Blame - payload_signer.cc - android_system_update_engine

2010-08-20 11:25:54 -0700

[diff] [blame]

1

2

// Use of this source code is governed by a BSD-style license that can be

3

// found in the LICENSE file.

4

5

#include "update_engine/payload_signer.h"

6

Darin Petkov

2010-12-03 09:08:04 -0800

[diff] [blame]

7

#include <base/logging.h>

8

#include <base/string_util.h>

9

#include <openssl/pem.h>

10

Darin Petkov

2011-01-13 10:48:12 -0800

[diff] [blame^]

11

#include "update_engine/delta_diff_generator.h"

12

#include "update_engine/delta_performer.h"

Andrew de los Reyes

2010-08-23 18:14:09 -0700

[diff] [blame]

13

#include "update_engine/omaha_hash_calculator.h"

Andrew de los Reyes

2010-08-20 11:25:54 -0700

[diff] [blame]

14

#include "update_engine/subprocess.h"

15

#include "update_engine/update_metadata.pb.h"

16

#include "update_engine/utils.h"

using std::string;

using std::vector;

namespace chromeos_update_engine {

22

23

const uint32_t kSignatureMessageVersion = 1;

24

Darin Petkov

2011-01-13 10:48:12 -0800

[diff] [blame^]

25

namespace {

26

// Given a raw |signature|, packs it into a protobuf and serializes it into a

27

// binary blob. Returns true on success, false otherwise.

28

bool ConvertSignatureToProtobufBlob(const vector<char> signature,

29

vector<char>* out_signature_blob) {

30

// Pack it into a protobuf

31

Signatures out_message;

32

Signatures_Signature* sig_message = out_message.add_signatures();

33

sig_message->set_version(kSignatureMessageVersion);

34

sig_message->set_data(signature.data(), signature.size());

35

36

// Serialize protobuf

37

string serialized;

38

TEST_AND_RETURN_FALSE(out_message.AppendToString(&serialized));

39

out_signature_blob->insert(out_signature_blob->end(),

40

serialized.begin(),

41

serialized.end());

42

LOG(INFO) << "Signature blob size: " << out_signature_blob->size();

return true;

}

// Given an unsigned payload under |payload_path| and the |signature_blob_size|

47

// generates an updated payload that includes a dummy signature op in its

48

// manifest. Returns true on success, false otherwise.

49

bool AddSignatureOpToPayload(const std::string& payload_path,

50

int signature_blob_size,

51

vector<char>* out_payload) {

52

const int kProtobufOffset = 20;

53

const int kProtobufSizeOffset = 12;

54

55

vector<char> payload;

56

// Loads the payload and parses the manifest.

57

TEST_AND_RETURN_FALSE(utils::ReadFile(payload_path, &payload));

58

LOG(INFO) << "Original payload size: " << payload.size();

59

uint64_t metadata_size;

60

DeltaArchiveManifest manifest;

61

TEST_AND_RETURN_FALSE(DeltaPerformer::ParsePayloadMetadata(

62

payload, &manifest, &metadata_size) ==

63

DeltaPerformer::kMetadataParseSuccess);

64

LOG(INFO) << "Metadata size: " << metadata_size;

65

TEST_AND_RETURN_FALSE(!manifest.has_signatures_offset() &&

66

!manifest.has_signatures_size());

67

68

// Updates the manifest to include the signature operation.

69

DeltaDiffGenerator::AddSignatureOp(payload.size() - metadata_size,

signature_blob_size,

&manifest);

// Updates the payload to include the new manifest.

74

string serialized_manifest;

75

TEST_AND_RETURN_FALSE(manifest.AppendToString(&serialized_manifest));

76

LOG(INFO) << "Updated protobuf size: " << serialized_manifest.size();

77

payload.erase(payload.begin() + kProtobufOffset,

78

payload.begin() + metadata_size);

79

payload.insert(payload.begin() + kProtobufOffset,

80

serialized_manifest.begin(),

81

serialized_manifest.end());

82

83

// Updates the protobuf size.

