diff options
| -rw-r--r-- | Android.mk | 4 | ||||
| -rw-r--r-- | applypatch/applypatch.c | 4 | ||||
| -rw-r--r-- | install.cpp | 26 | ||||
| -rw-r--r-- | minui/Android.mk | 8 | ||||
| -rw-r--r-- | minui/graphics.c | 12 | ||||
| -rw-r--r-- | testdata/otasigned_f4.zip | bin | 0 -> 5195 bytes | |||
| -rw-r--r-- | testdata/test_f4.pk8 | bin | 0 -> 1217 bytes | |||
| -rw-r--r-- | testdata/test_f4.x509.pem | 25 | ||||
| -rw-r--r-- | updater/Android.mk | 26 | ||||
| -rw-r--r-- | verifier_test.cpp | 53 | ||||
| -rwxr-xr-x | verifier_test.sh | 15 |
11 files changed, 149 insertions, 24 deletions
diff --git a/Android.mk b/Android.mk index 21e6946c2..751ed7243 100644 --- a/Android.mk +++ b/Android.mk @@ -25,7 +25,7 @@ LOCAL_STATIC_LIBRARIES := ifeq ($(TARGET_USERIMAGES_USE_EXT4), true) LOCAL_CFLAGS += -DUSE_EXT4 LOCAL_C_INCLUDES += system/extras/ext4_utils -LOCAL_STATIC_LIBRARIES += libext4_utils libz +LOCAL_STATIC_LIBRARIES += libext4_utils libsparse libz endif ifeq ($(HAVE_SELINUX), true) @@ -46,7 +46,7 @@ ifeq ($(TARGET_RECOVERY_UI_LIB),) else LOCAL_STATIC_LIBRARIES += $(TARGET_RECOVERY_UI_LIB) endif -LOCAL_STATIC_LIBRARIES += libext4_utils +LOCAL_STATIC_LIBRARIES += libext4_utils libsparse LOCAL_STATIC_LIBRARIES += libminzip libz libmtdutils libmincrypt libminadbd LOCAL_STATIC_LIBRARIES += libminui libpixelflinger_static libpng libcutils LOCAL_STATIC_LIBRARIES += libstdc++ libc diff --git a/applypatch/applypatch.c b/applypatch/applypatch.c index 00004e9a8..488fd8c6f 100644 --- a/applypatch/applypatch.c +++ b/applypatch/applypatch.c @@ -324,7 +324,7 @@ static int LoadPartitionContents(const char* filename, FileContents* file) { // Save the contents of the given FileContents object under the given // filename. Return 0 on success. int SaveFileContents(const char* filename, const FileContents* file) { - int fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC); + int fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); if (fd < 0) { printf("failed to open \"%s\" for write: %s\n", filename, strerror(errno)); @@ -843,7 +843,7 @@ static int GenerateTarget(FileContents* source_file, strcpy(outname, target_filename); strcat(outname, ".patch"); - output = open(outname, O_WRONLY | O_CREAT | O_TRUNC); + output = open(outname, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); if (output < 0) { printf("failed to open output file %s: %s\n", outname, strerror(errno)); diff --git a/install.cpp b/install.cpp index 4d73aa9b0..819650e1f 100644 --- a/install.cpp +++ b/install.cpp @@ -180,6 +180,12 @@ try_update_binary(const char *path, ZipArchive *zip, int* wipe_cache) { // // "{64,0xc926ad21,{1795090719,...,-695002876},{-857949815,...,1175080310}}" // +// For key versions newer than the original 2048-bit e=3 keys +// supported by Android, the string is preceded by a version +// identifier, eg: +// +// "v2 {64,0xc926ad21,{1795090719,...,-695002876},{-857949815,...,1175080310}}" +// // (Note that the braces and commas in this example are actual // characters the parser expects to find in the file; the ellipses // indicate more numbers omitted from this example.) @@ -206,7 +212,23 @@ load_keys(const char* filename, int* numKeys) { ++*numKeys; out = (RSAPublicKey*)realloc(out, *numKeys * sizeof(RSAPublicKey)); RSAPublicKey* key = out + (*numKeys - 1); - if (fscanf(f, " { %i , 0x%x , { %u", + + char start_char; + if (fscanf(f, " %c", &start_char) != 1) goto exit; + if (start_char == '{') { + // a version 1 key has no version specifier. + key->exponent = 3; + } else if (start_char == 'v') { + int version; + if (fscanf(f, "%d {", &version) != 1) goto exit; + if (version == 2) { + key->exponent = 65537; + } else { + goto exit; + } + } + + if (fscanf(f, " %i , 0x%x , { %u", &(key->len), &(key->n0inv), &(key->n[0])) != 3) { goto exit; } @@ -237,6 +259,8 @@ load_keys(const char* filename, int* numKeys) { LOGE("unexpected character between keys\n"); goto exit; } + + LOGI("read key e=%d\n", key->exponent); } } diff --git a/minui/Android.mk b/minui/Android.mk index 4c4d7c7b6..285ac62bf 100644 --- a/minui/Android.mk +++ b/minui/Android.mk @@ -9,10 +9,14 @@ LOCAL_C_INCLUDES +=\ LOCAL_MODULE := libminui -ifeq ($(TARGET_RECOVERY_PIXEL_FORMAT),"RGBX_8888") +# This used to compare against values in double-quotes (which are just +# ordinary characters in this context). Strip double-quotes from the +# value so that either will work. + +ifeq ($(subst ",,$(TARGET_RECOVERY_PIXEL_FORMAT)),RGBX_8888) LOCAL_CFLAGS += -DRECOVERY_RGBX endif -ifeq ($(TARGET_RECOVERY_PIXEL_FORMAT),"BGRA_8888") +ifeq ($(subst ",,$(TARGET_RECOVERY_PIXEL_FORMAT)),BGRA_8888) LOCAL_CFLAGS += -DRECOVERY_BGRA endif diff --git a/minui/graphics.c b/minui/graphics.c index dc96c3b21..81f13ad2c 100644 --- a/minui/graphics.c +++ b/minui/graphics.c @@ -59,6 +59,7 @@ static GGLSurface gr_font_texture; static GGLSurface gr_framebuffer[NUM_BUFFERS]; static GGLSurface gr_mem_surface; static unsigned gr_active_fb = 0; +static unsigned double_buffering = 0; static int gr_fb_fd = -1; static int gr_vt_fd = -1; @@ -141,6 +142,12 @@ static int get_framebuffer(GGLSurface *fb) fb++; + /* check if we can use double buffering */ + if (vi.yres * fi.line_length * 2 > fi.smem_len) + return fd; + + double_buffering = 1; + fb->version = sizeof(*fb); fb->width = vi.xres; fb->height = vi.yres; @@ -163,7 +170,7 @@ static void get_memory_surface(GGLSurface* ms) { static void set_active_framebuffer(unsigned n) { - if (n > 1) return; + if (n > 1 || !double_buffering) return; vi.yres_virtual = vi.yres * NUM_BUFFERS; vi.yoffset = n * vi.yres; vi.bits_per_pixel = PIXEL_SIZE * 8; @@ -177,7 +184,8 @@ void gr_flip(void) GGLContext *gl = gr_context; /* swap front and back buffers */ - gr_active_fb = (gr_active_fb + 1) & 1; + if (double_buffering) + gr_active_fb = (gr_active_fb + 1) & 1; /* copy data from the in-memory surface to the buffer we're about * to make active. */ diff --git a/testdata/otasigned_f4.zip b/testdata/otasigned_f4.zip Binary files differnew file mode 100644 index 000000000..dd1e4dd40 --- /dev/null +++ b/testdata/otasigned_f4.zip diff --git a/testdata/test_f4.pk8 b/testdata/test_f4.pk8 Binary files differnew file mode 100644 index 000000000..3052613c5 --- /dev/null +++ b/testdata/test_f4.pk8 diff --git a/testdata/test_f4.x509.pem b/testdata/test_f4.x509.pem new file mode 100644 index 000000000..814abcf99 --- /dev/null +++ b/testdata/test_f4.x509.