Verify downloaded size matches before verifying download hash match.
Hash mismatches should be rare and should not be seen during
normal operations, whereas size mismatches are more common due to failed
download attempts. So this CL re-orders the existing checks so that
we can easily determine the true number of hash mismatches, if any,
that's happening in the field.
BUG=chromium-os:30579
TEST=Tested with both valid and invalid sizes on my zgb.
Change-Id: Iea6b494011a32fbb3e30089eb7279db4927203d5
Reviewed-on: https://gerrit.chromium.org/gerrit/22067
Commit-Ready: Jay Srinivasan <jaysri@chromium.org>
Reviewed-by: Jay Srinivasan <jaysri@chromium.org>
Tested-by: Jay Srinivasan <jaysri@chromium.org>
diff --git a/delta_performer.cc b/delta_performer.cc
index 471ce82..4d6df80 100644
--- a/delta_performer.cc
+++ b/delta_performer.cc
@@ -601,6 +601,11 @@
}
LOG(INFO) << "Verifying delta payload. Public key path: " << key_path;
+ // Verifies the download size.
+ TEST_AND_RETURN_VAL(kActionCodeDownloadSizeMismatchError,
+ update_check_response_size ==
+ manifest_metadata_size_ + buffer_offset_);
+
// Verifies the download hash.
const string& download_hash_data = hash_calculator_.hash();
TEST_AND_RETURN_VAL(kActionCodeDownloadPayloadVerificationError,
@@ -608,11 +613,6 @@
TEST_AND_RETURN_VAL(kActionCodeDownloadHashMismatchError,
download_hash_data == update_check_response_hash);
- // Verifies the download size.
- TEST_AND_RETURN_VAL(kActionCodeDownloadSizeMismatchError,
- update_check_response_size ==
- manifest_metadata_size_ + buffer_offset_);
-
// Verifies the signed payload hash.
if (!utils::FileExists(key_path.c_str())) {
LOG(WARNING) << "Not verifying signed delta payload -- missing public key.";