84

uint64_t size_be = htobe64(serialized_manifest.size());

85

memcpy(&payload[kProtobufSizeOffset], &size_be, sizeof(size_be));

86

LOG(INFO) << "Updated payload size: " << payload.size();

87

out_payload->swap(payload);

return true;

}

} // namespace {}

bool PayloadSigner::SignHash(const vector<char>& hash,

93

const string& private_key_path,

94

vector<char>* out_signature) {

Andrew de los Reyes

2010-08-20 11:25:54 -0700

[diff] [blame]

95

string sig_path;

96

TEST_AND_RETURN_FALSE(

97

utils::MakeTempFile("/tmp/signature.XXXXXX", &sig_path, NULL));

98

ScopedPathUnlinker sig_path_unlinker(sig_path);

Andrew de los Reyes

2010-08-23 18:14:09 -0700

[diff] [blame]

99

100

string hash_path;

101

TEST_AND_RETURN_FALSE(

102

utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_path, NULL));

103

ScopedPathUnlinker hash_path_unlinker(hash_path);

Andrew de los Reyes

2010-08-23 18:14:09 -0700

[diff] [blame]

104

TEST_AND_RETURN_FALSE(utils::WriteFile(hash_path.c_str(),

Darin Petkov

2011-01-13 10:48:12 -0800

[diff] [blame^]

105

hash.data(),

106

hash.size()));

Darin Petkov

2010-09-29 10:02:29 -0700

[diff] [blame]

107

Andrew de los Reyes

2010-08-20 11:25:54 -0700

[diff] [blame]

108

// This runs on the server, so it's okay to cop out and call openssl

109

// executable rather than properly use the library

110

vector<string> cmd;

111

SplitString("/usr/bin/openssl rsautl -pkcs -sign -inkey x -in x -out x",

112

' ',

113

&cmd);

114

cmd[cmd.size() - 5] = private_key_path;

Andrew de los Reyes

2010-08-23 18:14:09 -0700

[diff] [blame]

115

cmd[cmd.size() - 3] = hash_path;

Andrew de los Reyes

2010-08-20 11:25:54 -0700

[diff] [blame]

116

cmd[cmd.size() - 1] = sig_path;

Darin Petkov

2010-09-29 10:02:29 -0700

[diff] [blame]

117

Andrew de los Reyes

2010-08-20 11:25:54 -0700

[diff] [blame]

118

int return_code = 0;

119

TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &return_code));

120

TEST_AND_RETURN_FALSE(return_code == 0);

Darin Petkov

2010-09-29 10:02:29 -0700

[diff] [blame]

121

Andrew de los Reyes

2010-08-20 11:25:54 -0700

[diff] [blame]

122

vector<char> signature;

123

TEST_AND_RETURN_FALSE(utils::ReadFile(sig_path, &signature));

Darin Petkov

2011-01-13 10:48:12 -0800

[diff] [blame^]

124

out_signature->swap(signature);

125

return true;

126

}

Darin Petkov

2010-09-29 10:02:29 -0700

[diff] [blame]

127

Darin Petkov

2011-01-13 10:48:12 -0800

[diff] [blame^]

128

bool PayloadSigner::SignPayload(const string& unsigned_payload_path,

129

const string& private_key_path,

130

vector<char>* out_signature_blob) {

131

vector<char> hash_data;

132

TEST_AND_RETURN_FALSE(OmahaHashCalculator::RawHashOfFile(

133

unsigned_payload_path, -1, &hash_data) ==

134

utils::FileSize(unsigned_payload_path));

Darin Petkov

2010-09-29 10:02:29 -0700

[diff] [blame]

135

Darin Petkov

2011-01-13 10:48:12 -0800

[diff] [blame^]

136

vector<char> signature;

137

TEST_AND_RETURN_FALSE(SignHash(hash_data, private_key_path, &signature));

138

TEST_AND_RETURN_FALSE(ConvertSignatureToProtobufBlob(signature,

139

out_signature_blob));

Andrew de los Reyes

2010-08-20 11:25:54 -0700

[diff] [blame]

return true;

