Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / 82352f97b4621dbf6af8308ff0b0b17b0968b53a / . / payload_generator / payload_signer.cc
blob: f1242e1b3eb9f0112d48b897da919bba93633bb5 [file] [log] [blame]
Alex Deymoaea4c1c2015-08-19 20:24:43 -0700[diff] [blame]1//
2// Copyright (C) 2011 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]16
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]17#include "update_engine/payload_generator/payload_signer.h"
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]18
Alex Deymo6f20dd42015-08-18 16:42:46 -0700[diff] [blame]19#include <endian.h>
20
Darin Petkovb039d502010-12-03 09:08:04 -0800[diff] [blame]21#include <base/logging.h>
Alex Vakulenko75039d72014-03-25 12:36:28 -0700[diff] [blame]22#include <base/strings/string_split.h>
23#include <base/strings/string_util.h>
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]24#include <brillo/data_encoding.h>
Darin Petkovb039d502010-12-03 09:08:04 -0800[diff] [blame]25#include <openssl/pem.h>
26
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]27#include "update_engine/delta_performer.h"
Andrew de los Reyes932bc4c2010-08-23 18:14:09 -0700[diff] [blame]28#include "update_engine/omaha_hash_calculator.h"
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]29#include "update_engine/payload_constants.h"
30#include "update_engine/payload_generator/delta_diff_generator.h"
Alex Deymo14158572015-06-13 03:37:08 -0700[diff] [blame]31#include "update_engine/payload_generator/payload_file.h"
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]32#include "update_engine/payload_verifier.h"
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]33#include "update_engine/subprocess.h"
34#include "update_engine/update_metadata.pb.h"
35#include "update_engine/utils.h"
36
37using std::string;
38using std::vector;
39
40namespace chromeos_update_engine {
41
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]42namespace {
Andrew de los Reyesbdfaaf02011-03-30 10:35:12 -0700[diff] [blame]43
Alex Deymob552a682015-09-30 09:36:49 -0700[diff] [blame]44// The payload verifier will check all the signatures included in the payload
45// regardless of the version field. Old version of the verifier require the
46// version field to be included and be 1.
47const uint32_t kSignatureMessageLegacyVersion = 1;
48
Andrew de los Reyesc24e3f32011-08-30 15:45:20 -0700[diff] [blame]49// Given raw |signatures|, packs them into a protobuf and serializes it into a
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]50// binary blob. Returns true on success, false otherwise.
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]51bool ConvertSignatureToProtobufBlob(const vector<brillo::Blob>& signatures,
52 brillo::Blob* out_signature_blob) {
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]53 // Pack it into a protobuf
54 Signatures out_message;
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]55 for (const brillo::Blob& signature : signatures) {
Andrew de los Reyesc24e3f32011-08-30 15:45:20 -0700[diff] [blame]56 Signatures_Signature* sig_message = out_message.add_signatures();
Alex Deymob552a682015-09-30 09:36:49 -0700[diff] [blame]57 // Set all the signatures with the same version number.
58 sig_message->set_version(kSignatureMessageLegacyVersion);
Andrew de los Reyesc24e3f32011-08-30 15:45:20 -0700[diff] [blame]59 sig_message->set_data(signature.data(), signature.size());
60 }
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]61
62 // Serialize protobuf
63 string serialized;
64 TEST_AND_RETURN_FALSE(out_message.AppendToString(&serialized));
65 out_signature_blob->insert(out_signature_blob->end(),
66 serialized.begin(),
67 serialized.end());
68 LOG(INFO) << "Signature blob size: " << out_signature_blob->size();
69 return true;
70}
71
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]72// Given an unsigned payload under |payload_path| and the |signature_blob| and
73// |metadata_signature_blob| generates an updated payload that includes the
74// signatures. It populates |out_metadata_size| with the size of the final
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]75// manifest after adding the dummy signature operation, and
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]76// |out_signatures_offset| with the expected offset for the new blob, and
77// |out_metadata_signature_size| which will be size of |metadata_signature_blob|
78// if the payload major version supports metadata signature, 0 otherwise.
79// Returns true on success, false otherwise.
80bool AddSignatureBlobToPayload(const string& payload_path,
81 const brillo::Blob& signature_blob,
82 const brillo::Blob& metadata_signature_blob,
83 brillo::Blob* out_payload,
84 uint64_t* out_metadata_size,
85 uint32_t* out_metadata_signature_size,
86 uint64_t* out_signatures_offset) {
87 uint64_t manifest_offset = 20;
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]88 const int kProtobufSizeOffset = 12;
89
Darin Petkovadb3cef2011-01-13 16:16:08 -0800[diff] [blame]90 // Loads the payload.
