| OLD | NEW |
|---|
| 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Update file format: A delta update file contains all the deltas needed | 5 // Update file format: A delta update file contains all the deltas needed |
| 6 // to update a system from one specific version to another specific | 6 // to update a system from one specific version to another specific |
| 7 // version. The update format is represented by this struct pseudocode: | 7 // version. The update format is represented by this struct pseudocode: |
| 8 // struct delta_update_file { | 8 // struct delta_update_file { |
| 9 // char magic[4] = "CrAU"; | 9 // char magic[4] = "CrAU"; |
| 10 // uint32 file_format_version = 1; | 10 // uint32 file_format_version = 1; |
| 11 // uint64 manifest_size; // Size of protobuf DeltaArchiveManifest | 11 // uint64 manifest_size; // Size of protobuf DeltaArchiveManifest |
| 12 // // The Bzip2 compressed DeltaArchiveManifest | 12 // // The Bzip2 compressed DeltaArchiveManifest |
| 13 // char manifest[]; | 13 // char manifest[]; |
| 14 // | 14 // |
| 15 // // Data blobs for files, no specific format. The specific offset | 15 // // Data blobs for files, no specific format. The specific offset |
| 16 // // and length of each data blob is recorded in the DeltaArchiveManifest. | 16 // // and length of each data blob is recorded in the DeltaArchiveManifest. |
| 17 // struct { | 17 // struct { |
| 18 // char data[]; | 18 // char data[]; |
| 19 // } blobs[]; | 19 // } blobs[]; |
| 20 // | 20 // |
| 21 // // These two are not signed: |
| 22 // uint64 signatures_message_size; |
| 23 // char signatures_message[]; |
| 24 // |
| 21 // }; | 25 // }; |
| 22 | 26 |
| 23 // The DeltaArchiveManifest protobuf is an ordered list of InstallOperation | 27 // The DeltaArchiveManifest protobuf is an ordered list of InstallOperation |
| 24 // objects. These objects are stored in a linear array in the | 28 // objects. These objects are stored in a linear array in the |
| 25 // DeltaArchiveManifest. Each operation is applied in order by the client. | 29 // DeltaArchiveManifest. Each operation is applied in order by the client. |
| 26 | 30 |
| 27 // The DeltaArchiveManifest also contains the initial and final | 31 // The DeltaArchiveManifest also contains the initial and final |
| 28 // checksums for the device. | 32 // checksums for the device. |
| 29 | 33 |
| 30 // The client will perform each InstallOperation in order, beginning even | 34 // The client will perform each InstallOperation in order, beginning even |
| (...skipping 18 matching lines...) Expand all Loading... |
| 49 // physical partition. An ordered list of extents is another | 53 // physical partition. An ordered list of extents is another |
| 50 // representation of an ordered list of blocks. For example, a file stored | 54 // representation of an ordered list of blocks. For example, a file stored |
| 51 // in blocks 9, 10, 11, 2, 18, 12 (in that order) would be stored in | 55 // in blocks 9, 10, 11, 2, 18, 12 (in that order) would be stored in |
| 52 // extents { {9, 3}, {2, 1}, {18, 1}, {12, 1} } (in that order). | 56 // extents { {9, 3}, {2, 1}, {18, 1}, {12, 1} } (in that order). |
| 53 // In general, files are stored sequentially on disk, so it's more efficient | 57 // In general, files are stored sequentially on disk, so it's more efficient |
| 54 // to use extents to encode the block lists (this is effectively | 58 // to use extents to encode the block lists (this is effectively |
| 55 // run-length encoding). | 59 // run-length encoding). |
| 56 // A sentinel value (kuint64max) as the start block denotes a sparse-hole | 60 // A sentinel value (kuint64max) as the start block denotes a sparse-hole |
| 57 // in a file whose block-length is specified by num_blocks. | 61 // in a file whose block-length is specified by num_blocks. |
| 58 | 62 |
| 63 // Signatures: Updates may be signed by the OS vendor. The client verifies |
| 64 // an update's signature by hashing the entire download. The section of the |
| 65 // download the contains the signature is at the end of the file, so when |
| 66 // signing a file, only the part up to the signature part is signed. |
| 67 // Then, the client looks inside the download's Signatures message for a |
| 68 // Signature message that it knows how to handle. Generally, a client will |
| 69 // only know how to handle one type of signature, but an update may contain |
| 70 // many signatures to support many different types of client. Then client |
| 71 // selects a Signature message and uses that, along with a known public key, |
| 72 // to verify the download. The public key is expected to be part of the |
| 73 // client. |
| 74 |
| 59 message Extent { | 75 message Extent { |
| 60 optional uint64 start_block = 1; | 76 optional uint64 start_block = 1; |
| 61 optional uint64 num_blocks = 2; | 77 optional uint64 num_blocks = 2; |
| 62 } | 78 } |
| 63 | 79 |
| 80 message Signatures { |
| 81 message Signature { |
| 82 optional uint32 version = 1; |
| 83 optional string data = 2; |
| 84 } |
| 85 repeated Signature signatures = 1; |
| 86 } |
| 87 |
| 64 message DeltaArchiveManifest { | 88 message DeltaArchiveManifest { |
| 65 message InstallOperation { | 89 message InstallOperation { |
| 66 enum Type { | 90 enum Type { |
| 67 REPLACE = 0; // Replace destination extents w/ attached data | 91 REPLACE = 0; // Replace destination extents w/ attached data |
| 68 REPLACE_BZ = 1; // Replace destination extents w/ attached bzipped data | 92 REPLACE_BZ = 1; // Replace destination extents w/ attached bzipped data |
| 69 MOVE = 2; // Move source extents to destination extents | 93 MOVE = 2; // Move source extents to destination extents |
| 70 BSDIFF = 3; // The data is a bsdiff binary diff | 94 BSDIFF = 3; // The data is a bsdiff binary diff |
| 71 } | 95 } |
| 72 required Type type = 1; | 96 required Type type = 1; |
| 73 // The offset into the delta file (after the protobuf) | 97 // The offset into the delta file (after the protobuf) |
| (...skipping 13 matching lines...) Expand all Loading... |
| 87 // byte length of dst, not necessarily block aligned. It's only used for | 111 // byte length of dst, not necessarily block aligned. It's only used for |
| 88 // BSDIFF, because we need to fill in the rest of the last block | 112 // BSDIFF, because we need to fill in the rest of the last block |
| 89 // that bsdiff writes with '\0' bytes. | 113 // that bsdiff writes with '\0' bytes. |
| 90 optional uint64 dst_length = 7; | 114 optional uint64 dst_length = 7; |
| 91 } | 115 } |
| 92 repeated InstallOperation install_operations = 1; | 116 repeated InstallOperation install_operations = 1; |
| 93 repeated InstallOperation kernel_install_operations = 2; | 117 repeated InstallOperation kernel_install_operations = 2; |
| 94 | 118 |
| 95 // (At time of writing) usually 4096 | 119 // (At time of writing) usually 4096 |
| 96 optional uint32 block_size = 3 [default = 4096]; | 120 optional uint32 block_size = 3 [default = 4096]; |
| 121 |
| 122 // If signatures are present, the offset into the blobs, generally |
| 123 // tacked onto the end of the file. We use an offset rather than |
| 124 // a bool to allow for more flexibility in future file formats. |
| 125 // If this is absent, it means signatures aren't supported in this |
| 126 // file. |
| 127 optional uint64 signatures_offset = 4; |
| 97 } | 128 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3175010:
AU: Support signatures in new-style update images. (Closed)
Base URL: ssh://git@chromiumos-git/update_engine.git