| c4db97bfa6f24e987c8298f721a6c99f5febb599 |
|
14-Mar-2016 |
Sen Jiang <senj@google.com> |
Fix PayloadSignerTest.* in Brillo.
Added modules to install missing private and public keys.
There's no openssl binary in target device, rewrote SignHash() using
openssl library functions.
Test: GTEST_FILTER="PayloadSignerTest.*" ./update_engine_unittests
Bug: 26955860
(cherry picked from commit 923886a86013fbba05d00dd64d4ddc9b9a6dffe4)
Change-Id: I9952409480cc1e70b90999f3dda7dfab5cc413f1
/system/update_engine/payload_generator/payload_signer.cc
|
| 98e691cc6debda3ef671acba001bebd45da36377 |
|
05-Feb-2016 |
Alex Deymo <deymo@google.com> |
New "properties" sub-command to export payload properties.
The new brillo_update_payload sub-command "properties" dumps a list of
properties for a given signed or unsigned payload. These properties are
normally included in the Omaha response, and extracted from python in
chromite.
This new sub-command helps to encapsulate the properties used by the
server side wehn serving a payload and to let the Android application
pass these required properties.
The properties include the payload and metadata hash and size.
Bug: 26991255
TEST=FEATURES=test emerge-link update_engine
TEST=mmma system/update_engine
TEST=`brillo_update_payload properties` for signed and unsigned payloads.
Change-Id: I4602ea4b8dc269e4cc66df4293ef9765d8dd031d
/system/update_engine/payload_generator/payload_signer.cc
|
| 39910dcd1d68987ccee7c3031dc269233a8490bb |
|
10-Nov-2015 |
Alex Deymo <deymo@google.com> |
Split payload application code into a subdirectory.
This patch splits from the main libupdate_engine code the part that
is strictly used to download and apply a payload into a new static
library, moving the code to subdirectories. The new library is divided
in two subdirectories: common/ and payload_consumer/, and should not
depend on other update_engine files outside those two subdirectories.
The main difference between those two is that the common/ tools are more
generic and not tied to the payload consumer process, but otherwise they
are both compiled together.
There are still dependencies from the new libpayload_consumer library
into the main directory files and DBus generated files. Those will be
addressed in follow up CLs.
Bug: 25197634
Test: FEATURES=test emerge-link update_engine; `mm` on Brillo.
Change-Id: Id8d0204ea573627e6e26ca9ea17b9592ca95bc23
/system/update_engine/payload_generator/payload_signer.cc
|
| 3e728feb92bfd5514bff55aa7dc455da80e18906 |
|
05-Nov-2015 |
Sen Jiang <senj@google.com> |
Do not include signature dummy operation in major version 2.
It only exists for compatibility reason, for major version 2, there's no
point to add this any more.
Bug: None
TEST=Applied the new payload to a device.
Change-Id: I5803ab755415a1ba3d7460d82956bfe6e9fd4547
/system/update_engine/payload_generator/payload_signer.cc
|
| 644f618b8bbaa096c1fcdcf7d6ed06e2538ea83c |
|
07-Oct-2015 |
Sen Jiang <senj@google.com> |
delta_generator: Include metadata signature in major version 2.
--metadata_signature_file flag does what it should now.
Note that you should only pass this flag if the payload you are signing is
version 2.
Bug: 23981164
TEST=unit test added.
Change-Id: I613cd6a5fef188eca37c46c3f8a0a41d1c22f2fd
/system/update_engine/payload_generator/payload_signer.cc
|
| 720df3eeaecfc9ad229440c59e08c8d52f13dc1e |
|
01-Oct-2015 |
Sen Jiang <senj@google.com> |
Skip metadata signature when hashing payload in major version 2.
We should skip metadata signature when hashing the payload, so that the
payload signature won't depend on metadata signature.
VerifySignedPayload will also verify metadata signature now if it exist.
Bug: 23981164
TEST=cros_workon_make update_engine --test
Change-Id: I3e52b7bf8ddf1539bbb6934e8a5ec1112b94ae62
/system/update_engine/payload_generator/payload_signer.cc
|
| aef1c6f0b5a0059a103251a9a93bd0be43bd50a2 |
|
07-Oct-2015 |
Sen Jiang <senj@google.com> |
PayloadVerifier should not depend on DeltaPerformer to load payload.
The implementation in DeltaPerformer is designed for situation that payload
might only partially available, but in PayloadVerifier we already have the
whole payload. So I implemented LoadPayload in PayloadSigner which logic is
simpler and supports both version 1 and 2.
VerifySignedPayload is also moved to PayloadSigner since it's not used in
update engine daemon.
This patch also fixed wrong metadata size out in version 2 and misspelling
of metadata in WritePayload in PayloadFile.
Bug: 23981164
TEST=unit test added.
Change-Id: Id1917fc891dbf2075978a273d1a4ee3c4ecf0571
/system/update_engine/payload_generator/payload_signer.cc
|
| 3f39d5cc753905874d8d93bef94f857b8808f19e |
|
13-Oct-2015 |
Alex Vakulenko <avakulenko@google.com> |
update_engine: Rename "chromeos" -> "brillo" in include paths and namespaces
libchromeos is transitioning to libbrillo and chromeos namespaces
and include directory is changing to brillo.
