summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Android.bp25
-rw-r--r--package.cpp114
-rw-r--r--package.h13
-rw-r--r--tests/Android.bp2
-rw-r--r--tests/component/verifier_test.cpp15
-rw-r--r--tests/unit/package_test.cpp117
-rw-r--r--verifier.cpp2
-rw-r--r--verifier.h2
8 files changed, 273 insertions, 17 deletions
diff --git a/Android.bp b/Android.bp
index 10f6c7976..4c7ce52e9 100644
--- a/Android.bp
+++ b/Android.bp
@@ -151,6 +151,7 @@ cc_defaults {
static_libs: [
"librecovery_fastboot",
"libminui",
+ "libpackage",
"libverifier",
"libotautil",
@@ -175,7 +176,6 @@ cc_library_static {
"fsck_unshare_blocks.cpp",
"fuse_sdcard_provider.cpp",
"install.cpp",
- "package.cpp",
"recovery.cpp",
"roots.cpp",
],
@@ -210,6 +210,29 @@ cc_library_static {
],
}
+cc_library_static {
+ name: "libpackage",
+ recovery_available: true,
+
+ defaults: [
+ "recovery_defaults",
+ ],
+
+ srcs: [
+ "package.cpp",
+ ],
+
+ shared_libs: [
+ "libbase",
+ "libcrypto",
+ "libziparchive",
+ ],
+
+ static_libs: [
+ "libotautil",
+ ],
+}
+
cc_binary {
name: "recovery",
recovery: true,
diff --git a/package.cpp b/package.cpp
index d40427859..6c7289f3f 100644
--- a/package.cpp
+++ b/package.cpp
@@ -17,10 +17,12 @@
#include "package.h"
#include <string.h>
+#include <unistd.h>
+#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/stringprintf.h>
-#include <openssl/sha.h>
+#include <android-base/unique_fd.h>
#include "otautil/error_code.h"
#include "otautil/sysutil.h"
@@ -67,14 +69,38 @@ class MemoryPackage : public Package {
ZipArchiveHandle zip_handle_;
};
-// TODO(xunchang) Implement the PackageFromFd.
-
void Package::SetProgress(float progress) {
if (set_progress_) {
set_progress_(progress);
}
}
+class FilePackage : public Package {
+ public:
+ FilePackage(android::base::unique_fd&& fd, uint64_t file_size, const std::string& path,
+ const std::function<void(float)>& set_progress);
+
+ ~FilePackage() override;
+
+ uint64_t GetPackageSize() const override {
+ return package_size_;
+ }
+
+ bool ReadFullyAtOffset(uint8_t* buffer, uint64_t byte_count, uint64_t offset) override;
+
+ ZipArchiveHandle GetZipArchiveHandle() override;
+
+ bool UpdateHashAtOffset(const std::vector<HasherUpdateCallback>& hashers, uint64_t start,
+ uint64_t length) override;
+
+ private:
+ android::base::unique_fd fd_; // The underlying fd to the open package.
+ uint64_t package_size_;
+ std::string path_; // The physical path to the package.
