parentbb8e999e212f339a61a55dc91d7572c6b993e852 [diff]
Move signature persistence to CheckpointUpdateProgress am: bb8e999e21

Original change: https://android-review.googlesource.com/c/platform/system/update_engine/+/1536741

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I6669f0c6667c374aab8a5239c360fbc46e5b6f67

diff --git a/payload_consumer/delta_performer.cc b/payload_consumer/delta_performer.cc
index 08118d8..b06d04e 100644
--- a/payload_consumer/delta_performer.cc
+++ b/payload_consumer/delta_performer.cc

@@ -979,20 +979,6 @@
   signatures_message_data_.assign(
       buffer_.begin(), buffer_.begin() + manifest_.signatures_size());
 
-  // Save the signature blob because if the update is interrupted after the
-  // download phase we don't go through this path anymore. Some alternatives
-  // to consider:
-  //
-  // 1. On resume, re-download the signature blob from the server and
-  // re-verify it.
-  //
-  // 2. Verify the signature as soon as it's received and don't checkpoint the
-  // blob and the signed sha-256 context.
-  LOG_IF(WARNING,
-         !prefs_->SetString(kPrefsUpdateStateSignatureBlob,
-                            signatures_message_data_))
-      << "Unable to store the signature blob.";
-
   LOG(INFO) << "Extracted signature data of size "
             << manifest_.signatures_size() << " at "
             << manifest_.signatures_offset();
@@ -1425,6 +1411,21 @@
   if (last_updated_operation_num_ != next_operation_num_ || force) {
     // Resets the progress in case we die in the middle of the state update.
     ResetUpdateProgress(prefs_, true);
+    if (!signatures_message_data_.empty()) {
+      // Save the signature blob because if the update is interrupted after the
+      // download phase we don't go through this path anymore. Some alternatives
+      // to consider:
+      //
+      // 1. On resume, re-download the signature blob from the server and
+      // re-verify it.
+      //
+      // 2. Verify the signature as soon as it's received and don't checkpoint
+      // the blob and the signed sha-256 context.
+      LOG_IF(WARNING,
+             !prefs_->SetString(kPrefsUpdateStateSignatureBlob,
+                                signatures_message_data_))
+          << "Unable to store the signature blob.";
+    }
     TEST_AND_RETURN_FALSE(prefs_->SetString(
         kPrefsUpdateStateSHA256Context, payload_hash_calculator_.GetContext()));
     TEST_AND_RETURN_FALSE(