summaryrefslogtreecommitdiffstats
path: root/verifier.cpp (follow)
Commit message (Collapse)AuthorAgeFilesLines
* DO NOT MERGE: Add a checker for signature boundary in verifierTianjie Xu2016-12-201-0/+7
| | | | | | | | | | | | | | | | The 'signature_start' variable marks the location of the signature from the end of a zip archive. And a boundary check is missing where 'signature_start' should be within the EOCD comment field. This causes problems when sideloading a malicious package. Also add a corresponding test. Bug: 31914369 Test: Verification fails correctly when sideloading recovery_test.zip on angler. Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1 (cherry-picked from f69e6a9475983b2ad46729e44ab58d2b22cd74d0) (cherry picked from commit 54ea136fded56810bf475885eb4bd7bf1b11f09c)
* verifier: update to support certificates using SHA-256Doug Zongker2013-04-101-17/+63
| | | | Change-Id: Ifd5a29d459acf101311fa1c220f728c3d0ac2e4e
* move key loading to verifier codeDoug Zongker2012-11-021-0/+102
| | | | | | | Add an option to verifier_test to load keys from a file, the way the recovery does. Change-Id: Icba0e391164f2c1a9fefeab4b0bcb878e91d17b4
* refactor ui functions into a classDoug Zongker2011-10-311-2/+4
| | | | | | | | | | | Move all the functions in ui.c to be members of a ScreenRecoveryUI class, which is a subclass of an abstract RecoveryUI class. Recovery then creates a global singleton instance of this class and then invoke the methods to drive the UI. We use this to allow substitution of a different RecoveryUI implementation for devices with radically different form factors (eg, that don't have a screen). Change-Id: I76bdd34eca506149f4cc07685df6a4890473f3d9
* turn recovery into a C++ binaryDoug Zongker2011-10-311-0/+185
Change-Id: I423a23581048d451d53eef46e5f5eac485b77555
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-14 00:53:10 +0200