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]91 brillo::Blob payload;
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]92 DeltaArchiveManifest manifest;
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]93 uint64_t metadata_size, major_version;
94 uint32_t metadata_signature_size;
95 TEST_AND_RETURN_FALSE(PayloadSigner::LoadPayload(payload_path, &payload,
96 &manifest, &major_version, &metadata_size, &metadata_signature_size));
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]97
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]98 if (major_version == kBrilloMajorPayloadVersion) {
99 // Write metadata signature size in header.
100 uint32_t metadata_signature_size_be =
101 htobe32(metadata_signature_blob.size());
102 memcpy(payload.data() + manifest_offset, &metadata_signature_size_be,
103 sizeof(metadata_signature_size_be));
104 manifest_offset += sizeof(metadata_signature_size_be);
105 // Replace metadata signature.
106 payload.erase(payload.begin() + metadata_size,
107 payload.begin() + metadata_size + metadata_signature_size);
108 payload.insert(payload.begin() + metadata_size,
109 metadata_signature_blob.begin(),
110 metadata_signature_blob.end());
111 metadata_signature_size = metadata_signature_blob.size();
112 LOG(INFO) << "Metadata signature size: " << metadata_signature_size;
113 }
114
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]115 // Is there already a signature op in place?
116 if (manifest.has_signatures_size()) {
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]117 // The signature op is tied to the size of the signature blob, but not it's
118 // contents. We don't allow the manifest to change if there is already an op
119 // present, because that might invalidate previously generated
120 // hashes/signatures.
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]121 if (manifest.signatures_size() != signature_blob.size()) {
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]122 LOG(ERROR) << "Attempt to insert different signature sized blob. "
123 << "(current:" << manifest.signatures_size()
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]124 << "new:" << signature_blob.size() << ")";
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]125 return false;
126 }
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]127
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]128 LOG(INFO) << "Matching signature sizes already present.";
129 } else {
130 // Updates the manifest to include the signature operation.
Sen Jiang3e728fe2015-11-05 11:37:23 -0800[diff] [blame]131 PayloadSigner::AddSignatureToManifest(
132 payload.size() - metadata_size - metadata_signature_size,
133 signature_blob.size(),
134 major_version == kChromeOSMajorPayloadVersion,
135 &manifest);
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]136
137 // Updates the payload to include the new manifest.
138 string serialized_manifest;
139 TEST_AND_RETURN_FALSE(manifest.AppendToString(&serialized_manifest));
140 LOG(INFO) << "Updated protobuf size: " << serialized_manifest.size();
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]141 payload.erase(payload.begin() + manifest_offset,
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]142 payload.begin() + metadata_size);
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]143 payload.insert(payload.begin() + manifest_offset,
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]144 serialized_manifest.begin(),
145 serialized_manifest.end());
146
147 // Updates the protobuf size.
148 uint64_t size_be = htobe64(serialized_manifest.size());
149 memcpy(&payload[kProtobufSizeOffset], &size_be, sizeof(size_be));
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]150 metadata_size = serialized_manifest.size() + manifest_offset;
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]151
152 LOG(INFO) << "Updated payload size: " << payload.size();
153 LOG(INFO) << "Updated metadata size: " << metadata_size;
154 }
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]155 uint64_t signatures_offset = metadata_size + metadata_signature_size +
156 manifest.signatures_offset();
157 LOG(INFO) << "Signature Blob Offset: " << signatures_offset;
158 payload.resize(signatures_offset);
159 payload.insert(payload.begin() + signatures_offset,
160 signature_blob.begin(),
161 signature_blob.end());
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]162
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]163 *out_payload = std::move(payload);
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]164 *out_metadata_size = metadata_size;
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]165 *out_metadata_signature_size = metadata_signature_size;
166 *out_signatures_offset = signatures_offset;
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]167 return true;
168}
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]169
170// Given a |payload| with correct signature op and metadata signature size in
171// header and |metadata_size|, |metadata_signature_size|, |signatures_offset|,
172// calculate hash for payload and metadata, save it to |out_hash_data| and
173// |out_metadata_hash|.
174bool CalculateHashFromPayload(const brillo::Blob& payload,
175 const uint64_t metadata_size,
176 const uint32_t metadata_signature_size,
177 const uint64_t signatures_offset,
178 brillo::Blob* out_hash_data,
179 brillo::Blob* out_metadata_hash) {
180 if (out_metadata_hash) {
181 // Calculates the hash on the manifest.