+
+ ZipArchiveHandle zip_handle_;
+};
+
std::unique_ptr<Package> Package::CreateMemoryPackage(
const std::string& path, const std::function<void(float)>& set_progress) {
std::unique_ptr<MemMapping> mmap = std::make_unique<MemMapping>();
@@ -86,6 +112,23 @@ std::unique_ptr<Package> Package::CreateMemoryPackage(
return std::make_unique<MemoryPackage>(path, std::move(mmap), set_progress);
}
+std::unique_ptr<Package> Package::CreateFilePackage(
+ const std::string& path, const std::function<void(float)>& set_progress) {
+ android::base::unique_fd fd(open(path.c_str(), O_RDONLY));
+ if (fd == -1) {
+ PLOG(ERROR) << "Failed to open " << path;
+ return nullptr;
+ }
+
+ off64_t file_size = lseek64(fd.get(), 0, SEEK_END);
+ if (file_size == -1) {
+ PLOG(ERROR) << "Failed to get the package size";
+ return nullptr;
+ }
+
+ return std::make_unique<FilePackage>(std::move(fd), file_size, path, set_progress);
+}
+
std::unique_ptr<Package> Package::CreateMemoryPackage(
std::vector<uint8_t> content, const std::function<void(float)>& set_progress) {
return std::make_unique<MemoryPackage>(std::move(content), set_progress);
@@ -152,3 +195,68 @@ ZipArchiveHandle MemoryPackage::GetZipArchiveHandle() {
return zip_handle_;
}
+
+FilePackage::FilePackage(android::base::unique_fd&& fd, uint64_t file_size, const std::string& path,
+ const std::function<void(float)>& set_progress)
+ : fd_(std::move(fd)), package_size_(file_size), path_(path), zip_handle_(nullptr) {
+ set_progress_ = set_progress;
+}
+
+FilePackage::~FilePackage() {
+ if (zip_handle_) {
+ CloseArchive(zip_handle_);
+ }
+}
+
+bool FilePackage::ReadFullyAtOffset(uint8_t* buffer, uint64_t byte_count, uint64_t offset) {
+ if (byte_count > package_size_ || offset > package_size_ - byte_count) {
+ LOG(ERROR) << "Out of bound read, offset: " << offset << ", size: " << byte_count
+ << ", total package_size: " << package_size_;
+ return false;
+ }
+
+ if (!android::base::ReadFullyAtOffset(fd_.get(), buffer, byte_count, offset)) {
+ PLOG(ERROR) << "Failed to read " << byte_count << " bytes data at offset " << offset;
+ return false;
+ }
+
+ return true;
+}
+
+bool FilePackage::UpdateHashAtOffset(const std::vector<HasherUpdateCallback>& hashers,
+ uint64_t start, uint64_t length) {
+ if (length > package_size_ || start > package_size_ - length) {
+ LOG(ERROR) << "Out of bound read, offset: " << start << ", size: " << length
+ << ", total package_size: " << package_size_;
+ return false;
+ }
+
+ uint64_t so_far = 0;
+ while (so_far < length) {
+ uint64_t read_size = std::min<uint64_t>(length - so_far, 16 * MiB);
+ std::vector<uint8_t> buffer(read_size);
+ if (!ReadFullyAtOffset(buffer.data(), read_size, start + so_far)) {
+ return false;
+ }
+
+ for (const auto& hasher : hashers) {
+ hasher(buffer.data(), read_size);
+ }
+ so_far += read_size;
+ }
+
+ return true;
+}
+
+ZipArchiveHandle FilePackage::GetZipArchiveHandle() {
+ if (zip_handle_) {
+ return zip_handle_;
+ }
+
+ if (auto err = OpenArchiveFd(fd_.get(), path_.c_str(), &zip_handle_); err != 0) {
+ LOG(ERROR) << "Can't open package" << path_ << " : " << ErrorCodeString(err);
+ return nullptr;
+ }
+
+ return zip_handle_;
+}
diff --git a/package.h b/package.h
index 5eef9c965..cd44d10be 100644
--- a/package.h
+++ b/package.h
@@ -32,6 +32,13 @@
// interface for both packages loaded in memory and packages read from fd.
class Package : public VerifierInterface {
public:
+ static std::unique_ptr<Package> CreateMemoryPackage(
+ const std::string& path, const std::function<void(float)>& set_progress);
+ static std::unique_ptr<Package> CreateMemoryPackage(
+ std::vector<uint8_t> content, const std::function<void(float)>& set_progress);
+ static std::unique_ptr<Package> CreateFilePackage(const std::string& path,
+ const std::function<void(float)>& set_progress);
+
virtual ~Package() = default;
// Opens the package as a zip file and returns the ZipArchiveHandle.
@@ -40,12 +47,6 @@ class Package : public VerifierInterface {
// Updates the progress in fraction during package verification.
void SetProgress(float progress) override;
- static std::unique_ptr<Package> CreateMemoryPackage(
- const std::string& path, const std::function<void(float)>& set_progress);
-
- static std::unique_ptr<Package> CreateMemoryPackage(
- std::vector<uint8_t> content, const std::function<void(float)>& set_progress);
-
protected:
// An optional function to update the progress.
