AU: Sign delta payloads
- Change .proto to have explicit offset/length of signature. I was
hoping the length could be kept out of the proto, but it needs to go
in. The way we cheat and keep the signature in the file is to have a
dummer install operation at the end that will cause old clients to
write the signature data to nowhere.
- Change delta generator to take an optional private key, which if
present will cause the payload to be signed
- Cleanup Omaha hash calculator, which should be renamed to SHA1 hash
calculator, and allow export of the non-base64 encoded SHA1 result.
- Note: signatures are not yet checked. That will come in a future CL.
BUG=5662
TEST=unittests
Review URL: http://codereview.chromium.org/3132033
diff --git a/delta_diff_generator.h b/delta_diff_generator.h
index efc4747..31f9e64 100644
--- a/delta_diff_generator.h
+++ b/delta_diff_generator.h
@@ -42,6 +42,8 @@
// mounted read-only at paths old_root and new_root respectively.
// {old,new}_kernel_part are paths to the old and new kernel partition
// images, respectively.
+ // private_key_path points to a private key used to sign the update.
+ // Pass empty string to not sign the update.
// output_path is the filename where the delta update should be written.
// Returns true on success.
static bool GenerateDeltaUpdateFile(const std::string& old_root,
@@ -50,7 +52,8 @@
const std::string& new_image,
const std::string& old_kernel_part,
const std::string& new_kernel_part,
- const std::string& output_path);
+ const std::string& output_path,
+ const std::string& private_key_path);
// These functions are public so that the unit tests can access them: