payload_signer.cc - Issue 6771024: AU: Switch to 2048 bit RSA keys; Pad SHA256 hashes appropriately.

Unified Diff: payload_signer.cc

Issue 6771024: AU: Switch to 2048 bit RSA keys; Pad SHA256 hashes appropriately. (Closed) Base URL: http://git.chromium.org/git/update_engine.git@master

Patch Set: remove debug log statement Created 9 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: payload_signer.cc

diff --git a/payload_signer.cc b/payload_signer.cc

index 60a80d1af051df2a15b341e21d03ede8ff1db723..f69b8436c545eb1200c76bee8445f889195a544f 100644

--- a/payload_signer.cc

+++ b/payload_signer.cc

@@ -23,6 +23,28 @@ namespace chromeos_update_engine {

const uint32_t kSignatureMessageVersion = 1;

namespace {

+const char kRSA2048SHA256Padding[] = {

+ 0x00, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,

+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,

+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x30, 0x31, 0x30,

+ 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05,

+ 0x00, 0x04, 0x20

+};

// Given a raw |signature|, packs it into a protobuf and serializes it into a

// binary blob. Returns true on success, false otherwise.

bool ConvertSignatureToProtobufBlob(const vector<char> signature,

@@ -113,14 +135,17 @@ bool PayloadSigner::SignHash(const vector<char>& hash,

TEST_AND_RETURN_FALSE(

utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_path, NULL));

ScopedPathUnlinker hash_path_unlinker(hash_path);

+ // We expect unpadded SHA256 hash coming in

+ vector<char> padded_hash(hash);

gauravsh 2011/03/29 23:04:50 should you check here that this is indeed the size

adlr 2011/03/30 19:40:14 Done.

+ PadRSA2048SHA256Hash(&padded_hash);

TEST_AND_RETURN_FALSE(utils::WriteFile(hash_path.c_str(),

- hash.data(),

- hash.size()));

+ padded_hash.data(),

+ padded_hash.size()));

// This runs on the server, so it's okay to cop out and call openssl

// executable rather than properly use the library

vector<string> cmd;

- SplitString("/usr/bin/openssl rsautl -pkcs -sign -inkey x -in x -out x",

+ SplitString("/usr/bin/openssl rsautl -raw -sign -inkey x -in x -out x",

' ',

&cmd);

cmd[cmd.size() - 5] = private_key_path;

@@ -220,7 +245,7 @@ bool PayloadSigner::VerifySignature(const std::vector<char>& signature_blob,

reinterpret_cast<const unsigned char*>(sig_data.data()),

reinterpret_cast<unsigned char*>(hash_data.data()),

rsa,

- RSA_PKCS1_PADDING);

+ RSA_NO_PADDING);

RSA_free(rsa);

TEST_AND_RETURN_FALSE(decrypt_size > 0 &&

decrypt_size <= static_cast<int>(hash_data.size()));

@@ -251,6 +276,7 @@ bool PayloadSigner::VerifySignedPayload(const std::string& payload_path,

vector<char> hash;

TEST_AND_RETURN_FALSE(OmahaHashCalculator::RawHashOfBytes(

payload.data(), metadata_size + manifest.signatures_offset(), &hash));

+ PadRSA2048SHA256Hash(&hash);

TEST_AND_RETURN_FALSE(hash == signed_hash);

return true;

}

@@ -299,4 +325,13 @@ bool PayloadSigner::AddSignatureToPayload(const string& payload_path,

return true;

}

+bool PayloadSigner::PadRSA2048SHA256Hash(std::vector<char>* hash) {

+ TEST_AND_RETURN_FALSE(hash->size() == 32);

+ hash->insert(hash->begin(),

+ kRSA2048SHA256Padding,

+ kRSA2048SHA256Padding + sizeof(kRSA2048SHA256Padding));

+ TEST_AND_RETURN_FALSE(hash->size() == 256);

+ return true;

} // namespace chromeos_update_engine

« payload_signer.h ('K') | « payload_signer.h ('k') | payload_signer_unittest.cc » ('j') | no next file with comments »