}

bool PayloadSigner::SignatureBlobLength(

144

const string& private_key_path,

145

uint64_t* out_length) {

146

DCHECK(out_length);

Darin Petkov

2010-09-29 10:02:29 -0700

[diff] [blame]

147

Andrew de los Reyes

2010-08-20 11:25:54 -0700

[diff] [blame]

148

string x_path;

149

TEST_AND_RETURN_FALSE(

150

utils::MakeTempFile("/tmp/signed_data.XXXXXX", &x_path, NULL));

151

ScopedPathUnlinker x_path_unlinker(x_path);

152

TEST_AND_RETURN_FALSE(utils::WriteFile(x_path.c_str(), "x", 1));

153

154

vector<char> sig_blob;

155

TEST_AND_RETURN_FALSE(PayloadSigner::SignPayload(x_path,

156

private_key_path,

157

&sig_blob));

158

*out_length = sig_blob.size();

return true;

}

Darin Petkov

2010-10-06 14:37:09 -0700

[diff] [blame]

162

bool PayloadSigner::VerifySignature(const std::vector<char>& signature_blob,

163

const std::string& public_key_path,

164

std::vector<char>* out_hash_data) {

165

TEST_AND_RETURN_FALSE(!public_key_path.empty());

166

167

Signatures signatures;

168

TEST_AND_RETURN_FALSE(signatures.ParseFromArray(&signature_blob[0],

169

signature_blob.size()));

170

171

// Finds a signature that matches the current version.

172

int sig_index = 0;

173

for (; sig_index < signatures.signatures_size(); sig_index++) {

174

const Signatures_Signature& signature = signatures.signatures(sig_index);

175

if (signature.has_version() &&

176

signature.version() == kSignatureMessageVersion) {

break;

}

}

TEST_AND_RETURN_FALSE(sig_index < signatures.signatures_size());

181

182

const Signatures_Signature& signature = signatures.signatures(sig_index);

Darin Petkov

2010-12-03 09:08:04 -0800

[diff] [blame]

183

const string& sig_data = signature.data();

Darin Petkov

2010-10-06 14:37:09 -0700

[diff] [blame]

184

Darin Petkov

2010-12-03 09:08:04 -0800

[diff] [blame]

185

// The code below executes the equivalent of:

186

//

187

// openssl rsautl -verify -pubin -inkey |public_key_path|

188

// -in |sig_data| -out |out_hash_data|

Darin Petkov

2010-10-06 14:37:09 -0700

[diff] [blame]

189

Darin Petkov

2010-12-03 09:08:04 -0800

[diff] [blame]

190

// Loads the public key.

191

FILE* fpubkey = fopen(public_key_path.c_str(), "rb");

192

TEST_AND_RETURN_FALSE(fpubkey != NULL);

193

char dummy_password[] = { ' ', 0 }; // Ensure no password is read from stdin.

194

RSA* rsa = PEM_read_RSA_PUBKEY(fpubkey, NULL, NULL, dummy_password);

195

fclose(fpubkey);

196

TEST_AND_RETURN_FALSE(rsa != NULL);

197

unsigned int keysize = RSA_size(rsa);

198

if (sig_data.size() > 2 * keysize) {

199

LOG(ERROR) << "Signature size is too big for public key size.";

200

RSA_free(rsa);

201

return false;

202

}

Darin Petkov

2010-10-06 14:37:09 -0700

[diff] [blame]

203

Darin Petkov

2010-12-03 09:08:04 -0800

[diff] [blame]

204

// Decrypts the signature.

205

vector<char> hash_data(keysize);

206

int decrypt_size = RSA_public_decrypt(

207

sig_data.size(),

208

reinterpret_cast<const unsigned char*>(sig_data.data()),

209

reinterpret_cast<unsigned char*>(hash_data.data()),

rsa,

RSA_PKCS1_PADDING);

RSA_free(rsa);

TEST_AND_RETURN_FALSE(decrypt_size > 0 &&

214

decrypt_size <= static_cast<int>(hash_data.size()));

215

hash_data.resize(decrypt_size);

216

out_hash_data->swap(hash_data);

Darin Petkov