182 TEST_AND_RETURN_FALSE(
183 OmahaHashCalculator::RawHashOfBytes(payload.data(), metadata_size,
184 out_metadata_hash));
185 }
186 if (out_hash_data) {
187 // Calculates the hash on the updated payload. Note that we skip metadata
188 // signature and payload signature.
189 OmahaHashCalculator calc;
190 TEST_AND_RETURN_FALSE(calc.Update(payload.data(), metadata_size));
191 TEST_AND_RETURN_FALSE(calc.Update(
192 payload.data() + metadata_size + metadata_signature_size,
193 signatures_offset - metadata_size - metadata_signature_size));
194 TEST_AND_RETURN_FALSE(calc.Finalize());
195 *out_hash_data = calc.raw_hash();
196 }
197 return true;
198}
199
Alex Vakulenkod2779df2014-06-16 13:19:00 -0700[diff] [blame]200} // namespace
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]201
Sen Jiang3e728fe2015-11-05 11:37:23 -0800[diff] [blame]202void PayloadSigner::AddSignatureToManifest(uint64_t signature_blob_offset,
203 uint64_t signature_blob_length,
204 bool add_dummy_op,
205 DeltaArchiveManifest* manifest) {
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]206 LOG(INFO) << "Making room for signature in file";
207 manifest->set_signatures_offset(signature_blob_offset);
208 LOG(INFO) << "set? " << manifest->has_signatures_offset();
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]209 manifest->set_signatures_offset(signature_blob_offset);
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]210 manifest->set_signatures_size(signature_blob_length);
Sen Jiang3e728fe2015-11-05 11:37:23 -0800[diff] [blame]211 // Add a dummy op at the end to appease older clients
212 if (add_dummy_op) {
213 InstallOperation* dummy_op = manifest->add_kernel_install_operations();
214 dummy_op->set_type(InstallOperation::REPLACE);
215 dummy_op->set_data_offset(signature_blob_offset);
216 dummy_op->set_data_length(signature_blob_length);
217 Extent* dummy_extent = dummy_op->add_dst_extents();
218 // Tell the dummy op to write this data to a big sparse hole
219 dummy_extent->set_start_block(kSparseHole);
220 dummy_extent->set_num_blocks((signature_blob_length + kBlockSize - 1) /
221 kBlockSize);
222 }
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]223}
224
225bool PayloadSigner::LoadPayload(const std::string& payload_path,
226 brillo::Blob* out_payload,
227 DeltaArchiveManifest* out_manifest,
228 uint64_t* out_major_version,
229 uint64_t* out_metadata_size,
230 uint32_t* out_metadata_signature_size) {
231 brillo::Blob payload;
232 TEST_AND_RETURN_FALSE(utils::ReadFile(payload_path, &payload));
233 TEST_AND_RETURN_FALSE(payload.size() >=
234 DeltaPerformer::kMaxPayloadHeaderSize);
235 const uint8_t* read_pointer = payload.data();
236 TEST_AND_RETURN_FALSE(
237 memcmp(read_pointer, kDeltaMagic, sizeof(kDeltaMagic)) == 0);
238 read_pointer += sizeof(kDeltaMagic);
239
240 uint64_t major_version;
241 memcpy(&major_version, read_pointer, sizeof(major_version));
242 read_pointer += sizeof(major_version);
243 major_version = be64toh(major_version);
244 TEST_AND_RETURN_FALSE(major_version == kChromeOSMajorPayloadVersion ||
245 major_version == kBrilloMajorPayloadVersion);
246 if (out_major_version)
247 *out_major_version = major_version;
248
249 uint64_t manifest_size = 0;
250 memcpy(&manifest_size, read_pointer, sizeof(manifest_size));
251 read_pointer += sizeof(manifest_size);
252 manifest_size = be64toh(manifest_size);
253
254 uint32_t metadata_signature_size = 0;
255 if (major_version == kBrilloMajorPayloadVersion) {
256 memcpy(&metadata_signature_size, read_pointer,
257 sizeof(metadata_signature_size));
258 read_pointer += sizeof(metadata_signature_size);
259 metadata_signature_size = be32toh(metadata_signature_size);
260 }
261 if (out_metadata_signature_size)
262 *out_metadata_signature_size = metadata_signature_size;
263
264 *out_metadata_size = read_pointer - payload.data() + manifest_size;
265 TEST_AND_RETURN_FALSE(payload.size() >= *out_metadata_size);
266 if (out_manifest)
267 TEST_AND_RETURN_FALSE(
268 out_manifest->ParseFromArray(read_pointer, manifest_size));
