Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / update_engine / 00f76b61fdc8f401ae93b2300f1cc9d62d932f30
commit00f76b61fdc8f401ae93b2300f1cc9d62d932f30[log] [tgz]
authorJay Srinivasan <jaysri@chromium.org>Mon Sep 17 18:48:36 2012 -0700
committerGerrit <chrome-bot@google.com>Mon Sep 17 22:02:51 2012 -0700
tree0993333ac5cdeb0e06e3ed37f3bd56b87c0eb6e3
parent74475bfd0ed945d9035c1760c6ccf938f4f0cdff [diff]
Generate and validate per-operation hashes

As part of securing the HTTP-based updates, we want to add a SHA256 hash
of the data blob for each operation so that they can't be tampered with
by a man in the middle. This CL adds support for generating and
including such hashes for each operation in the payload as well as
validating them in update_engine, if present.

BUG=chromium-os:34298
TEST=Tested on ZGB to make sure existing functionality works fine.
     Existing unit tests cover all the new code paths.
Change-Id: Ie42ed1930a66ceaf183f36ce3af0dea719e44237
Reviewed-on: https://gerrit.chromium.org/gerrit/33389
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Ready: Jay Srinivasan <jaysri@chromium.org>
Tested-by: Jay Srinivasan <jaysri@chromium.org>
4 files changed
tree: 0993333ac5cdeb0e06e3ed37f3bd56b87c0eb6e3
  1. .gitignore
  2. 99-gpio-dutflag.rules
  3. action.h
  4. action_mock.h
  5. action_pipe.h
  6. action_pipe_unittest.cc
  7. action_processor.cc
  8. action_processor.h
  9. action_processor_mock.h
  10. action_processor_unittest.cc
  11. action_unittest.cc
  12. build
  13. bzip.cc
  14. bzip.h
  15. bzip_extent_writer.cc
  16. bzip_extent_writer.h
  17. bzip_extent_writer_unittest.cc
  18. certificate_checker.cc
  19. certificate_checker.h
  20. certificate_checker_mock.h
  21. certificate_checker_unittest.cc
  22. chrome_browser_proxy_resolver.cc
  23. chrome_browser_proxy_resolver.h
  24. chrome_browser_proxy_resolver_unittest.cc
  25. chrome_proxy_resolver.cc
  26. chrome_proxy_resolver.h
  27. chrome_proxy_resolver_unittest.cc
  28. connection_manager.cc
  29. connection_manager.h
  30. connection_manager_unittest.cc
  31. cycle_breaker.cc
  32. cycle_breaker.h
  33. cycle_breaker_unittest.cc
  34. dbus_constants.h
  35. dbus_interface.h
  36. dbus_service.cc
  37. dbus_service.h
  38. delta_diff_generator.cc
  39. delta_diff_generator.h
  40. delta_diff_generator_unittest.cc
  41. delta_performer.cc
  42. delta_performer.h
  43. delta_performer_unittest.cc
  44. download_action.cc
  45. download_action.h
  46. download_action_unittest.cc
  47. extent_mapper.cc
  48. extent_mapper.h
  49. extent_mapper_unittest.cc
  50. extent_ranges.cc
  51. extent_ranges.h
  52. extent_ranges_unittest.cc
  53. extent_writer.cc
  54. extent_writer.h
  55. extent_writer_unittest.cc
  56. file_descriptor.cc
  57. file_descriptor.h
  58. file_writer.cc
  59. file_writer.h
  60. file_writer_mock.h
  61. file_writer_unittest.cc
  62. filesystem_copier_action.cc
  63. filesystem_copier_action.h
  64. filesystem_copier_action_unittest.cc
  65. filesystem_iterator.cc
  66. filesystem_iterator.h
  67. filesystem_iterator_unittest.cc
  68. full_update_generator.cc
  69. full_update_generator.h
  70. full_update_generator_unittest.cc
  71. gen_coverage_html
  72. generate_delta_main.cc
  73. gpio_handler.cc
  74. gpio_handler.h
  75. gpio_handler_unittest.cc
  76. gpio_handler_unittest.h
  77. gpio_mock_file_descriptor.cc
  78. gpio_mock_file_descriptor.h
  79. gpio_mock_udev_interface.cc
  80. gpio_mock_udev_interface.h
  81. graph_types.h
  82. graph_utils.cc
  83. graph_utils.h
  84. graph_utils_unittest.cc
  85. http_common.cc
  86. http_common.h
  87. http_fetcher.cc
  88. http_fetcher.h
  89. http_fetcher_unittest.cc
  90. http_fetcher_unittest.h
  91. inherit-review-settings-ok
  92. install_plan.h
  93. integration_unittest.cc
  94. libcurl_http_fetcher.cc
  95. libcurl_http_fetcher.h
  96. LICENSE
  97. local_coverage_rate
  98. main.cc
  99. marshal.list
  100. metadata.cc
  101. metadata.h
  102. metadata_unittest.cc
  103. mock_connection_manager.h
  104. mock_dbus_interface.h
  105. mock_file_writer.h
  106. mock_http_fetcher.cc
  107. mock_http_fetcher.h
  108. mock_system_state.h
  109. multi_range_http_fetcher.cc
  110. multi_range_http_fetcher.h
  111. omaha_hash_calculator.cc
  112. omaha_hash_calculator.h
  113. omaha_hash_calculator_unittest.cc
  114. omaha_request_action.cc
  115. omaha_request_action.h
  116. omaha_request_action_unittest.cc
  117. omaha_request_params.cc
  118. omaha_request_params.h
  119. omaha_request_params_unittest.cc
  120. omaha_response_handler_action.cc
  121. omaha_response_handler_action.h
  122. omaha_response_handler_action_unittest.cc
  123. org.chromium.UpdateEngine.service
  124. payload_signer.cc
  125. payload_signer.h
  126. payload_signer_unittest.cc
  127. postinstall_runner_action.cc
  128. postinstall_runner_action.h
  129. postinstall_runner_action_unittest.cc
  130. prefs.cc
  131. prefs.h
  132. prefs_interface.h
  133. prefs_mock.h
  134. prefs_unittest.cc
  135. proxy_resolver.cc
  136. proxy_resolver.h
  137. run_unittests
  138. SConstruct
  139. setup_dev_packages
  140. simple_key_value_store.cc
  141. simple_key_value_store.h
  142. simple_key_value_store_unittest.cc
  143. subprocess.cc
  144. subprocess.h
  145. subprocess_unittest.cc
  146. system_state.cc
  147. system_state.h
  148. tarjan.cc
  149. tarjan.h
  150. tarjan_unittest.cc
  151. terminator.cc
  152. terminator.h
  153. terminator_unittest.cc
  154. test_http_server.cc
  155. test_utils.cc
  156. test_utils.h
  157. testrunner.cc
  158. topological_sort.cc
  159. topological_sort.h
  160. topological_sort_unittest.cc
  161. udev_interface.h
  162. unittest_key.pem
  163. unittest_key2.pem
  164. update_attempter.cc
  165. update_attempter.h
  166. update_attempter_mock.h
  167. update_attempter_unittest.cc
  168. update_check_scheduler.cc
  169. update_check_scheduler.h
  170. update_check_scheduler_unittest.cc
  171. update_engine.xml
  172. update_engine_client.cc
  173. update_metadata.proto
  174. UpdateEngine.conf
  175. utils.cc
  176. utils.h
  177. utils_unittest.cc
  178. WATCHLISTS
  179. zip_unittest.cc