1 files changed, 94 insertions, 22 deletions

diff --git a/verifier_test.cpp b/verifier_test.cpp
index 20aa3d1de..3ba270de7 100644
--- a/verifier_test.cpp
+++ b/verifier_test.cpp
@@ -17,6 +17,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <stdarg.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
 
 /*
 #include "common.h"
@@ -25,6 +28,7 @@
 #include "ui.h"
 #include "mincrypt/sha.h"
 #include "mincrypt/sha256.h"
+#include "minzip/SysUtil.h"
 
 // This is build/target/product/security/testkey.x509.pem after being
 // dumped out by dumpkey.jar.
@@ -102,6 +106,18 @@ RSAPublicKey test_f4_key =
       65537
     };
 
+ECPublicKey test_ec_key =
+    {
+       {
+         {0xd656fa24u, 0x931416cau, 0x1c0278c6u, 0x174ebe4cu,
+          0x6018236au, 0x45ba1656u, 0xe8c05d84u, 0x670ed500u}
+      },
+      {
+        {0x0d179adeu, 0x4c16827du, 0x9f8cb992u, 0x8f69ff8au,
+         0x481b1020u, 0x798d91afu, 0x184db8e9u, 0xb5848dd9u}
+      }
+    };
+
 RecoveryUI* ui = NULL;
 
 // verifier expects to find a UI object; we provide one that does
@@ -138,37 +154,93 @@ ui_print(const char* format, ...) {
     va_end(ap);
 }
 
+static Certificate* add_certificate(Certificate** certsp, int* num_keys,
+        Certificate::KeyType key_type) {
+    int i = *num_keys;
+    *num_keys = *num_keys + 1;
+    *certsp = (Certificate*) realloc(*certsp, *num_keys * sizeof(Certificate));
+    Certificate* certs = *certsp;
+    certs[i].rsa = NULL;
+    certs[i].ec = NULL;
+    certs[i].key_type = key_type;
+    certs[i].hash_len = SHA_DIGEST_SIZE;
+    return &certs[i];
+}
+
 int main(int argc, char **argv) {
-    if (argc < 2 || argc > 4) {
-        fprintf(stderr, "Usage: %s [-sha256] [-f4 | -file <keys>] <package>\n", argv[0]);
+    if (argc < 2) {
+        fprintf(stderr, "Usage: %s [-sha256] [-ec | -f4 | -file <keys>] <package>\n", argv[0]);
         return 2;
     }
+    Certificate* certs = NULL;
+    int num_keys = 0;
 
-    Certificate default_cert;
-    Certificate* cert = &default_cert;
-    cert->public_key = &test_key;
-    cert->hash_len = SHA_DIGEST_SIZE;
-    int num_keys = 1;
-    ++argv;
-    if (strcmp(argv[0], "-sha256") == 0) {
-        ++argv;
-        cert->hash_len = SHA256_DIGEST_SIZE;
+    int argn = 1;
+    while (argn < argc) {
+        if (strcmp(argv[argn], "-sha256") == 0) {
+            if (num_keys == 0) {
+                fprintf(stderr, "May only specify -sha256 after key type\n");
+                return 2;
+            }
+            ++argn;
+            Certificate* cert = &certs[num_keys - 1];
+            cert->hash_len = SHA256_DIGEST_SIZE;
+        } else if (strcmp(argv[argn], "-ec") == 0) {
+            ++argn;
+            Certificate* cert = add_certificate(&certs, &num_keys, Certificate::EC);
+            cert->ec = &test_ec_key;
+        } else if (strcmp(argv[argn], "-e3") == 0) {
+            ++argn;
+            Certificate* cert = add_certificate(&certs, &num_keys, Certificate::RSA);
+            cert->rsa = &test_key;
+        } else if (strcmp(argv[argn], "-f4") == 0) {
+            ++argn;
+            Certificate* cert = add_certificate(&certs, &num_keys, Certificate::RSA);
+            cert->rsa = &test_f4_key;
+        } else if (strcmp(argv[argn], "-file") == 0) {
+            if (certs != NULL) {
+                fprintf(stderr, "Cannot specify -file with other certs specified\n");
+                return 2;
+            }
+            ++argn;
+            certs = load_keys(argv[argn], &num_keys);
+            ++argn;
+        } else if (argv[argn][0] == '-') {
+            fprintf(stderr, "Unknown argument %s\n", argv[argn]);
+            return 2;
+        } else {
+            break;
+        }
     }
-    if (strcmp(argv[0], "-f4") == 0) {
-        ++argv;
-        cert->public_key = &test_f4_key;
-    } else if (strcmp(argv[0], "-file") == 0) {
-        ++argv;
-        cert = load_keys(argv[0], &num_keys);
-        ++argv;
+
+    if (argn == argc) {
+        fprintf(stderr, "Must specify package to verify\n");
+        return 2;
+    }
+
+    if (num_keys == 0) {
+        certs = (Certificate*) calloc(1, sizeof(Certificate));
+        if (certs == NULL) {
+            fprintf(stderr, "Failure allocating memory for default certificate\n");
+            return 1;
+        }
+        certs->key_type = Certificate::RSA;
+        certs->rsa = &test_key;
+        certs->ec = NULL;
+        certs->hash_len = SHA_DIGEST_SIZE;
+        num_keys = 1;
     }
 
     ui = new FakeUI();
 
-/*
-    int result = verify_file(*argv, cert, num_keys);
-*/
-    int result = verify_file(*argv);
+    MemMapping map;
+    if (sysMapFile(argv[argn], &map) != 0) {
+        fprintf(stderr, "failed to mmap %s: %s\n", argv[argn], strerror(errno));
+        return 4;
+    }
+
+    int result = verify_file(map.addr, map.length);
+
     if (result == VERIFY_SUCCESS) {
         printf("VERIFIED\n");
         return 0;