diff options
Diffstat (limited to 'verifier.h')
-rw-r--r-- | verifier.h | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/verifier.h b/verifier.h index d70417340..43fd5adcd 100644 --- a/verifier.h +++ b/verifier.h @@ -17,6 +17,7 @@ #ifndef _RECOVERY_VERIFIER_H #define _RECOVERY_VERIFIER_H +#include "mincrypt/p256.h" #include "mincrypt/rsa.h" #define ASSUMED_UPDATE_BINARY_NAME "META-INF/com/google/android/update-binary" @@ -26,14 +27,30 @@ enum { INSTALL_SUCCESS, INSTALL_ERROR, INSTALL_CORRUPT }; static const float VERIFICATION_PROGRESS_FRACTION = 0.25; typedef struct Certificate { + +typedef struct { + p256_int x; + p256_int y; +} ECPublicKey; + +typedef struct { + typedef enum { + RSA, + EC, + } KeyType; + int hash_len; // SHA_DIGEST_SIZE (SHA-1) or SHA256_DIGEST_SIZE (SHA-256) - RSAPublicKey* public_key; + KeyType key_type; + RSAPublicKey* rsa; + ECPublicKey* ec; } Certificate; -/* Look in the file for a signature footer, and verify that it - * matches one of the given keys. Return one of the constants below. +/* addr and length define a an update package file that has been + * loaded (or mmap'ed, or whatever) into memory. Verify that the file + * is signed and the signature matches one of the given keys. Return + * one of the constants below. */ -int verify_file(const char* path); +int verify_file(unsigned char* addr, size_t length); Certificate* load_keys(const char* filename, int* numKeys); |