269 *out_payload = std::move(payload);
270 return true;
271}
272
273bool PayloadSigner::VerifySignedPayload(const string& payload_path,
274 const string& public_key_path) {
275 brillo::Blob payload;
276 DeltaArchiveManifest manifest;
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]277 uint64_t metadata_size;
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]278 uint32_t metadata_signature_size;
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]279 TEST_AND_RETURN_FALSE(LoadPayload(payload_path, &payload, &manifest, nullptr,
280 &metadata_size, &metadata_signature_size));
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]281 TEST_AND_RETURN_FALSE(manifest.has_signatures_offset() &&
282 manifest.has_signatures_size());
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]283 uint64_t signatures_offset = metadata_size + metadata_signature_size +
284 manifest.signatures_offset();
285 CHECK_EQ(payload.size(), signatures_offset + manifest.signatures_size());
286 brillo::Blob payload_hash, metadata_hash;
287 TEST_AND_RETURN_FALSE(CalculateHashFromPayload(payload,
288 metadata_size,
289 metadata_signature_size,
290 signatures_offset,
291 &payload_hash,
292 &metadata_hash));
293 brillo::Blob signature_blob(payload.begin() + signatures_offset,
294 payload.end());
295 TEST_AND_RETURN_FALSE(PayloadVerifier::PadRSA2048SHA256Hash(&payload_hash));
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]296 TEST_AND_RETURN_FALSE(PayloadVerifier::VerifySignature(
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]297 signature_blob, public_key_path, payload_hash));
298 if (metadata_signature_size) {
299 signature_blob.assign(payload.begin() + metadata_size,
300 payload.begin() + metadata_size +
301 metadata_signature_size);
302 TEST_AND_RETURN_FALSE(
303 PayloadVerifier::PadRSA2048SHA256Hash(&metadata_hash));
304 TEST_AND_RETURN_FALSE(PayloadVerifier::VerifySignature(
305 signature_blob, public_key_path, metadata_hash));
306 }
Sen Jiangaef1c6f2015-10-07 10:05:32 -0700[diff] [blame]307 return true;
308}
309
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]310bool PayloadSigner::SignHash(const brillo::Blob& hash,
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]311 const string& private_key_path,
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]312 brillo::Blob* out_signature) {
Jay Srinivasan51dcf262012-09-13 17:24:32 -0700[diff] [blame]313 LOG(INFO) << "Signing hash with private key: " << private_key_path;
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]314 string sig_path;
315 TEST_AND_RETURN_FALSE(
Alex Vakulenko88b591f2014-08-28 16:48:57 -0700[diff] [blame]316 utils::MakeTempFile("signature.XXXXXX", &sig_path, nullptr));
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]317 ScopedPathUnlinker sig_path_unlinker(sig_path);
Andrew de los Reyes932bc4c2010-08-23 18:14:09 -0700[diff] [blame]318
319 string hash_path;
320 TEST_AND_RETURN_FALSE(
Alex Vakulenko88b591f2014-08-28 16:48:57 -0700[diff] [blame]321 utils::MakeTempFile("hash.XXXXXX", &hash_path, nullptr));
Andrew de los Reyes932bc4c2010-08-23 18:14:09 -0700[diff] [blame]322 ScopedPathUnlinker hash_path_unlinker(hash_path);
Andrew de los Reyesbdfaaf02011-03-30 10:35:12 -0700[diff] [blame]323 // We expect unpadded SHA256 hash coming in
324 TEST_AND_RETURN_FALSE(hash.size() == 32);
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]325 brillo::Blob padded_hash(hash);
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]326 PayloadVerifier::PadRSA2048SHA256Hash(&padded_hash);
Andrew de los Reyes932bc4c2010-08-23 18:14:09 -0700[diff] [blame]327 TEST_AND_RETURN_FALSE(utils::WriteFile(hash_path.c_str(),
Andrew de los Reyesbdfaaf02011-03-30 10:35:12 -0700[diff] [blame]328 padded_hash.data(),
329 padded_hash.size()));
Darin Petkovd22cb292010-09-29 10:02:29 -0700[diff] [blame]330
Alex Deymob552a682015-09-30 09:36:49 -0700[diff] [blame]331 // This runs on the server, so it's okay to copy out and call openssl
332 // executable rather than properly use the library.
