From 30362a6ad132cbafde82cc57293e00679d4f86c2 Mon Sep 17 00:00:00 2001 From: Doug Zongker Date: Wed, 10 Apr 2013 11:32:17 -0700 Subject: verifier: update to support certificates using SHA-256 (cherry picked from commit bac7fba02763ae5e78e8e4ba0bea727330ad953e) Change-Id: I01c38d7fea088622a8b0bbf2c833fa2d969417af --- verifier.h | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'verifier.h') diff --git a/verifier.h b/verifier.h index e9ef3b722..6ce1b44d1 100644 --- a/verifier.h +++ b/verifier.h @@ -19,12 +19,17 @@ #include "mincrypt/rsa.h" +typedef struct Certificate { + int hash_len; // SHA_DIGEST_SIZE (SHA-1) or SHA256_DIGEST_SIZE (SHA-256) + RSAPublicKey* public_key; +} Certificate; + /* Look in the file for a signature footer, and verify that it * matches one of the given keys. Return one of the constants below. */ -int verify_file(const char* path, const RSAPublicKey *pKeys, unsigned int numKeys); +int verify_file(const char* path, const Certificate *pKeys, unsigned int numKeys); -RSAPublicKey* load_keys(const char* filename, int* numKeys); +Certificate* load_keys(const char* filename, int* numKeys); #define VERIFY_SUCCESS 0 #define VERIFY_FAILURE 1 -- cgit v1.2.3 From 7a4adb5268ae71260c86788ccdeb7a699c80ee0a Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Wed, 9 Oct 2013 10:14:35 -0700 Subject: Add support for ECDSA signatures This adds support for key version 5 which is an EC key using the NIST P-256 curve parameters. OTAs may be signed with these keys using the ECDSA signature algorithm with SHA-256. Change-Id: Id88672a3deb70681c78d5ea0d739e10f839e4567 --- verifier.h | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'verifier.h') diff --git a/verifier.h b/verifier.h index 6ce1b44d1..023d3bf89 100644 --- a/verifier.h +++ b/verifier.h @@ -17,11 +17,24 @@ #ifndef _RECOVERY_VERIFIER_H #define _RECOVERY_VERIFIER_H +#include "mincrypt/p256.h" #include "mincrypt/rsa.h" -typedef struct Certificate { +typedef struct { + p256_int x; + p256_int y; +} ECPublicKey; + +typedef struct { + typedef enum { + RSA, + EC, + } KeyType; + int hash_len; // SHA_DIGEST_SIZE (SHA-1) or SHA256_DIGEST_SIZE (SHA-256) - RSAPublicKey* public_key; + KeyType key_type; + RSAPublicKey* rsa; + ECPublicKey* ec; } Certificate; /* Look in the file for a signature footer, and verify that it -- cgit v1.2.3 From 99916f0496cfe37891d40f21a9a0e387620a8a60 Mon Sep 17 00:00:00 2001 From: Doug Zongker Date: Mon, 13 Jan 2014 14:16:58 -0800 Subject: do verification and extraction on memory, not files Changes minzip and recovery's file signature verification to work on memory regions, rather than files. For packages which are regular files, install.cpp now mmap()s them into memory and then passes the mapped memory to the verifier and to the minzip library. Support for files which are raw block maps (which will be used when we have packages written to encrypted data partitions) is present but largely untested so far. Bug: 12188746 Change-Id: I12cc3e809834745a489dd9d4ceb558cbccdc3f71 --- verifier.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'verifier.h') diff --git a/verifier.h b/verifier.h index 023d3bf89..15f8d98e4 100644 --- a/verifier.h +++ b/verifier.h @@ -37,10 +37,13 @@ typedef struct { ECPublicKey* ec; } Certificate; -/* Look in the file for a signature footer, and verify that it - * matches one of the given keys. Return one of the constants below. +/* addr and length define a an update package file that has been + * loaded (or mmap'ed, or whatever) into memory. Verify that the file + * is signed and the signature matches one of the given keys. Return + * one of the constants below. */ -int verify_file(const char* path, const Certificate *pKeys, unsigned int numKeys); +int verify_file(unsigned char* addr, size_t length, + const Certificate *pKeys, unsigned int numKeys); Certificate* load_keys(const char* filename, int* numKeys); -- cgit v1.2.3