Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / update_engine / c24e3f313b2bbd1f3d782a3eec9a7d5fea67dbd9^! / . / SConstruct
commitc24e3f313b2bbd1f3d782a3eec9a7d5fea67dbd9[log] [tgz]
authorAndrew de los Reyes <adlr@chromium.org>Tue Aug 30 15:45:20 2011 -0700
committerAndrew de los Reyes <adlr@chromium.org>Thu Sep 01 11:32:28 2011 -0700
tree90835edf15c47b7d1277ae59e6d04d2e3897f5ff
parent771e1bd1ed58ef791ccc41a2b9d96e257403abec [diff] [blame]
Support for signing with multiple signature files, key sizes.

If we do a key-rotation in the future, we'll want to sign updates with
two keys. This CL changes the delta generator in a
backwards-compatible way to take multiple key lengths and signature
files: On a command line where one could be given before, now multiple
may be given by colon-delimiting them.

Also, adds two unittests to show that old and new clients can
successfully verify a payload when it's signed by old and new keys.

BUG=chromium-os:19873
TEST=unittests; tested on device

Change-Id: I2063095773a5c71c32704c30b12d6eab2a5f3b80
Reviewed-on: http://gerrit.chromium.org/gerrit/6999
Reviewed-by: Andrew de los Reyes <adlr@chromium.org>
Tested-by: Andrew de los Reyes <adlr@chromium.org>

diff --git a/SConstruct b/SConstruct
index d91b365..5fada88 100644
--- a/SConstruct
+++ b/SConstruct

@@ -227,6 +227,7 @@
                 'dbus-1 dbus-glib-1 gio-2.0 gio-unix-2.0 glib-2.0')
 env.ProtocolBuffer('update_metadata.pb.cc', 'update_metadata.proto')
 env.PublicKey('unittest_key.pub.pem', 'unittest_key.pem')
+env.PublicKey('unittest_key2.pub.pem', 'unittest_key2.pem')
 
 env.DbusBindings('update_engine.dbusclient.h', 'update_engine.xml')