333 vector<string> cmd = {"openssl", "rsautl", "-raw", "-sign", "-inkey",
334 private_key_path, "-in", hash_path, "-out", sig_path};
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]335 int return_code = 0;
Alex Vakulenko88b591f2014-08-28 16:48:57 -0700[diff] [blame]336 TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &return_code,
337 nullptr));
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]338 TEST_AND_RETURN_FALSE(return_code == 0);
Darin Petkovd22cb292010-09-29 10:02:29 -0700[diff] [blame]339
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]340 brillo::Blob signature;
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]341 TEST_AND_RETURN_FALSE(utils::ReadFile(sig_path, &signature));
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]342 out_signature->swap(signature);
343 return true;
344}
Darin Petkovd22cb292010-09-29 10:02:29 -0700[diff] [blame]345
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]346bool PayloadSigner::SignHashWithKeys(const brillo::Blob& hash_data,
347 const vector<string>& private_key_paths,
348 brillo::Blob* out_signature_blob) {
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]349 vector<brillo::Blob> signatures;
Alex Deymo020600d2014-11-05 21:05:55 -0800[diff] [blame]350 for (const string& path : private_key_paths) {
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]351 brillo::Blob signature;
Alex Deymo020600d2014-11-05 21:05:55 -0800[diff] [blame]352 TEST_AND_RETURN_FALSE(SignHash(hash_data, path, &signature));
Andrew de los Reyesc24e3f32011-08-30 15:45:20 -0700[diff] [blame]353 signatures.push_back(signature);
354 }
355 TEST_AND_RETURN_FALSE(ConvertSignatureToProtobufBlob(signatures,
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]356 out_signature_blob));
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]357 return true;
358}
359
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]360bool PayloadSigner::SignPayload(const string& unsigned_payload_path,
361 const vector<string>& private_key_paths,
362 const uint64_t metadata_size,
363 const uint32_t metadata_signature_size,
364 const uint64_t signatures_offset,
365 brillo::Blob* out_signature_blob) {
366 brillo::Blob payload;
367 TEST_AND_RETURN_FALSE(utils::ReadFile(unsigned_payload_path, &payload));
368 brillo::Blob hash_data;
369 TEST_AND_RETURN_FALSE(CalculateHashFromPayload(payload,
370 metadata_size,
371 metadata_signature_size,
372 signatures_offset,
373 &hash_data,
374 nullptr));
375 TEST_AND_RETURN_FALSE(SignHashWithKeys(hash_data,
376 private_key_paths,
377 out_signature_blob));
378 return true;
379}
380
Andrew de los Reyesc24e3f32011-08-30 15:45:20 -0700[diff] [blame]381bool PayloadSigner::SignatureBlobLength(const vector<string>& private_key_paths,
382 uint64_t* out_length) {
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]383 DCHECK(out_length);
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]384 brillo::Blob x_blob(1, 'x'), hash_blob, sig_blob;
385 TEST_AND_RETURN_FALSE(OmahaHashCalculator::RawHashOfBytes(x_blob.data(),
386 x_blob.size(),
387 &hash_blob));
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]388 TEST_AND_RETURN_FALSE(
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]389 SignHashWithKeys(hash_blob, private_key_paths, &sig_blob));
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]390 *out_length = sig_blob.size();
391 return true;
392}
393
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]394bool PayloadSigner::HashPayloadForSigning(const string& payload_path,
395 const vector<int>& signature_sizes,
396 brillo::Blob* out_payload_hash_data,
397 brillo::Blob* out_metadata_hash) {
398 // Create a signature blob with signatures filled with 0.
399 // Will be used for both payload signature and metadata signature.
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]400 vector<brillo::Blob> signatures;
Alex Deymo020600d2014-11-05 21:05:55 -0800[diff] [blame]401 for (int signature_size : signature_sizes) {
402 signatures.emplace_back(signature_size, 0);
Andrew de los Reyesc24e3f32011-08-30 15:45:20 -0700[diff] [blame]403 }
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]404 brillo::Blob signature_blob;
Andrew de los Reyesc24e3f32011-08-30 15:45:20 -0700[diff] [blame]405 TEST_AND_RETURN_FALSE(ConvertSignatureToProtobufBlob(signatures,
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]406 &signature_blob));
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]407
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]408 brillo::Blob payload;
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]409 uint64_t metadata_size, signatures_offset;
410 uint32_t metadata_signature_size;
411 // Prepare payload for hashing.