std::function<void(float)> set_progress_;
diff --git a/tests/Android.bp b/tests/Android.bp
index 898ed7d60..ef5919eb5 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -77,6 +77,7 @@ librecovery_static_libs = [
"librecovery",
"librecovery_fastboot",
"libminui",
+ "libpackage",
"libverifier",
"libotautil",
@@ -117,6 +118,7 @@ cc_test {
static_libs: libapplypatch_static_libs + [
"librecovery_ui",
"libminui",
+ "libpackage",
"libverifier",
"libotautil",
"libupdater",
diff --git a/tests/component/verifier_test.cpp b/tests/component/verifier_test.cpp
index c26d76d73..c904cd038 100644
--- a/tests/component/verifier_test.cpp
+++ b/tests/component/verifier_test.cpp
@@ -240,8 +240,10 @@ class VerifierTest : public testing::TestWithParam<std::vector<std::string>> {
void SetUp() override {
std::vector<std::string> args = GetParam();
std::string path = from_testdata_base(args[0]);
- package_ = Package::CreateMemoryPackage(path, nullptr);
- ASSERT_NE(nullptr, package_);
+ memory_package_ = Package::CreateMemoryPackage(path, nullptr);
+ ASSERT_NE(nullptr, memory_package_);
+ file_package_ = Package::CreateFilePackage(path, nullptr);
+ ASSERT_NE(nullptr, file_package_);
for (auto it = ++args.cbegin(); it != args.cend(); ++it) {
std::string public_key_file = from_testdata_base("testkey_" + *it + ".x509.pem");
@@ -250,7 +252,8 @@ class VerifierTest : public testing::TestWithParam<std::vector<std::string>> {
}
}
- std::unique_ptr<Package> package_;
+ std::unique_ptr<Package> memory_package_;
+ std::unique_ptr<Package> file_package_;
std::vector<Certificate> certs_;
};
@@ -304,11 +307,13 @@ TEST(VerifierTest, BadPackage_SignatureStartOutOfBounds) {
}
TEST_P(VerifierSuccessTest, VerifySucceed) {
- ASSERT_EQ(VERIFY_SUCCESS, verify_file(package_.get(), certs_));
+ ASSERT_EQ(VERIFY_SUCCESS, verify_file(memory_package_.get(), certs_));
+ ASSERT_EQ(VERIFY_SUCCESS, verify_file(file_package_.get(), certs_));
}
TEST_P(VerifierFailureTest, VerifyFailure) {
- ASSERT_EQ(VERIFY_FAILURE, verify_file(package_.get(), certs_));
+ ASSERT_EQ(VERIFY_FAILURE, verify_file(memory_package_.get(), certs_));
+ ASSERT_EQ(VERIFY_FAILURE, verify_file(file_package_.get(), certs_));
}
INSTANTIATE_TEST_CASE_P(SingleKeySuccess, VerifierSuccessTest,
diff --git a/tests/unit/package_test.cpp b/tests/unit/package_test.cpp
new file mode 100644
index 000000000..fa492d38b
--- /dev/null
+++ b/tests/unit/package_test.cpp
@@ -0,0 +1,117 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agree to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+
+#include <functional>
+#include <string>
+#include <vector>
+
+#include <android-base/file.h>
+#include <gtest/gtest.h>
+#include <openssl/sha.h>
+#include <ziparchive/zip_writer.h>
+
+#include "common/test_constants.h"
+#include "package.h"
+
+class PackageTest : public ::testing::Test {
+ protected:
+ void SetUp() override;
+
+ // A list of package classes for test, including MemoryPackage and FilePackage.
+ std::vector<std::unique_ptr<Package>> packages_;
+
+ TemporaryFile temp_file_; // test package file.
+ std::string file_content_; // actual bytes of the package file.