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIENjCCAx6gAwIBAgIJAKhkCO1dDYMaMA0GCSqGSIb3DQEBBQUAMG8xCzAJBgNV +BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBW +aWV3MQ8wDQYDVQQKEwZHb29nbGUxEDAOBgNVBAsTB0FuZHJvaWQxEDAOBgNVBAMT +B1Rlc3QxMjMwHhcNMTIwNzI1MTg1NzAzWhcNMzkxMjExMTg1NzAzWjBvMQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4g +VmlldzEPMA0GA1UEChMGR29vZ2xlMRAwDgYDVQQLEwdBbmRyb2lkMRAwDgYDVQQD +EwdUZXN0MTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8WwMN9x +4Mz7YgkG2qy9g8/kl5ZoYrUM0ApHhaITAcL7RXLZaNipCf0w/YjYTQgj+75MK30x +TsnPeWNOEwA62gkHrZyyWfxBRO6kBYuIuI4roGDBJOmKQ1OEaDeIRKu7q5V8v3Cs +0wQDAQWTbhpxBZr9UYFgJUg8XWBfPrGJLVwsoiy4xrMhoTlNZKHfwOMMqVtSHkZX +qydYrcIzyjh+TO0e/xSNQ8MMRRbtqWgCHN6Rzhog3IHZu0RaPoukariopjXM/s0V +gTm3rHDHCOpna2pNblyiFlvbkoCs769mtNmx/yrDShO30jg/xaG8RypKDvTChzOT +oWW/XQ5VEXjbHwIDAQABo4HUMIHRMB0GA1UdDgQWBBRlT2dEZJY1tmUM8mZ0xnhS +GdD9TTCBoQYDVR0jBIGZMIGWgBRlT2dEZJY1tmUM8mZ0xnhSGdD9TaFzpHEwbzEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50 +YWluIFZpZXcxDzANBgNVBAoTBkdvb2dsZTEQMA4GA1UECxMHQW5kcm9pZDEQMA4G +A1UEAxMHVGVzdDEyM4IJAKhkCO1dDYMaMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN +AQEFBQADggEBAHqnXHtE+h3hvGmHh24GT51vGAYLc68WUUtCVlMIU85zQ757wlxZ +BmRypZ1i9hSqnXj5n+mETV5rFX3g2gvdAPVHkRycuDa2aUdZSE8cW4Z6qYFx6SaD +e+3SyXokpUquW64RuHJrf/yd/FnGjneBe3Qpm2reuzGWNH90qZGdbsfNaCm5kx2L +X+ZNHM3CcGMLaphY5++sM0JxSEcju5EK33ZYgLf4YdlbyMp8LDFVNd7ff0SFi9fF +0ZlAsJWoS3QmVCj2744BFdsCu7UHpnYpG6X3MT4SHAawdOaT5zSuaCl2xx6H0O7t +w/Fvbl/KVD1ZmLHgBKjDMNSh0OB9mSsDWpw= +-----END CERTIFICATE----- diff --git a/updater/Android.mk b/updater/Android.mk index f8ccb76b5..fcaf6d531 100644 --- a/updater/Android.mk +++ b/updater/Android.mk @@ -21,7 +21,7 @@ LOCAL_SRC_FILES := $(updater_src_files) ifeq ($(TARGET_USERIMAGES_USE_EXT4), true) LOCAL_CFLAGS += -DUSE_EXT4 LOCAL_C_INCLUDES += system/extras/ext4_utils -LOCAL_STATIC_LIBRARIES += libext4_utils libz +LOCAL_STATIC_LIBRARIES += libext4_utils libsparse libz endif ifeq ($(HAVE_SELINUX), true) @@ -50,18 +50,19 @@ LOCAL_C_INCLUDES += $(LOCAL_PATH)/.. inc := $(call intermediates-dir-for,PACKAGING,updater_extensions)/register.inc -# During the first pass of reading the makefiles, we dump the list of -# extension libs to a temp file, then copy that to the ".list" file if -# it is different than the existing .list (if any). The register.inc -# file then uses the .list as a prerequisite, so it is only rebuilt -# (and updater.o recompiled) when the list of extension libs changes. - -junk := $(shell mkdir -p $(dir $(inc));\ - echo $(TARGET_RECOVERY_UPDATER_LIBS) > $(inc).temp;\ - diff -q $(inc).temp $(inc).list 2>/dev/null || cp -f $(inc).temp $(inc).list) +# Encode the value of TARGET_RECOVERY_UPDATER_LIBS into the filename of the dependency. +# So if TARGET_RECOVERY_UPDATER_LIBS is changed, a new dependency file will be generated. +# Note that we have to remove any existing depency files before creating new one, +# so no obsolete dependecy file gets used if you switch back to an old value. +inc_dep_file := $(inc).dep.$(subst $(space),-,$(sort $(TARGET_RECOVERY_UPDATER_LIBS))) +$(inc_dep_file): stem := $(inc).dep +$(inc_dep_file) : + $(hide) mkdir -p $(dir $@) + $(hide) rm -f $(stem).* + $(hide) touch $@ $(inc) : libs := $(TARGET_RECOVERY_UPDATER_LIBS) -$(inc) : $(inc).list +$(inc) : $(inc_dep_file) $(hide) mkdir -p $(dir $@) $(hide) echo "" > $@ $(hide) $(foreach lib,$(libs),echo "extern void Register_$(lib)(void);" >> $@;) @@ -72,6 +73,9 @@ $(inc) : $(inc).list $(call intermediates-dir-for,EXECUTABLES,updater)/updater.o : $(inc) LOCAL_C_INCLUDES += $(dir $(inc)) +inc := +inc_dep_file := + LOCAL_MODULE := updater LOCAL_FORCE_STATIC_EXECUTABLE := true diff --git a/verifier_test.cpp b/verifier_test.cpp index fe5519d79..01d092680 100644 --- a/verifier_test.cpp +++ b/verifier_test.cpp @@ -56,7 +56,45 @@ RSAPublicKey test_key = 9135381, 