summaryrefslogtreecommitdiffstats
path: root/verifier.h
diff options
context:
space:
mode:
authorEthan Yonker <dees_troy@teamw.in>2014-11-06 15:35:10 +0100
committerEthan Yonker <dees_troy@teamw.in>2014-11-06 15:35:13 +0100
commita167416289a8aef5d4c35861c9f4181f87b8bfd0 (patch)
treecfb0b940141a4273ac6ddb58070e36ea706b7358 /verifier.h
parent2.8.2.0 (diff)
parentUse more aggressive sync writing to applypatch. (diff)
downloadandroid_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar
android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar.gz
android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar.bz2
android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar.lz
android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar.xz
android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar.zst
android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.zip
Diffstat (limited to '')
-rw-r--r--verifier.h25
1 files changed, 21 insertions, 4 deletions
diff --git a/verifier.h b/verifier.h
index d70417340..43fd5adcd 100644
--- a/verifier.h
+++ b/verifier.h
@@ -17,6 +17,7 @@
#ifndef _RECOVERY_VERIFIER_H
#define _RECOVERY_VERIFIER_H
+#include "mincrypt/p256.h"
#include "mincrypt/rsa.h"
#define ASSUMED_UPDATE_BINARY_NAME "META-INF/com/google/android/update-binary"
@@ -26,14 +27,30 @@ enum { INSTALL_SUCCESS, INSTALL_ERROR, INSTALL_CORRUPT };
static const float VERIFICATION_PROGRESS_FRACTION = 0.25;
typedef struct Certificate {
+
+typedef struct {
+ p256_int x;
+ p256_int y;
+} ECPublicKey;
+
+typedef struct {
+ typedef enum {
+ RSA,
+ EC,
+ } KeyType;
+
int hash_len; // SHA_DIGEST_SIZE (SHA-1) or SHA256_DIGEST_SIZE (SHA-256)
- RSAPublicKey* public_key;
+ KeyType key_type;
+ RSAPublicKey* rsa;
+ ECPublicKey* ec;
} Certificate;
-/* Look in the file for a signature footer, and verify that it
- * matches one of the given keys. Return one of the constants below.
+/* addr and length define a an update package file that has been
+ * loaded (or mmap'ed, or whatever) into memory. Verify that the file
+ * is signed and the signature matches one of the given keys. Return
+ * one of the constants below.
*/
-int verify_file(const char* path);
+int verify_file(unsigned char* addr, size_t length);
Certificate* load_keys(const char* filename, int* numKeys);