Support for signing with multiple signature files, key sizes.
If we do a key-rotation in the future, we'll want to sign updates with
two keys. This CL changes the delta generator in a
backwards-compatible way to take multiple key lengths and signature
files: On a command line where one could be given before, now multiple
may be given by colon-delimiting them.
Also, adds two unittests to show that old and new clients can
successfully verify a payload when it's signed by old and new keys.
BUG=chromium-os:19873
TEST=unittests; tested on device
Change-Id: I2063095773a5c71c32704c30b12d6eab2a5f3b80
Reviewed-on: http://gerrit.chromium.org/gerrit/6999
Reviewed-by: Andrew de los Reyes <adlr@chromium.org>
Tested-by: Andrew de los Reyes <adlr@chromium.org>
diff --git a/delta_diff_generator.cc b/delta_diff_generator.cc
index 5c5b2ef..1c962f1 100644
--- a/delta_diff_generator.cc
+++ b/delta_diff_generator.cc
@@ -1460,7 +1460,7 @@
if (!private_key_path.empty()) {
uint64_t signature_blob_length = 0;
TEST_AND_RETURN_FALSE(
- PayloadSigner::SignatureBlobLength(private_key_path,
+ PayloadSigner::SignatureBlobLength(vector<string>(1, private_key_path),
&signature_blob_length));
AddSignatureOp(next_blob_offset, signature_blob_length, &manifest);
}
@@ -1523,9 +1523,10 @@
if (!private_key_path.empty()) {
LOG(INFO) << "Signing the update...";
vector<char> signature_blob;
- TEST_AND_RETURN_FALSE(PayloadSigner::SignPayload(output_path,
- private_key_path,
- &signature_blob));
+ TEST_AND_RETURN_FALSE(PayloadSigner::SignPayload(
+ output_path,
+ vector<string>(1, private_key_path),
+ &signature_blob));
TEST_AND_RETURN_FALSE(writer.Write(&signature_blob[0],
signature_blob.size()) ==
static_cast<ssize_t>(signature_blob.size()));