| // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "update_engine/payload_signer.h" |
| |
| #include "base/logging.h" |
| #include "base/string_util.h" |
| #include "update_engine/omaha_hash_calculator.h" |
| #include "update_engine/subprocess.h" |
| #include "update_engine/update_metadata.pb.h" |
| #include "update_engine/utils.h" |
| |
| using std::string; |
| using std::vector; |
| |
| namespace chromeos_update_engine { |
| |
| const uint32_t kSignatureMessageVersion = 1; |
| |
| bool PayloadSigner::SignPayload(const string& unsigned_payload_path, |
| const string& private_key_path, |
| vector<char>* out_signature_blob) { |
| string sig_path; |
| TEST_AND_RETURN_FALSE( |
| utils::MakeTempFile("/tmp/signature.XXXXXX", &sig_path, NULL)); |
| ScopedPathUnlinker sig_path_unlinker(sig_path); |
| |
| string hash_path; |
| TEST_AND_RETURN_FALSE( |
| utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_path, NULL)); |
| ScopedPathUnlinker hash_path_unlinker(hash_path); |
| |
| vector<char> hash_data; |
| { |
| vector<char> payload; |
| // TODO(adlr): Read file in chunks. Not urgent as this runs on the server. |
| TEST_AND_RETURN_FALSE(utils::ReadFile(unsigned_payload_path, &payload)); |
| TEST_AND_RETURN_FALSE(OmahaHashCalculator::RawHashOfData(payload, |
| &hash_data)); |
| } |
| TEST_AND_RETURN_FALSE(utils::WriteFile(hash_path.c_str(), |
| &hash_data[0], |
| hash_data.size())); |
| |
| // This runs on the server, so it's okay to cop out and call openssl |
| // executable rather than properly use the library |
| vector<string> cmd; |
| SplitString("/usr/bin/openssl rsautl -pkcs -sign -inkey x -in x -out x", |
| ' ', |
| &cmd); |
| cmd[cmd.size() - 5] = private_key_path; |
| cmd[cmd.size() - 3] = hash_path; |
| cmd[cmd.size() - 1] = sig_path; |
| |
| int return_code = 0; |
| TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &return_code)); |
| TEST_AND_RETURN_FALSE(return_code == 0); |
| |
| vector<char> signature; |
| TEST_AND_RETURN_FALSE(utils::ReadFile(sig_path, &signature)); |
| |
| // Pack it into a protobuf |
| Signatures out_message; |
| Signatures_Signature* sig_message = out_message.add_signatures(); |
| sig_message->set_version(kSignatureMessageVersion); |
| sig_message->set_data(signature.data(), signature.size()); |
| |
| // Serialize protobuf |
| string serialized; |
| TEST_AND_RETURN_FALSE(out_message.AppendToString(&serialized)); |
| out_signature_blob->insert(out_signature_blob->end(), |
| serialized.begin(), |
| serialized.end()); |
| return true; |
| } |
| |
| bool PayloadSigner::SignatureBlobLength( |
| const string& private_key_path, |
| uint64_t* out_length) { |
| DCHECK(out_length); |
| |
| string x_path; |
| TEST_AND_RETURN_FALSE( |
| utils::MakeTempFile("/tmp/signed_data.XXXXXX", &x_path, NULL)); |
| ScopedPathUnlinker x_path_unlinker(x_path); |
| TEST_AND_RETURN_FALSE(utils::WriteFile(x_path.c_str(), "x", 1)); |
| |
| vector<char> sig_blob; |
| TEST_AND_RETURN_FALSE(PayloadSigner::SignPayload(x_path, |
| private_key_path, |
| &sig_blob)); |
| *out_length = sig_blob.size(); |
| return true; |
| } |
| |
| bool PayloadSigner::VerifySignature(const std::vector<char>& signature_blob, |
| const std::string& public_key_path, |
| std::vector<char>* out_hash_data) { |
| TEST_AND_RETURN_FALSE(!public_key_path.empty()); |
| |
| Signatures signatures; |
| TEST_AND_RETURN_FALSE(signatures.ParseFromArray(&signature_blob[0], |
| signature_blob.size())); |
| |
| // Finds a signature that matches the current version. |
| int sig_index = 0; |
| for (; sig_index < signatures.signatures_size(); sig_index++) { |
| const Signatures_Signature& signature = signatures.signatures(sig_index); |
| if (signature.has_version() && |
| signature.version() == kSignatureMessageVersion) { |
| break; |
| } |
| } |
| TEST_AND_RETURN_FALSE(sig_index < signatures.signatures_size()); |
| |
| const Signatures_Signature& signature = signatures.signatures(sig_index); |
| const string sig_data = signature.data(); |
| string sig_path; |
| TEST_AND_RETURN_FALSE( |
| utils::MakeTempFile("/var/run/signature.XXXXXX", &sig_path, NULL)); |
| ScopedPathUnlinker sig_path_unlinker(sig_path); |
| TEST_AND_RETURN_FALSE(utils::WriteFile(sig_path.c_str(), |
| &sig_data[0], |
| sig_data.size())); |
| string hash_path; |
| TEST_AND_RETURN_FALSE( |
| utils::MakeTempFile("/var/run/hash.XXXXXX", &hash_path, NULL)); |
| ScopedPathUnlinker hash_path_unlinker(hash_path); |
| |
| // TODO(petkov): This runs on the client so it will be cleaner if it uses |
| // direct openssl library calls. |
| vector<string> cmd; |
| SplitString("/usr/bin/openssl rsautl -verify -pubin -inkey x -in x -out x", |
| ' ', |
| &cmd); |
| cmd[cmd.size() - 5] = public_key_path; |
| cmd[cmd.size() - 3] = sig_path; |
| cmd[cmd.size() - 1] = hash_path; |
| |
| int return_code = 0; |
| TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &return_code)); |
| TEST_AND_RETURN_FALSE(return_code == 0); |
| |
| TEST_AND_RETURN_FALSE(utils::ReadFile(hash_path, out_hash_data)); |
| return true; |
| } |
| |
| } // namespace chromeos_update_engine |