1625809335, -1490225159, -1342673351, 1117190829, -57654514, 1825108855, -1281819325, 1111251351, -1726129724, 1684324211, -1773988491, - 367251975, 810756730, -1941182952, 1175080310 } + 367251975, 810756730, -1941182952, 1175080310 }, + 3 + }; + +RSAPublicKey test_f4_key = + { 64, 0xc9bd1f21, + { 293133087u, 3210546773u, 865313125u, 250921607u, + 3158780490u, 943703457u, 1242806226u, 2986289859u, + 2942743769u, 2457906415u, 2719374299u, 1783459420u, + 149579627u, 3081531591u, 3440738617u, 2788543742u, + 2758457512u, 1146764939u, 3699497403u, 2446203424u, + 1744968926u, 1159130537u, 2370028300u, 3978231572u, + 3392699980u, 1487782451u, 1180150567u, 2841334302u, + 3753960204u, 961373345u, 3333628321u, 748825784u, + 2978557276u, 1566596926u, 1613056060u, 2600292737u, + 1847226629u, 50398611u, 1890374404u, 2878700735u, + 2286201787u, 1401186359u, 619285059u, 731930817u, + 2340993166u, 1156490245u, 2992241729u, 151498140u, + 318782170u, 3480838990u, 2100383433u, 4223552555u, + 3628927011u, 4247846280u, 1759029513u, 4215632601u, + 2719154626u, 3490334597u, 1751299340u, 3487864726u, + 3668753795u, 4217506054u, 3748782284u, 3150295088u }, + { 1772626313u, 445326068u, 3477676155u, 1758201194u, + 2986784722u, 491035581u, 3922936562u, 702212696u, + 2979856666u, 3324974564u, 2488428922u, 3056318590u, + 1626954946u, 664714029u, 398585816u, 3964097931u, + 3356701905u, 2298377729u, 2040082097u, 3025491477u, + 539143308u, 3348777868u, 2995302452u, 3602465520u, + 212480763u, 2691021393u, 1307177300u, 704008044u, + 2031136606u, 1054106474u, 3838318865u, 2441343869u, + 1477566916u, 700949900u, 2534790355u, 3353533667u, + 336163563u, 4106790558u, 2701448228u, 1571536379u, + 1103842411u, 3623110423u, 1635278839u, 1577828979u, + 910322800u, 715583630u, 138128831u, 1017877531u, + 2289162787u, 447994798u, 1897243165u, 4121561445u, + 4150719842u, 2131821093u, 2262395396u, 3305771534u, + 980753571u, 3256525190u, 3128121808u, 1072869975u, + 3507939515u, 4229109952u, 118381341u, 2209831334u }, + 65537 }; RecoveryUI* ui = NULL; @@ -91,14 +129,21 @@ class FakeUI : public RecoveryUI { }; int main(int argc, char **argv) { - if (argc != 2) { - fprintf(stderr, "Usage: %s <package>\n", argv[0]); + if (argc != 2 && argc != 3) { + fprintf(stderr, "Usage: %s [-f4] <package>\n", argv[0]); return 2; } + RSAPublicKey* key = &test_key; + ++argv; + if (strcmp(argv[0], "-f4") == 0) { + ++argv; + key = &test_f4_key; + } + ui = new FakeUI(); - int result = verify_file(argv[1], &test_key, 1); + int result = verify_file(*argv, key, 1); if (result == VERIFY_SUCCESS) { printf("SUCCESS\n"); return 0; diff --git a/verifier_test.sh b/verifier_test.sh index a1de5c57b..378b0e5ff 100755 --- a/verifier_test.sh +++ b/verifier_test.sh @@ -73,9 +73,24 @@ expect_fail() { run_command $WORK_DIR/verifier_test $WORK_DIR/package.zip && fail } +expect_succeed_f4() { + testname "$1 (should succeed)" + $ADB push $DATA_DIR/$1 $WORK_DIR/package.zip + run_command $WORK_DIR/verifier_test -f4 $WORK_DIR/package.zip || fail +} + +expect_fail_f4() { + testname "$1 (should fail)" + $ADB push $DATA_DIR/$1 $WORK_DIR/package.zip + run_command $WORK_DIR/verifier_test -f4 $WORK_DIR/package.zip && fail +} + expect_fail unsigned.zip expect_fail jarsigned.zip expect_succeed otasigned.zip +expect_fail_f4 otasigned.zip +expect_succeed_f4 otasigned_f4.zip +expect_fail otasigned_f4.zip expect_fail random.zip expect_fail fake-eocd.zip expect_fail alter-metadata.zip |