Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / 39910dcd1d68987ccee7c3031dc269233a8490bb / . / payload_consumer / payload_verifier.h
blob: 22ced40fd9b8078e08d02c43694468276cdaf69b [file] [log] [blame]
Alex Deymoaea4c1c2015-08-19 20:24:43 -0700[diff] [blame]1//
2// Copyright (C) 2014 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]16
Alex Deymo39910dc2015-11-09 17:04:30 -0800[diff] [blame^]17#ifndef UPDATE_ENGINE_PAYLOAD_CONSUMER_PAYLOAD_VERIFIER_H_
18#define UPDATE_ENGINE_PAYLOAD_CONSUMER_PAYLOAD_VERIFIER_H_
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]19
20#include <string>
21#include <vector>
22
Ben Chan05735a12014-09-03 07:48:22 -0700[diff] [blame]23#include <base/macros.h>
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]24#include <brillo/secure_blob.h>
Ben Chan05735a12014-09-03 07:48:22 -0700[diff] [blame]25
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]26#include "update_engine/update_metadata.pb.h"
27
28// This class encapsulates methods used for payload signature verification.
29// See payload_generator/payload_signer.h for payload signing.
30
31namespace chromeos_update_engine {
32
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]33class PayloadVerifier {
34 public:
Alex Deymob552a682015-09-30 09:36:49 -0700[diff] [blame]35 // Interprets |signature_blob| as a protocol buffer containing the Signatures
36 // message and decrypts each signature data using the |public_key_path|.
37 // Returns whether *any* of the decrypted hashes matches the |hash_data|.
38 // In case of any error parsing the signatures or the public key, returns
39 // false.
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]40 static bool VerifySignature(const brillo::Blob& signature_blob,
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]41 const std::string& public_key_path,
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]42 const brillo::Blob& hash_data);
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]43
44 // Decrypts sig_data with the given public_key_path and populates
45 // out_hash_data with the decoded raw hash. Returns true if successful,
46 // false otherwise.
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]47 static bool GetRawHashFromSignature(const brillo::Blob& sig_data,
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]48 const std::string& public_key_path,
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]49 brillo::Blob* out_hash_data);
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]50
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]51 // Pads a SHA256 hash so that it may be encrypted/signed with RSA2048
52 // using the PKCS#1 v1.5 scheme.
53 // hash should be a pointer to vector of exactly 256 bits. The vector
54 // will be modified in place and will result in having a length of
55 // 2048 bits. Returns true on success, false otherwise.
Alex Vakulenko3f39d5c2015-10-13 09:27:13 -0700[diff] [blame]56 static bool PadRSA2048SHA256Hash(brillo::Blob* hash);
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]57
Alex Deymo923d8fa2014-07-15 17:58:51 -0700[diff] [blame]58 private:
59 // This should never be constructed
60 DISALLOW_IMPLICIT_CONSTRUCTORS(PayloadVerifier);
61};
62
63} // namespace chromeos_update_engine
64
Alex Deymo39910dc2015-11-09 17:04:30 -0800[diff] [blame^]65#endif // UPDATE_ENGINE_PAYLOAD_CONSUMER_PAYLOAD_VERIFIER_H_