summaryrefslogtreecommitdiffstats
path: root/verifier.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Use BoringSSL instead of mincrypt to speed up package verification.Elliott Hughes2016-04-141-18/+28
| | | | | | | | | | | | This changes the verification code in bootable/recovery to use BoringSSL instead of mincrypt. Cherry-pick of 452df6d99c81c4eeee3d2c7b2171901e8b7bc54a, with merge conflict resolution, extra logging in verifier.cpp, and an increase in the hash chunk size from 4KiB to 1MiB. Bug: http://b/28135231 Change-Id: I1ed7efd52223dd6f6a4629cad187cbc383d5aa84
* recovery: Refactor verifier and verifier_test.Tao Bao2016-02-031-6/+17
| | | | | | | | Move to using std::vector and std::unique_ptr to manage key certificates to stop memory leaks. Bug: 26908001 Change-Id: Ia5f799bc8dcc036a0ffae5eaa8d9f6e09abd031c
* do verification and extraction on memory, not filesDoug Zongker2014-01-161-3/+6
| | | | | | | | | | | | | | | | Changes minzip and recovery's file signature verification to work on memory regions, rather than files. For packages which are regular files, install.cpp now mmap()s them into memory and then passes the mapped memory to the verifier and to the minzip library. Support for files which are raw block maps (which will be used when we have packages written to encrypted data partitions) is present but largely untested so far. Bug: 12188746 Change-Id: I12cc3e809834745a489dd9d4ceb558cbccdc3f71
* Add support for ECDSA signaturesKenny Root2013-10-101-2/+15
| | | | | | | | This adds support for key version 5 which is an EC key using the NIST P-256 curve parameters. OTAs may be signed with these keys using the ECDSA signature algorithm with SHA-256. Change-Id: Id88672a3deb70681c78d5ea0d739e10f839e4567
* verifier: update to support certificates using SHA-256Doug Zongker2013-09-251-2/+7
| | | | | | (cherry picked from commit bac7fba02763ae5e78e8e4ba0bea727330ad953e) Change-Id: I01c38d7fea088622a8b0bbf2c833fa2d969417af
* move key loading to verifier codeDoug Zongker2012-11-021-0/+2
| | | | | | | Add an option to verifier_test to load keys from a file, the way the recovery does. Change-Id: Icba0e391164f2c1a9fefeab4b0bcb878e91d17b4
* verify whole-file signature instead of jarsigner signaturesDoug Zongker2009-08-151-6/+6
| | | | | | | In recovery, verify a signature that covers the entire zip file, instead of using the jarsigner format to verify individual files. Bug: 1328985
* auto import from //depot/cupcake/@135843The Android Open Source Project2009-03-041-0/+30
|
* auto import from //depot/cupcake/@135843The Android Open Source Project2009-03-041-30/+0
|
* Initial ContributionThe Android Open Source Project2008-10-211-0/+30