| Index: payload_signer.cc
|
| diff --git a/payload_signer.cc b/payload_signer.cc
|
| index 03ff391a9e8f6e764be086208a092c8222c12e5e..2fa9616a1f104b51f62ef73feef24e92c1aaa281 100644
|
| --- a/payload_signer.cc
|
| +++ b/payload_signer.cc
|
| @@ -6,6 +6,7 @@
|
|
|
| #include "base/logging.h"
|
| #include "base/string_util.h"
|
| +#include "update_engine/omaha_hash_calculator.h"
|
| #include "update_engine/subprocess.h"
|
| #include "update_engine/update_metadata.pb.h"
|
| #include "update_engine/utils.h"
|
| @@ -24,6 +25,23 @@ bool PayloadSigner::SignPayload(const string& unsigned_payload_path,
|
| TEST_AND_RETURN_FALSE(
|
| utils::MakeTempFile("/tmp/signature.XXXXXX", &sig_path, NULL));
|
| ScopedPathUnlinker sig_path_unlinker(sig_path);
|
| +
|
| + string hash_path;
|
| + TEST_AND_RETURN_FALSE(
|
| + utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_path, NULL));
|
| + ScopedPathUnlinker hash_path_unlinker(hash_path);
|
| +
|
| + vector<char> hash_data;
|
| + {
|
| + vector<char> payload;
|
| + // TODO(adlr): Read file in chunks. Not urgent as this runs on the server.
|
| + TEST_AND_RETURN_FALSE(utils::ReadFile(unsigned_payload_path, &payload));
|
| + TEST_AND_RETURN_FALSE(OmahaHashCalculator::RawHashOfData(payload,
|
| + &hash_data));
|
| + }
|
| + TEST_AND_RETURN_FALSE(utils::WriteFile(hash_path.c_str(),
|
| + &hash_data[0],
|
| + hash_data.size()));
|
|
|
| // This runs on the server, so it's okay to cop out and call openssl
|
| // executable rather than properly use the library
|
| @@ -32,7 +50,7 @@ bool PayloadSigner::SignPayload(const string& unsigned_payload_path,
|
| ' ',
|
| &cmd);
|
| cmd[cmd.size() - 5] = private_key_path;
|
| - cmd[cmd.size() - 3] = unsigned_payload_path;
|
| + cmd[cmd.size() - 3] = hash_path;
|
| cmd[cmd.size() - 1] = sig_path;
|
|
|
| int return_code = 0;
|
|
|
Chromium Code Reviews
Issue 3132033:
AU: Sign delta payloads (Closed)
Base URL: ssh://git@chromiumos-git/update_engine.git