412 TEST_AND_RETURN_FALSE(AddSignatureBlobToPayload(payload_path,
413 signature_blob,
414 signature_blob,
415 &payload,
416 &metadata_size,
417 &metadata_signature_size,
418 &signatures_offset));
419 TEST_AND_RETURN_FALSE(CalculateHashFromPayload(payload,
420 metadata_size,
421 metadata_signature_size,
422 signatures_offset,
423 out_payload_hash_data,
424 out_metadata_hash));
Jay Srinivasanf4318702012-09-24 11:56:24 -0700[diff] [blame]425 return true;
426}
427
Andrew de los Reyesc24e3f32011-08-30 15:45:20 -0700[diff] [blame]428bool PayloadSigner::AddSignatureToPayload(
429 const string& payload_path,
Sen Jiang644f6182015-10-06 16:45:57 -0700[diff] [blame]430 const vector<brillo::Blob>& payload_signatures,
431 const vector<brillo::Blob>& metadata_signatures,
Jay Srinivasan738fdf32012-12-07 17:40:54 -0800[diff] [blame]432 const string& signed_payload_path,
433 uint64_t *out_metadata_size) {
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]434 // TODO(petkov): Reduce memory usage -- the payload is manipulated in memory.
435
436 // Loads the payload and adds the signature op to it.
Sen Jiang644f6182015-10-06 16:45:57 -0700[diff] [blame]437 brillo::Blob signature_blob, metadata_signature_blob;
438 TEST_AND_RETURN_FALSE(ConvertSignatureToProtobufBlob(payload_signatures,
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]439 &signature_blob));
Sen Jiang644f6182015-10-06 16:45:57 -0700[diff] [blame]440 if (!metadata_signatures.empty()) {
441 TEST_AND_RETURN_FALSE(
442 ConvertSignatureToProtobufBlob(metadata_signatures,
443 &metadata_signature_blob));
444 }
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]445 brillo::Blob payload;
Don Garrett2ae37872013-10-25 13:33:20 -0700[diff] [blame]446 uint64_t signatures_offset;
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]447 uint32_t metadata_signature_size;
448 TEST_AND_RETURN_FALSE(AddSignatureBlobToPayload(payload_path,
449 signature_blob,
Sen Jiang644f6182015-10-06 16:45:57 -0700[diff] [blame]450 metadata_signature_blob,
Sen Jiang720df3e2015-10-01 13:10:44 -0700[diff] [blame]451 &payload,
452 out_metadata_size,
453 &metadata_signature_size,
454 &signatures_offset));
455
Darin Petkov9574f7e2011-01-13 10:48:12 -0800[diff] [blame]456 LOG(INFO) << "Signed payload size: " << payload.size();
457 TEST_AND_RETURN_FALSE(utils::WriteFile(signed_payload_path.c_str(),
458 payload.data(),
459 payload.size()));
460 return true;
461}
462
Alex Vakulenkof68bbbc2015-02-09 12:53:18 -0800[diff] [blame]463bool PayloadSigner::GetMetadataSignature(const void* const metadata,
Jay Srinivasanf4318702012-09-24 11:56:24 -0700[diff] [blame]464 size_t metadata_size,
Jay Srinivasan51dcf262012-09-13 17:24:32 -0700[diff] [blame]465 const string& private_key_path,
466 string* out_signature) {
467 // Calculates the hash on the updated payload. Note that the payload includes
468 // the signature op but doesn't include the signature blob at the end.
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]469 brillo::Blob metadata_hash;
Jay Srinivasanf4318702012-09-24 11:56:24 -0700[diff] [blame]470 TEST_AND_RETURN_FALSE(OmahaHashCalculator::RawHashOfBytes(metadata,
471 metadata_size,
472 &metadata_hash));
Jay Srinivasan51dcf262012-09-13 17:24:32 -0700[diff] [blame]473
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]474 brillo::Blob signature;
Jay Srinivasanf4318702012-09-24 11:56:24 -0700[diff] [blame]475 TEST_AND_RETURN_FALSE(SignHash(metadata_hash,
Jay Srinivasan51dcf262012-09-13 17:24:32 -0700[diff] [blame]476 private_key_path,
477 &signature));
478
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]479 *out_signature = brillo::data_encoding::Base64Encode(signature);
Jay Srinivasan51dcf262012-09-13 17:24:32 -0700[diff] [blame]480 return true;
481}
482
483
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700[diff] [blame]484} // namespace chromeos_update_engine