Support needed for generating metadata signature in paygen
The metadata is the first portion of a payload that contains the following:
1. magic string ("CrOS")
2. version number
3. length of the manifest protobuf
4. manifest protobuf itself
<payload blobs begin here>
<payload signature as the last blob>
Currently we have a manifest signature which protects only #4 above. In
this CL we're extending the scope of manifest signature to include the rest
of the metadata (1-4). The reason we need to do this is to protect the
version value in HTTP as we're going to use it in future to have the
flexibility to change the protobuf format of the manifest.
Besides this change, this CL also contains:
1. Renaming of manifest_size and manifest_signature to metadata_size and
metadata_signature respectively to reflect the above change and keep
consistent terminology throughout. Also it renames protobuf_offset and
protobuf_length to manifest_offset and manifest_size to increase the
contextual semantics of the protobuf.
2. Addition of a new command-line option --out_metadata_hash_file in
delta_generator so that au_generate can use it in a subsequent CL to get
the SHA256 hash of the payload metadata in order to get it signed with
the signer.
3. Reusing LoadPayload in unit tests to get rid of some hardcoding. Also
updated delta_performer to localize such hardcoded constants within that
class and not have callers worry about those values.
BUG=chromium-os:33603
TEST=Tested on ZGB. Reran existing unit tests.
Change-Id: Iace5aebe8f7d054a0fa3a224a588ef52d85f510b
Reviewed-on: https://gerrit.chromium.org/gerrit/33726
Commit-Ready: Jay Srinivasan <jaysri@chromium.org>
Reviewed-by: Jay Srinivasan <jaysri@chromium.org>
Tested-by: Jay Srinivasan <jaysri@chromium.org>
diff --git a/install_plan.h b/install_plan.h
index 67662b4..d277f66 100644
--- a/install_plan.h
+++ b/install_plan.h
@@ -20,29 +20,29 @@
const std::string& url,
uint64_t payload_size,
const std::string& payload_hash,
- uint64_t manifest_size,
- const std::string& manifest_signature,
+ uint64_t metadata_size,
+ const std::string& metadata_signature,
const std::string& install_path,
const std::string& kernel_install_path)
: is_resume(is_resume),
download_url(url),
payload_size(payload_size),
payload_hash(payload_hash),
- manifest_size(manifest_size),
- manifest_signature(manifest_signature),
+ metadata_size(metadata_size),
+ metadata_signature(metadata_signature),
install_path(install_path),
kernel_install_path(kernel_install_path),
kernel_size(0),
rootfs_size(0) {}
- InstallPlan() : is_resume(false), payload_size(0), manifest_size(0) {}
+ InstallPlan() : is_resume(false), payload_size(0), metadata_size(0) {}
bool is_resume;
std::string download_url; // url to download from
uint64_t payload_size; // size of the payload
std::string payload_hash ; // SHA256 hash of the payload
- uint64_t manifest_size; // size of the manifest
- std::string manifest_signature; // signature of the manifest
+ uint64_t metadata_size; // size of the metadata
+ std::string metadata_signature; // signature of the metadata
std::string install_path; // path to install device
std::string kernel_install_path; // path to kernel install device
@@ -67,8 +67,8 @@
(download_url == that.download_url) &&
(payload_size == that.payload_size) &&
(payload_hash == that.payload_hash) &&
- (manifest_size == that.manifest_size) &&
- (manifest_signature == that.manifest_signature) &&
+ (metadata_size == that.metadata_size) &&
+ (metadata_signature == that.metadata_signature) &&
(install_path == that.install_path) &&
(kernel_install_path == that.kernel_install_path));
}
@@ -81,8 +81,8 @@
<< ", url: " << download_url
<< ", payload size: " << payload_size
<< ", payload hash: " << payload_hash
- << ", manifest size: " << manifest_size
- << ", manifest signature: " << manifest_signature
+ << ", metadata size: " << metadata_size
+ << ", metadata signature: " << metadata_signature
<< ", install_path: " << install_path
<< ", kernel_install_path: " << kernel_install_path;
}