AU: Verify delta payload signature and signed hash. The signature and hash are verified only if the public key file exists. This means that currently this feature is desabled until we install a public key. BUG=5663 TEST=unit tests, applied a signed delta update on the server Change-Id: I5be72f7fde88400587f8aae0c7d5745c79fc4428 Review URL: http://codereview.chromium.org/3592008

commit: d7061ab058db55cb715617e8fa5f8e70ff4a5d67 [log] [tgz]
author: Darin Petkov <petkov@chromium.org> Wed Oct 06 14:37:09 2010 -0700
committer: Darin Petkov <petkov@chromium.org> Wed Oct 06 14:37:09 2010 -0700
tree: ff9080fda84ab5b6b34903eb5ade2d7463e50439
parent: cc92cd3b109b59b30ff8b5e6b410a1d2ca9c1774 [diff] [blame]
diff --git a/payload_signer.h b/payload_signer.h
index 781a513..59affd3 100644
--- a/payload_signer.h
+++ b/payload_signer.h

@@ -28,6 +28,12 @@
   static bool SignatureBlobLength(const std::string& private_key_path,
                                   uint64_t* out_length);
 
+  // Returns false if the payload signature can't be verified. Returns true
+  // otherwise and sets |out_hash| to the signed payload hash.
+  static bool VerifySignature(const std::vector<char>& signature_blob,
+                              const std::string& public_key_path,
+                              std::vector<char>* out_hash_data);
+
  private:
   // This should never be constructed
   DISALLOW_IMPLICIT_CONSTRUCTORS(PayloadSigner);
commit	d7061ab058db55cb715617e8fa5f8e70ff4a5d67	[log] [tgz]
author	Darin Petkov <petkov@chromium.org>	Wed Oct 06 14:37:09 2010 -0700
committer	Darin Petkov <petkov@chromium.org>	Wed Oct 06 14:37:09 2010 -0700
tree	ff9080fda84ab5b6b34903eb5ade2d7463e50439
parent	cc92cd3b109b59b30ff8b5e6b410a1d2ca9c1774 [diff] [blame]