Chromium Code Reviews Chromium Code Reviews
Issue 6778029:
AU: detect failure when using public key verification (Closed)
Base URL: http://git.chromium.org/git/update_engine.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "update_engine/delta_performer.h" | 5 #include "update_engine/delta_performer.h" |
| 6 | 6 |
| 7 #include <endian.h> | 7 #include <endian.h> |
| 8 #include <errno.h> | 8 #include <errno.h> |
| 9 | 9 |
| 10 #include <algorithm> | 10 #include <algorithm> |
| (...skipping 551 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 562 signed_hash_context_ = hash_calculator_.GetContext(); | 562 signed_hash_context_ = hash_calculator_.GetContext(); |
| 563 LOG_IF(WARNING, !prefs_->SetString(kPrefsUpdateStateSignedSHA256Context, | 563 LOG_IF(WARNING, !prefs_->SetString(kPrefsUpdateStateSignedSHA256Context, |
| 564 signed_hash_context_)) | 564 signed_hash_context_)) |
| 565 << "Unable to store the signed hash context."; | 565 << "Unable to store the signed hash context."; |
| 566 LOG(INFO) << "Extracted signature data of size " | 566 LOG(INFO) << "Extracted signature data of size " |
| 567 << manifest_.signatures_size() << " at " | 567 << manifest_.signatures_size() << " at " |
| 568 << manifest_.signatures_offset(); | 568 << manifest_.signatures_offset(); |
| 569 return true; | 569 return true; |
| 570 } | 570 } |
| 571 | 571 |
| 572 #define TEST_SET_TRUE_RET_TRUE(_var, _condition) \ | |
| 573 do { \ | |
| 574 if (!(_condition)) { \ | |
| 575 LOG(ERROR) << "Non fatal public key verification: " << #_condition; \ | |
| 576 (_var) = true; \ | |
| 577 return true; \ | |
| 578 } \ | |
| 579 } while(0) | |
| 580 | |
| 572 bool DeltaPerformer::VerifyPayload( | 581 bool DeltaPerformer::VerifyPayload( |
| 573 const string& public_key_path, | 582 const string& public_key_path, |
| 574 const std::string& update_check_response_hash, | 583 const std::string& update_check_response_hash, |
| 575 const uint64_t update_check_response_size) { | 584 const uint64_t update_check_response_size, |
| 585 bool* signature_failed) { | |
| 576 string key_path = public_key_path; | 586 string key_path = public_key_path; |
| 577 if (key_path.empty()) { | 587 if (key_path.empty()) { |
| 578 key_path = kUpdatePayloadPublicKeyPath; | 588 key_path = kUpdatePayloadPublicKeyPath; |
| 579 } | 589 } |
| 580 LOG(INFO) << "Verifying delta payload. Public key path: " << key_path; | 590 LOG(INFO) << "Verifying delta payload. Public key path: " << key_path; |
| 581 | 591 |
| 582 // Verifies the download hash. | 592 // Verifies the download hash. |
| 583 const string& download_hash_data = hash_calculator_.hash(); | 593 const string& download_hash_data = hash_calculator_.hash(); |
| 584 TEST_AND_RETURN_FALSE(!download_hash_data.empty()); | 594 TEST_AND_RETURN_FALSE(!download_hash_data.empty()); |
| 585 TEST_AND_RETURN_FALSE(download_hash_data == update_check_response_hash); | 595 TEST_AND_RETURN_FALSE(download_hash_data == update_check_response_hash); |
| 586 | 596 |
| 587 // Verifies the download size. | 597 // Verifies the download size. |
| 588 TEST_AND_RETURN_FALSE(update_check_response_size == | 598 TEST_AND_RETURN_FALSE(update_check_response_size == |
| 589 manifest_metadata_size_ + buffer_offset_); | 599 manifest_metadata_size_ + buffer_offset_); |
| 590 | 600 |
| 591 // Verifies the signed payload hash. | 601 // Verifies the signed payload hash. |
| 592 if (!utils::FileExists(key_path.c_str())) { | 602 if (!utils::FileExists(key_path.c_str())) { |
|
petkov
2011/03/30 22:12:39
you could probably just do a similar check for sig
adlr
2011/03/30 22:30:06
Yeah, but I want to get a log of exactly what fail
| |
| 593 LOG(WARNING) << "Not verifying signed delta payload -- missing public key."; | 603 LOG(WARNING) << "Not verifying signed delta payload -- missing public key."; |
