diff options
author | Ethan Yonker <dees_troy@teamw.in> | 2014-11-06 15:35:10 +0100 |
---|---|---|
committer | Ethan Yonker <dees_troy@teamw.in> | 2014-11-06 15:35:13 +0100 |
commit | a167416289a8aef5d4c35861c9f4181f87b8bfd0 (patch) | |
tree | cfb0b940141a4273ac6ddb58070e36ea706b7358 /verifier.h | |
parent | 2.8.2.0 (diff) | |
parent | Use more aggressive sync writing to applypatch. (diff) | |
download | android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar.gz android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar.bz2 android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar.lz android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar.xz android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.tar.zst android_bootable_recovery-a167416289a8aef5d4c35861c9f4181f87b8bfd0.zip |
Diffstat (limited to 'verifier.h')
-rw-r--r-- | verifier.h | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/verifier.h b/verifier.h index d70417340..43fd5adcd 100644 --- a/verifier.h +++ b/verifier.h @@ -17,6 +17,7 @@ #ifndef _RECOVERY_VERIFIER_H #define _RECOVERY_VERIFIER_H +#include "mincrypt/p256.h" #include "mincrypt/rsa.h" #define ASSUMED_UPDATE_BINARY_NAME "META-INF/com/google/android/update-binary" @@ -26,14 +27,30 @@ enum { INSTALL_SUCCESS, INSTALL_ERROR, INSTALL_CORRUPT }; static const float VERIFICATION_PROGRESS_FRACTION = 0.25; typedef struct Certificate { + +typedef struct { + p256_int x; + p256_int y; +} ECPublicKey; + +typedef struct { + typedef enum { + RSA, + EC, + } KeyType; + int hash_len; // SHA_DIGEST_SIZE (SHA-1) or SHA256_DIGEST_SIZE (SHA-256) - RSAPublicKey* public_key; + KeyType key_type; + RSAPublicKey* rsa; + ECPublicKey* ec; } Certificate; -/* Look in the file for a signature footer, and verify that it - * matches one of the given keys. Return one of the constants below. +/* addr and length define a an update package file that has been + * loaded (or mmap'ed, or whatever) into memory. Verify that the file + * is signed and the signature matches one of the given keys. Return + * one of the constants below. */ -int verify_file(const char* path); +int verify_file(unsigned char* addr, size_t length); Certificate* load_keys(const char* filename, int* numKeys); |