Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / aef1c6f0b5a0059a103251a9a93bd0be43bd50a2^! / . / payload_generator / payload_signer.h
commitaef1c6f0b5a0059a103251a9a93bd0be43bd50a2[log] [tgz]
authorSen Jiang <senj@google.com>Wed Oct 07 10:05:32 2015 -0700
committerSen Jiang <senj@google.com>Tue Oct 20 14:29:22 2015 -0700
tree449ca1323764d609b5fd3c3bd721a8e232726fc9
parent35b3584ab4041aa32e1d049bd6ddff5941b03df2 [diff] [blame]
PayloadVerifier should not depend on DeltaPerformer to load payload.

The implementation in DeltaPerformer is designed for situation that payload
might only partially available, but in PayloadVerifier we already have the
whole payload. So I implemented LoadPayload in PayloadSigner which logic is
simpler and supports both version 1 and 2.

VerifySignedPayload is also moved to PayloadSigner since it's not used in
update engine daemon.
This patch also fixed wrong metadata size out in version 2 and misspelling
of metadata in WritePayload in PayloadFile.

Bug: 23981164
TEST=unit test added.

Change-Id: Id1917fc891dbf2075978a273d1a4ee3c4ecf0571

diff --git a/payload_generator/payload_signer.h b/payload_generator/payload_signer.h
index 11116a3..d702ccc 100644
--- a/payload_generator/payload_signer.h
+++ b/payload_generator/payload_signer.h

@@ -32,6 +32,31 @@
 
 class PayloadSigner {
  public:
+  // Reads the payload from the given |payload_path| into the |out_payload|
+  // vector. It also parses the manifest protobuf in the payload and returns it
+  // in |out_manifest| if not null, along with the major version of the payload
+  // in |out_major_version| if not null, the size of the entire metadata in
+  // |out_metadata_size| and the size of metadata signature in
+  // |out_metadata_signature_size| if not null.
+  static bool LoadPayload(const std::string& payload_path,
+                          brillo::Blob* out_payload,
+                          DeltaArchiveManifest* out_manifest,
+                          uint64_t* out_major_version,
+                          uint64_t* out_metadata_size,
+                          uint32_t* out_metadata_signature_size);
+
+  // Returns true if the payload in |payload_path| is signed and its hash can be
+  // verified using the public key in |public_key_path| with the signature
+  // of a given version in the signature blob. Returns false otherwise.
+  static bool VerifySignedPayload(const std::string& payload_path,
+                                  const std::string& public_key_path);
+
+  // Adds a dummy operation that points to a signature blob located at the
+  // specified offset/length.
+  static void AddSignatureOp(uint64_t signature_blob_offset,
+                             uint64_t signature_blob_length,
+                             DeltaArchiveManifest* manifest);
+
   // Given a raw |hash| and a private key in |private_key_path| calculates the
   // raw signature in |out_signature|. Returns true on success, false otherwise.
   static bool SignHash(const brillo::Blob& hash,