diff options
author | Tao Bao <tbao@google.com> | 2016-04-23 01:49:53 +0200 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2016-04-23 01:49:53 +0200 |
commit | 5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be (patch) | |
tree | c68cd4eae5e1ec9f9a87785593ff553a9dca0454 | |
parent | Go back to the old ear-wiggling Android animation. (diff) | |
parent | Merge "recovery: Dump the signature in the zip package." into nyc-dev (diff) | |
download | android_bootable_recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.tar android_bootable_recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.tar.gz android_bootable_recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.tar.bz2 android_bootable_recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.tar.lz android_bootable_recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.tar.xz android_bootable_recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.tar.zst android_bootable_recovery-5e3aa78c8bb47ee96ed5d2d9713b64ae6c8823be.zip |
-rw-r--r-- | print_sha1.h | 6 | ||||
-rw-r--r-- | verifier.cpp | 17 |
2 files changed, 20 insertions, 3 deletions
diff --git a/print_sha1.h b/print_sha1.h index fa3d7e009..c7c1f3651 100644 --- a/print_sha1.h +++ b/print_sha1.h @@ -22,7 +22,7 @@ #include "openssl/sha.h" -static std::string print_sha1(const uint8_t sha1[SHA_DIGEST_LENGTH], size_t len) { +static std::string print_sha1(const uint8_t* sha1, size_t len) { const char* hex = "0123456789abcdef"; std::string result = ""; for (size_t i = 0; i < len; ++i) { @@ -40,4 +40,8 @@ static std::string short_sha1(const uint8_t sha1[SHA_DIGEST_LENGTH]) { return print_sha1(sha1, 4); } +static std::string print_hex(const uint8_t* bytes, size_t len) { + return print_sha1(bytes, len); +} + #endif // RECOVERY_PRINT_SHA1_H diff --git a/verifier.cpp b/verifier.cpp index 523990561..996a1fdf9 100644 --- a/verifier.cpp +++ b/verifier.cpp @@ -28,6 +28,7 @@ #include "asn1_decoder.h" #include "common.h" +#include "print_sha1.h" #include "ui.h" #include "verifier.h" @@ -231,9 +232,14 @@ int verify_file(unsigned char* addr, size_t length, uint8_t* sig_der = nullptr; size_t sig_der_length = 0; + uint8_t* signature = eocd + eocd_size - signature_start; size_t signature_size = signature_start - FOOTER_SIZE; - if (!read_pkcs7(eocd + eocd_size - signature_start, signature_size, &sig_der, - &sig_der_length)) { + + LOGI("signature (offset: 0x%zx, length: %zu): %s\n", + length - signature_start, signature_size, + print_hex(signature, signature_size).c_str()); + + if (!read_pkcs7(signature, signature_size, &sig_der, &sig_der_length)) { LOGE("Could not find signature DER block\n"); return VERIFY_FAILURE; } @@ -288,6 +294,13 @@ int verify_file(unsigned char* addr, size_t length, } i++; } + + if (need_sha1) { + LOGI("SHA-1 digest: %s\n", print_hex(sha1, SHA_DIGEST_LENGTH).c_str()); + } + if (need_sha256) { + LOGI("SHA-256 digest: %s\n", print_hex(sha256, SHA256_DIGEST_LENGTH).c_str()); + } free(sig_der); LOGE("failed to verify whole-file signature\n"); return VERIFY_FAILURE; |