aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTao Bao2016-04-22 18:49:53 -0500
committerandroid-build-merger2016-04-22 18:49:53 -0500
commit5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be (patch)
treec68cd4eae5e1ec9f9a87785593ff553a9dca0454
parent17266d9a653d8b896dfe6d69826e28352d5932bd (diff)
parent34ca0892f4ae440becbe8097e7b68cd5a6d494d3 (diff)
downloadplatform-bootable-recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.tar.gz
platform-bootable-recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.tar.xz
platform-bootable-recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.zip
Merge "recovery: Dump the signature in the zip package." into nyc-dev
am: 34ca089 * commit '34ca0892f4ae440becbe8097e7b68cd5a6d494d3': recovery: Dump the signature in the zip package. Change-Id: I22eb6256f3204f2eac80e729cd0cd5b862b45863
-rw-r--r--print_sha1.h6
-rw-r--r--verifier.cpp17
2 files changed, 20 insertions, 3 deletions
diff --git a/print_sha1.h b/print_sha1.h
index fa3d7e00..c7c1f365 100644
--- a/print_sha1.h
+++ b/print_sha1.h
@@ -22,7 +22,7 @@
22 22
23#include "openssl/sha.h" 23#include "openssl/sha.h"
24 24
25static std::string print_sha1(const uint8_t sha1[SHA_DIGEST_LENGTH], size_t len) { 25static std::string print_sha1(const uint8_t* sha1, size_t len) {
26 const char* hex = "0123456789abcdef"; 26 const char* hex = "0123456789abcdef";
27 std::string result = ""; 27 std::string result = "";
28 for (size_t i = 0; i < len; ++i) { 28 for (size_t i = 0; i < len; ++i) {
@@ -40,4 +40,8 @@ static std::string short_sha1(const uint8_t sha1[SHA_DIGEST_LENGTH]) {
40 return print_sha1(sha1, 4); 40 return print_sha1(sha1, 4);
41} 41}
42 42
43static std::string print_hex(const uint8_t* bytes, size_t len) {
44 return print_sha1(bytes, len);
45}
46
43#endif // RECOVERY_PRINT_SHA1_H 47#endif // RECOVERY_PRINT_SHA1_H
diff --git a/verifier.cpp b/verifier.cpp
index 52399056..996a1fdf 100644
--- a/verifier.cpp
+++ b/verifier.cpp
@@ -28,6 +28,7 @@
28 28
29#include "asn1_decoder.h" 29#include "asn1_decoder.h"
30#include "common.h" 30#include "common.h"
31#include "print_sha1.h"
31#include "ui.h" 32#include "ui.h"
32#include "verifier.h" 33#include "verifier.h"
33 34
@@ -231,9 +232,14 @@ int verify_file(unsigned char* addr, size_t length,
231 uint8_t* sig_der = nullptr; 232 uint8_t* sig_der = nullptr;
232 size_t sig_der_length = 0; 233 size_t sig_der_length = 0;
233 234
235 uint8_t* signature = eocd + eocd_size - signature_start;
234 size_t signature_size = signature_start - FOOTER_SIZE; 236 size_t signature_size = signature_start - FOOTER_SIZE;
235 if (!read_pkcs7(eocd + eocd_size - signature_start, signature_size, &sig_der, 237
236 &sig_der_length)) { 238 LOGI("signature (offset: 0x%zx, length: %zu): %s\n",
239 length - signature_start, signature_size,
240 print_hex(signature, signature_size).c_str());
241
242 if (!read_pkcs7(signature, signature_size, &sig_der, &sig_der_length)) {
237 LOGE("Could not find signature DER block\n"); 243 LOGE("Could not find signature DER block\n");
238 return VERIFY_FAILURE; 244 return VERIFY_FAILURE;
239 } 245 }
@@ -288,6 +294,13 @@ int verify_file(unsigned char* addr, size_t length,
288 } 294 }
289 i++; 295 i++;
290 } 296 }
297
298 if (need_sha1) {
299 LOGI("SHA-1 digest: %s\n", print_hex(sha1, SHA_DIGEST_LENGTH).c_str());
300 }
301 if (need_sha256) {
302 LOGI("SHA-256 digest: %s\n", print_hex(sha256, SHA256_DIGEST_LENGTH).c_str());
303 }
291 free(sig_der); 304 free(sig_der);
292 LOGE("failed to verify whole-file signature\n"); 305 LOGE("failed to verify whole-file signature\n");
293 return VERIFY_FAILURE; 306 return VERIFY_FAILURE;