OLD | NEW |
1 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "update_engine/payload_signer.h" | 5 #include "update_engine/payload_signer.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/string_util.h" | 8 #include "base/string_util.h" |
9 #include "update_engine/omaha_hash_calculator.h" | 9 #include "update_engine/omaha_hash_calculator.h" |
10 #include "update_engine/subprocess.h" | 10 #include "update_engine/subprocess.h" |
(...skipping 12 matching lines...) Expand all Loading... |
23 vector<char>* out_signature_blob) { | 23 vector<char>* out_signature_blob) { |
24 string sig_path; | 24 string sig_path; |
25 TEST_AND_RETURN_FALSE( | 25 TEST_AND_RETURN_FALSE( |
26 utils::MakeTempFile("/tmp/signature.XXXXXX", &sig_path, NULL)); | 26 utils::MakeTempFile("/tmp/signature.XXXXXX", &sig_path, NULL)); |
27 ScopedPathUnlinker sig_path_unlinker(sig_path); | 27 ScopedPathUnlinker sig_path_unlinker(sig_path); |
28 | 28 |
29 string hash_path; | 29 string hash_path; |
30 TEST_AND_RETURN_FALSE( | 30 TEST_AND_RETURN_FALSE( |
31 utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_path, NULL)); | 31 utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_path, NULL)); |
32 ScopedPathUnlinker hash_path_unlinker(hash_path); | 32 ScopedPathUnlinker hash_path_unlinker(hash_path); |
33 | 33 |
34 vector<char> hash_data; | 34 vector<char> hash_data; |
35 { | 35 { |
36 vector<char> payload; | 36 vector<char> payload; |
37 // TODO(adlr): Read file in chunks. Not urgent as this runs on the server. | 37 // TODO(adlr): Read file in chunks. Not urgent as this runs on the server. |
38 TEST_AND_RETURN_FALSE(utils::ReadFile(unsigned_payload_path, &payload)); | 38 TEST_AND_RETURN_FALSE(utils::ReadFile(unsigned_payload_path, &payload)); |
39 TEST_AND_RETURN_FALSE(OmahaHashCalculator::RawHashOfData(payload, | 39 TEST_AND_RETURN_FALSE(OmahaHashCalculator::RawHashOfData(payload, |
40 &hash_data)); | 40 &hash_data)); |
41 } | 41 } |
42 TEST_AND_RETURN_FALSE(utils::WriteFile(hash_path.c_str(), | 42 TEST_AND_RETURN_FALSE(utils::WriteFile(hash_path.c_str(), |
43 &hash_data[0], | 43 &hash_data[0], |
44 hash_data.size())); | 44 hash_data.size())); |
45 | 45 |
46 // This runs on the server, so it's okay to cop out and call openssl | 46 // This runs on the server, so it's okay to cop out and call openssl |
47 // executable rather than properly use the library | 47 // executable rather than properly use the library |
48 vector<string> cmd; | 48 vector<string> cmd; |
49 SplitString("/usr/bin/openssl rsautl -pkcs -sign -inkey x -in x -out x", | 49 SplitString("/usr/bin/openssl rsautl -pkcs -sign -inkey x -in x -out x", |
50 ' ', | 50 ' ', |
51 &cmd); | 51 &cmd); |
52 cmd[cmd.size() - 5] = private_key_path; | 52 cmd[cmd.size() - 5] = private_key_path; |
53 cmd[cmd.size() - 3] = hash_path; | 53 cmd[cmd.size() - 3] = hash_path; |
54 cmd[cmd.size() - 1] = sig_path; | 54 cmd[cmd.size() - 1] = sig_path; |
55 | 55 |
56 int return_code = 0; | 56 int return_code = 0; |
57 TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &return_code)); | 57 TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &return_code)); |
58 TEST_AND_RETURN_FALSE(return_code == 0); | 58 TEST_AND_RETURN_FALSE(return_code == 0); |
59 | 59 |
60 vector<char> signature; | 60 vector<char> signature; |
61 TEST_AND_RETURN_FALSE(utils::ReadFile(sig_path, &signature)); | 61 TEST_AND_RETURN_FALSE(utils::ReadFile(sig_path, &signature)); |
62 | 62 |
63 // Pack it into a protobuf | 63 // Pack it into a protobuf |
64 Signatures out_message; | 64 Signatures out_message; |
65 Signatures_Signature* sig_message = out_message.add_signatures(); | 65 Signatures_Signature* sig_message = out_message.add_signatures(); |
66 sig_message->set_version(kSignatureMessageVersion); | 66 sig_message->set_version(kSignatureMessageVersion); |
67 sig_message->set_data(signature.data(), signature.size()); | 67 sig_message->set_data(signature.data(), signature.size()); |
68 | 68 |
69 // Serialize protobuf | 69 // Serialize protobuf |
70 string serialized; | 70 string serialized; |
71 TEST_AND_RETURN_FALSE(out_message.AppendToString(&serialized)); | 71 TEST_AND_RETURN_FALSE(out_message.AppendToString(&serialized)); |
72 out_signature_blob->insert(out_signature_blob->end(), | 72 out_signature_blob->insert(out_signature_blob->end(), |
73 serialized.begin(), | 73 serialized.begin(), |
74 serialized.end()); | 74 serialized.end()); |
75 return true; | 75 return true; |
76 } | 76 } |
77 | 77 |
78 bool PayloadSigner::SignatureBlobLength( | 78 bool PayloadSigner::SignatureBlobLength( |
79 const string& private_key_path, | 79 const string& private_key_path, |
80 uint64_t* out_length) { | 80 uint64_t* out_length) { |
81 DCHECK(out_length); | 81 DCHECK(out_length); |
82 | 82 |
83 string x_path; | 83 string x_path; |
84 TEST_AND_RETURN_FALSE( | 84 TEST_AND_RETURN_FALSE( |
85 utils::MakeTempFile("/tmp/signed_data.XXXXXX", &x_path, NULL)); | 85 utils::MakeTempFile("/tmp/signed_data.XXXXXX", &x_path, NULL)); |
86 ScopedPathUnlinker x_path_unlinker(x_path); | 86 ScopedPathUnlinker x_path_unlinker(x_path); |
87 TEST_AND_RETURN_FALSE(utils::WriteFile(x_path.c_str(), "x", 1)); | 87 TEST_AND_RETURN_FALSE(utils::WriteFile(x_path.c_str(), "x", 1)); |
88 | 88 |
89 vector<char> sig_blob; | 89 vector<char> sig_blob; |
90 TEST_AND_RETURN_FALSE(PayloadSigner::SignPayload(x_path, | 90 TEST_AND_RETURN_FALSE(PayloadSigner::SignPayload(x_path, |
91 private_key_path, | 91 private_key_path, |
92 &sig_blob)); | 92 &sig_blob)); |
93 *out_length = sig_blob.size(); | 93 *out_length = sig_blob.size(); |
94 return true; | 94 return true; |
95 } | 95 } |
96 | 96 |
97 } // namespace chromeos_update_engine | 97 } // namespace chromeos_update_engine |
OLD | NEW |