AU: Switch from SHA-1 to SHA-256 hash.
For hashing of images, expect a new "sha256" attribute in Omaha's updatecheck
response.
BUG=6580
TEST=unit tests, gmerged on device and updated with upgraded dev server
Change-Id: I122e21cd7edc74695cb81b2eee5ce70f152f5270
Review URL: http://codereview.chromium.org/3419018
diff --git a/payload_signer.cc b/payload_signer.cc
index 2fa9616..5b0c267 100644
--- a/payload_signer.cc
+++ b/payload_signer.cc
@@ -30,7 +30,7 @@
TEST_AND_RETURN_FALSE(
utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_path, NULL));
ScopedPathUnlinker hash_path_unlinker(hash_path);
-
+
vector<char> hash_data;
{
vector<char> payload;
@@ -42,7 +42,7 @@
TEST_AND_RETURN_FALSE(utils::WriteFile(hash_path.c_str(),
&hash_data[0],
hash_data.size()));
-
+
// This runs on the server, so it's okay to cop out and call openssl
// executable rather than properly use the library
vector<string> cmd;
@@ -52,20 +52,20 @@
cmd[cmd.size() - 5] = private_key_path;
cmd[cmd.size() - 3] = hash_path;
cmd[cmd.size() - 1] = sig_path;
-
+
int return_code = 0;
TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &return_code));
TEST_AND_RETURN_FALSE(return_code == 0);
-
+
vector<char> signature;
TEST_AND_RETURN_FALSE(utils::ReadFile(sig_path, &signature));
-
+
// Pack it into a protobuf
Signatures out_message;
Signatures_Signature* sig_message = out_message.add_signatures();
sig_message->set_version(kSignatureMessageVersion);
sig_message->set_data(signature.data(), signature.size());
-
+
// Serialize protobuf
string serialized;
TEST_AND_RETURN_FALSE(out_message.AppendToString(&serialized));
@@ -79,7 +79,7 @@
const string& private_key_path,
uint64_t* out_length) {
DCHECK(out_length);
-
+
string x_path;
TEST_AND_RETURN_FALSE(
utils::MakeTempFile("/tmp/signed_data.XXXXXX", &x_path, NULL));