| 594 return true; | 604 return true; |
| 595 } | 605 } |
| 596 TEST_AND_RETURN_FALSE(!signatures_message_data_.empty()); | 606 TEST_SET_TRUE_RET_TRUE(*signature_failed, !signatures_message_data_.empty()); |
|
petkov
2011/03/30 22:10:21
This doesn't check for signature_failed != NULL? E
adlr
2011/03/30 22:30:06
Fixed to accept NULL
| |
| 597 vector<char> signed_hash_data; | 607 vector<char> signed_hash_data; |
| 598 TEST_AND_RETURN_FALSE(PayloadSigner::VerifySignature(signatures_message_data_, | 608 TEST_SET_TRUE_RET_TRUE(*signature_failed, PayloadSigner::VerifySignature( |
| 599 key_path, | 609 signatures_message_data_, |
| 600 &signed_hash_data)); | 610 key_path, |
| 611 &signed_hash_data)); | |
| 601 OmahaHashCalculator signed_hasher; | 612 OmahaHashCalculator signed_hasher; |
| 602 TEST_AND_RETURN_FALSE(signed_hasher.SetContext(signed_hash_context_)); | 613 TEST_SET_TRUE_RET_TRUE(*signature_failed, |
| 603 TEST_AND_RETURN_FALSE(signed_hasher.Finalize()); | 614 signed_hasher.SetContext(signed_hash_context_)); |
| 615 TEST_SET_TRUE_RET_TRUE(*signature_failed, | |
| 616 signed_hasher.Finalize()); | |
| 604 vector<char> hash_data = signed_hasher.raw_hash(); | 617 vector<char> hash_data = signed_hasher.raw_hash(); |
| 605 PayloadSigner::PadRSA2048SHA256Hash(&hash_data); | 618 PayloadSigner::PadRSA2048SHA256Hash(&hash_data); |
| 606 TEST_AND_RETURN_FALSE(!hash_data.empty()); | 619 TEST_SET_TRUE_RET_TRUE(*signature_failed, !hash_data.empty()); |
| 607 TEST_AND_RETURN_FALSE(hash_data == signed_hash_data); | 620 if (hash_data != signed_hash_data) { |
| 621 LOG(ERROR) << "Public key verificaion failed. This is non-fatal. " | |
| 622 "Attached Signature:"; | |
| 623 utils::HexDumpVector(signed_hash_data); | |
| 624 LOG(ERROR) << "Computed Signature:"; | |
| 625 utils::HexDumpVector(hash_data); | |
| 626 if (signature_failed) { | |
| 627 *signature_failed = true; | |
| 628 } | |
| 629 } | |
| 608 return true; | 630 return true; |
| 609 } | 631 } |
| 610 | 632 |
| 633 #undef TEST_SET_TRUE_RET_TRUE | |
| 634 | |
| 611 bool DeltaPerformer::GetNewPartitionInfo(uint64_t* kernel_size, | 635 bool DeltaPerformer::GetNewPartitionInfo(uint64_t* kernel_size, |
| 612 vector<char>* kernel_hash, | 636 vector<char>* kernel_hash, |
| 613 uint64_t* rootfs_size, | 637 uint64_t* rootfs_size, |
| 614 vector<char>* rootfs_hash) { | 638 vector<char>* rootfs_hash) { |
| 615 TEST_AND_RETURN_FALSE(manifest_valid_ && | 639 TEST_AND_RETURN_FALSE(manifest_valid_ && |
| 616 manifest_.has_new_kernel_info() && | 640 manifest_.has_new_kernel_info() && |
| 617 manifest_.has_new_rootfs_info()); | 641 manifest_.has_new_rootfs_info()); |
| 618 *kernel_size = manifest_.new_kernel_info().size(); | 642 *kernel_size = manifest_.new_kernel_info().size(); |
| 619 *rootfs_size = manifest_.new_rootfs_info().size(); | 643 *rootfs_size = manifest_.new_rootfs_info().size(); |
| 620 vector<char> new_kernel_hash(manifest_.new_kernel_info().hash().begin(), | 644 vector<char> new_kernel_hash(manifest_.new_kernel_info().hash().begin(), |
| (...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 764 if (prefs_->GetInt64(kPrefsResumedUpdateFailures, &resumed_update_failures)) { | 788 if (prefs_->GetInt64(kPrefsResumedUpdateFailures, &resumed_update_failures)) { |
| 765 resumed_update_failures++; | 789 resumed_update_failures++; |
| 766 } else { | 790 } else { |
| 767 resumed_update_failures = 1; | 791 resumed_update_failures = 1; |
| 768 } | 792 } |
| 769 prefs_->SetInt64(kPrefsResumedUpdateFailures, resumed_update_failures); | 793 prefs_->SetInt64(kPrefsResumedUpdateFailures, resumed_update_failures); |
| 770 return true; | 794 return true; |
| 771 } | 795 } |
| 772 | 796 |
| 773 } // namespace chromeos_update_engine | 797 } // namespace chromeos_update_engine |
| OLD | NEW |
