summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTao Bao <tbao@google.com>2016-04-23 02:08:10 +0200
committerandroid-build-merger <android-build-merger@google.com>2016-04-23 02:08:10 +0200
commite93c43fc6678dc5f923aedc6594d058f67b3c3d0 (patch)
tree87ac1837109158992b884e8aa2ffe9ec1b583740
parentMerge "Go back to the old ear-wiggling Android animation. am: 692941be79 am: 87b0654f00" into nyc-mr1-dev-plus-aosp (diff)
parentMerge "recovery: Dump the signature in the zip package." into nyc-dev am: 34ca089 (diff)
downloadandroid_bootable_recovery-e93c43fc6678dc5f923aedc6594d058f67b3c3d0.tar
android_bootable_recovery-e93c43fc6678dc5f923aedc6594d058f67b3c3d0.tar.gz
android_bootable_recovery-e93c43fc6678dc5f923aedc6594d058f67b3c3d0.tar.bz2
android_bootable_recovery-e93c43fc6678dc5f923aedc6594d058f67b3c3d0.tar.lz
android_bootable_recovery-e93c43fc6678dc5f923aedc6594d058f67b3c3d0.tar.xz
android_bootable_recovery-e93c43fc6678dc5f923aedc6594d058f67b3c3d0.tar.zst
android_bootable_recovery-e93c43fc6678dc5f923aedc6594d058f67b3c3d0.zip
-rw-r--r--print_sha1.h6
-rw-r--r--verifier.cpp17
2 files changed, 20 insertions, 3 deletions
diff --git a/print_sha1.h b/print_sha1.h
index fa3d7e009..c7c1f3651 100644
--- a/print_sha1.h
+++ b/print_sha1.h
@@ -22,7 +22,7 @@
#include "openssl/sha.h"
-static std::string print_sha1(const uint8_t sha1[SHA_DIGEST_LENGTH], size_t len) {
+static std::string print_sha1(const uint8_t* sha1, size_t len) {
const char* hex = "0123456789abcdef";
std::string result = "";
for (size_t i = 0; i < len; ++i) {
@@ -40,4 +40,8 @@ static std::string short_sha1(const uint8_t sha1[SHA_DIGEST_LENGTH]) {
return print_sha1(sha1, 4);
}
+static std::string print_hex(const uint8_t* bytes, size_t len) {
+ return print_sha1(bytes, len);
+}
+
#endif // RECOVERY_PRINT_SHA1_H
diff --git a/verifier.cpp b/verifier.cpp
index 523990561..996a1fdf9 100644
--- a/verifier.cpp
+++ b/verifier.cpp
@@ -28,6 +28,7 @@
#include "asn1_decoder.h"
#include "common.h"
+#include "print_sha1.h"
#include "ui.h"
#include "verifier.h"
@@ -231,9 +232,14 @@ int verify_file(unsigned char* addr, size_t length,
uint8_t* sig_der = nullptr;
size_t sig_der_length = 0;
+ uint8_t* signature = eocd + eocd_size - signature_start;
size_t signature_size = signature_start - FOOTER_SIZE;
- if (!read_pkcs7(eocd + eocd_size - signature_start, signature_size, &sig_der,
- &sig_der_length)) {
+
+ LOGI("signature (offset: 0x%zx, length: %zu): %s\n",
+ length - signature_start, signature_size,
+ print_hex(signature, signature_size).c_str());
+
+ if (!read_pkcs7(signature, signature_size, &sig_der, &sig_der_length)) {
LOGE("Could not find signature DER block\n");
return VERIFY_FAILURE;
}
@@ -288,6 +294,13 @@ int verify_file(unsigned char* addr, size_t length,
}
i++;
}
+
+ if (need_sha1) {
+ LOGI("SHA-1 digest: %s\n", print_hex(sha1, SHA_DIGEST_LENGTH).c_str());
+ }
+ if (need_sha256) {
+ LOGI("SHA-256 digest: %s\n", print_hex(sha256, SHA256_DIGEST_LENGTH).c_str());
+ }
free(sig_der);
LOGE("failed to verify whole-file signature\n");
return VERIFY_FAILURE;