diff options
author | Tao Bao | 2016-04-22 18:49:53 -0500 |
---|---|---|
committer | android-build-merger | 2016-04-22 18:49:53 -0500 |
commit | 5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be (patch) | |
tree | c68cd4eae5e1ec9f9a87785593ff553a9dca0454 | |
parent | 17266d9a653d8b896dfe6d69826e28352d5932bd (diff) | |
parent | 34ca0892f4ae440becbe8097e7b68cd5a6d494d3 (diff) | |
download | platform-bootable-recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.tar.gz platform-bootable-recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.tar.xz platform-bootable-recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.zip |
Merge "recovery: Dump the signature in the zip package." into nyc-dev
am: 34ca089
* commit '34ca0892f4ae440becbe8097e7b68cd5a6d494d3':
recovery: Dump the signature in the zip package.
Change-Id: I22eb6256f3204f2eac80e729cd0cd5b862b45863
-rw-r--r-- | print_sha1.h | 6 | ||||
-rw-r--r-- | verifier.cpp | 17 |
2 files changed, 20 insertions, 3 deletions
diff --git a/print_sha1.h b/print_sha1.h index fa3d7e00..c7c1f365 100644 --- a/print_sha1.h +++ b/print_sha1.h | |||
@@ -22,7 +22,7 @@ | |||
22 | 22 | ||
23 | #include "openssl/sha.h" | 23 | #include "openssl/sha.h" |
24 | 24 | ||
25 | static std::string print_sha1(const uint8_t sha1[SHA_DIGEST_LENGTH], size_t len) { | 25 | static std::string print_sha1(const uint8_t* sha1, size_t len) { |
26 | const char* hex = "0123456789abcdef"; | 26 | const char* hex = "0123456789abcdef"; |
27 | std::string result = ""; | 27 | std::string result = ""; |
28 | for (size_t i = 0; i < len; ++i) { | 28 | for (size_t i = 0; i < len; ++i) { |
@@ -40,4 +40,8 @@ static std::string short_sha1(const uint8_t sha1[SHA_DIGEST_LENGTH]) { | |||
40 | return print_sha1(sha1, 4); | 40 | return print_sha1(sha1, 4); |
41 | } | 41 | } |
42 | 42 | ||
43 | static std::string print_hex(const uint8_t* bytes, size_t len) { | ||
44 | return print_sha1(bytes, len); | ||
45 | } | ||
46 | |||
43 | #endif // RECOVERY_PRINT_SHA1_H | 47 | #endif // RECOVERY_PRINT_SHA1_H |
diff --git a/verifier.cpp b/verifier.cpp index 52399056..996a1fdf 100644 --- a/verifier.cpp +++ b/verifier.cpp | |||
@@ -28,6 +28,7 @@ | |||
28 | 28 | ||
29 | #include "asn1_decoder.h" | 29 | #include "asn1_decoder.h" |
30 | #include "common.h" | 30 | #include "common.h" |
31 | #include "print_sha1.h" | ||
31 | #include "ui.h" | 32 | #include "ui.h" |
32 | #include "verifier.h" | 33 | #include "verifier.h" |
33 | 34 | ||
@@ -231,9 +232,14 @@ int verify_file(unsigned char* addr, size_t length, | |||
231 | uint8_t* sig_der = nullptr; | 232 | uint8_t* sig_der = nullptr; |
232 | size_t sig_der_length = 0; | 233 | size_t sig_der_length = 0; |
233 | 234 | ||
235 | uint8_t* signature = eocd + eocd_size - signature_start; | ||
234 | size_t signature_size = signature_start - FOOTER_SIZE; | 236 | size_t signature_size = signature_start - FOOTER_SIZE; |
235 | if (!read_pkcs7(eocd + eocd_size - signature_start, signature_size, &sig_der, | 237 | |
236 | &sig_der_length)) { | 238 | LOGI("signature (offset: 0x%zx, length: %zu): %s\n", |
239 | length - signature_start, signature_size, | ||
240 | print_hex(signature, signature_size).c_str()); | ||
241 | |||
242 | if (!read_pkcs7(signature, signature_size, &sig_der, &sig_der_length)) { | ||
237 | LOGE("Could not find signature DER block\n"); | 243 | LOGE("Could not find signature DER block\n"); |
238 | return VERIFY_FAILURE; | 244 | return VERIFY_FAILURE; |
239 | } | 245 | } |
@@ -288,6 +294,13 @@ int verify_file(unsigned char* addr, size_t length, | |||
288 | } | 294 | } |
289 | i++; | 295 | i++; |
290 | } | 296 | } |
297 | |||
298 | if (need_sha1) { | ||
299 | LOGI("SHA-1 digest: %s\n", print_hex(sha1, SHA_DIGEST_LENGTH).c_str()); | ||
300 | } | ||
301 | if (need_sha256) { | ||
302 | LOGI("SHA-256 digest: %s\n", print_hex(sha256, SHA256_DIGEST_LENGTH).c_str()); | ||
303 | } | ||
291 | free(sig_der); | 304 | free(sig_der); |
292 | LOGE("failed to verify whole-file signature\n"); | 305 | LOGE("failed to verify whole-file signature\n"); |
293 | return VERIFY_FAILURE; | 306 | return VERIFY_FAILURE; |