+};
+
+void PackageTest::SetUp() {
+ std::vector<std::string> entries = { "file1.txt", "file2.txt", "dir1/file3.txt" };
+ FILE* file_ptr = fdopen(temp_file_.release(), "wb");
+ ZipWriter writer(file_ptr);
+ for (const auto& entry : entries) {
+ ASSERT_EQ(0, writer.StartEntry(entry.c_str(), ZipWriter::kCompress));
+ ASSERT_EQ(0, writer.WriteBytes(entry.c_str(), entry.size()));
+ ASSERT_EQ(0, writer.FinishEntry());
+ }
+ writer.Finish();
+ ASSERT_EQ(0, fclose(file_ptr));
+
+ ASSERT_TRUE(android::base::ReadFileToString(temp_file_.path, &file_content_));
+ auto memory_package = Package::CreateMemoryPackage(temp_file_.path, nullptr);
+ ASSERT_TRUE(memory_package);
+ packages_.emplace_back(std::move(memory_package));
+
+ auto file_package = Package::CreateFilePackage(temp_file_.path, nullptr);
+ ASSERT_TRUE(file_package);
+ packages_.emplace_back(std::move(file_package));
+}
+
+TEST_F(PackageTest, ReadFullyAtOffset_success) {
+ for (const auto& package : packages_) {
+ std::vector<uint8_t> buffer(file_content_.size());
+ ASSERT_TRUE(package->ReadFullyAtOffset(buffer.data(), file_content_.size(), 0));
+ ASSERT_EQ(file_content_, std::string(buffer.begin(), buffer.end()));
+
+ ASSERT_TRUE(package->ReadFullyAtOffset(buffer.data(), file_content_.size() - 10, 10));
+ ASSERT_EQ(file_content_.substr(10), std::string(buffer.begin(), buffer.end() - 10));
+ }
+}
+
+TEST_F(PackageTest, ReadFullyAtOffset_failure) {
+ for (const auto& package : packages_) {
+ std::vector<uint8_t> buffer(file_content_.size());
+ // Out of bound read.
+ ASSERT_FALSE(package->ReadFullyAtOffset(buffer.data(), file_content_.size(), 10));
+ }
+}
+
+TEST_F(PackageTest, UpdateHashAtOffset_sha1_hash) {
+ // Check that the hash matches for first half of the file.
+ uint64_t hash_size = file_content_.size() / 2;
+ std::vector<uint8_t> expected_sha(SHA_DIGEST_LENGTH);
+ SHA1(reinterpret_cast<uint8_t*>(file_content_.data()), hash_size, expected_sha.data());
+
+ for (const auto& package : packages_) {
+ SHA_CTX ctx;
+ SHA1_Init(&ctx);
+ std::vector<HasherUpdateCallback> hashers{ std::bind(&SHA1_Update, &ctx, std::placeholders::_1,
+ std::placeholders::_2) };
+ package->UpdateHashAtOffset(hashers, 0, hash_size);
+
+ std::vector<uint8_t> calculated_sha(SHA_DIGEST_LENGTH);
+ SHA1_Final(calculated_sha.data(), &ctx);
+ ASSERT_EQ(expected_sha, calculated_sha);
+ }
+}
+
+TEST_F(PackageTest, GetZipArchiveHandle_extract_entry) {
+ for (const auto& package : packages_) {
+ ZipArchiveHandle zip = package->GetZipArchiveHandle();
+ ASSERT_TRUE(zip);
+
+ // Check that we can extract one zip entry.
+ std::string entry_name = "dir1/file3.txt";
+ ZipString path(entry_name.c_str());
+ ZipEntry entry;
+ ASSERT_EQ(0, FindEntry(zip, path, &entry));
+
+ std::vector<uint8_t> extracted(entry_name.size());
+ ASSERT_EQ(0, ExtractToMemory(zip, &entry, extracted.data(), extracted.size()));
+ ASSERT_EQ(entry_name, std::string(extracted.begin(), extracted.end()));
+ }
+}
diff --git a/verifier.cpp b/verifier.cpp
index b6c3895ce..68a011e0d 100644
--- a/verifier.cpp
+++ b/verifier.cpp
@@ -39,8 +39,6 @@
#include "asn1_decoder.h"
#include "otautil/print_sha1.h"
-static constexpr size_t MiB = 1024 * 1024;
-
/*
* Simple version of PKCS#7 SignedData extraction. This extracts the
* signature OCTET STRING to be used for signature verification.
diff --git a/verifier.h b/verifier.h
index b80096d41..106b86b85 100644
--- a/verifier.h
+++ b/verifier.h
@@ -27,6 +27,8 @@
#include <openssl/rsa.h>
#include <openssl/sha.h>
+constexpr size_t MiB = 1024 * 1024;
+
using HasherUpdateCallback = std::function<void(const uint8_t* addr, uint64_t size)>;
struct RSADeleter {