Bug: 24872993
Change-Id: I770659a95be380a50fe3b2ba9f91d65818f40945
/system/update_engine/payload_generator/payload_signer.cc
|
| b552a68af39efa42d462a9272d3dc47eb39c6db8 |
|
30-Sep-2015 |
Alex Deymo <deymo@google.com> |
Check all signatures regardless of the version.
The update_engine daemon had a fixed version number for the public key
used to verify both the metadata and whole payload signatures. The
public key itself is installed by the signer, implying that the source
code and the signer need to be in sync if we ever need to roll the
payload key.
This situation becomes more of a problem if we don't control when the
version number included in the source code is updated in the built
image sent for payload generation and signing.
This patch makes update_engine ignore the version number associated
with a signature and instead tries to verify all the signatures
included in the payload against the public key found in the code. This
effectively deprecates the key version number. To be compatible with
old versions, the version number 1 is included in all signatures.
Bug: 23601118
Test: Added unittests.
Change-Id: I4f96cc207ad6b9c011def5ce586d0e0e85af28ab
/system/update_engine/payload_generator/payload_signer.cc
|
| 6f20dd4fc8861d93d188cd27323d2f9746464aaf |
|
19-Aug-2015 |
Alex Deymo <deymo@chromium.org> |
Fix includes and DBus headers to build on Android.
This patch include a set of small changes to includes and names in
order to be compatible with the Android build system.
First, the DBus .xml file needs to be renamed to .dbus-xml and the
output directory must match the soruce directory, since the headers are
generated with automatic Makefile rules.
Some headers required by bionic were missing, such as endian.h and
xattr.h. In the xattr.h case, we include the header from the glibc
(or bionic) instead of libattr, since libattr is not available in
AOSP in the first place, and we are not linking against it Chrome OS,
so we shold include the right headers.
Bug: 23084776
TEST=`FEATURES=test emerge-link update_engine` works; `mma` in AOSP doesn't have these errors anymore (but still doesn't build).
Change-Id: Ifeedfe9d894ca78baa03940ac55563cfcd464e76
/system/update_engine/payload_generator/payload_signer.cc
|
| aea4c1cea20dda7ae7e85fc8924a2d784f70d806 |
|
20-Aug-2015 |
Alex Deymo <deymo@google.com> |
Re-license update_engine to Apache2
This patch automatically replaced the license on all text files from
Chromium OS (BSD style) to AOSP (Apache2), keeping the original year as
a reference.
The license header was added to .gyp and .gypi files, the NOTICE was
replaced with a copy of the Apache2 license and MODULE_LICENSE_* file
was updated.
BUG=b/23084294
TEST=grep 'Chromium OS Authors' doesn't find anything.
Change-Id: Ie5083750755f5180a8a785b24fe67dbf9195cd10
/system/update_engine/payload_generator/payload_signer.cc
|
| 14158570d3995008dc93a628004118b87a6bca01 |
|
13-Jun-2015 |
Alex Deymo <deymo@chromium.org> |
update_engine: Split delta_diff_generator file.
The DeltaDiffGenerator class includes both an OperationsGenerator using the
A-to-B operations and a set of common methods used also by the inplace generator.
The delta_diff_generator.{h,cc} files also include a single function to generate
the payload (GenerateUpdatePayloadFile) that centralizes the logic of generating
the operations and writing the payload.
This patch splits these three parts in different files. The common delta diff
function are moved to the delta_diff_utils.{h,cc} files. The operations generator
class that uses A-to-B operations is now in a new ab_generator.{h,cc} pair of files
that implement the ABGenerator() class. Finally, the payload file writing methods
are now in a single PayloadFile class.
This allow us to create payload files without the need to generate images and
their deltas. This will be used in a follow up CL to remove the image generation
logic from the unittests.
BUG=chromium:351589
TEST=Ran unittests. Regenerate a payload with and without this patch; got the same results.
Change-Id: I6816d2c805ba8c0c5c9423c720131a100a15ebaa
Reviewed-on: https://chromium-review.googlesource.com/280838
Reviewed-by: Alex Deymo <deymo@chromium.org>
Commit-Queue: Alex Deymo <deymo@chromium.org>
Trybot-Ready: Alex Deymo <deymo@chromium.org>
Tested-by: Alex Deymo <deymo@chromium.org>
/system/update_engine/payload_generator/payload_signer.cc
|
| c31e4a742b56c122b50febc1f78fd1c3772ab7fd |
|
07-May-2015 |
Mike Frysinger <vapier@chromium.org> |
update_engine: drop SYSROOT checks
Since unittests are run inside of the sysroot now, the specific checks
for them in the tests are pointless. Delete all the related logic.
BUG=chromium:401872
TEST=precq passes (runs unittests)
Change-Id: I12cb5e6717718a35c0dda2510e63c7bbcfa1f470
Reviewed-on: https://chromium-review.googlesource.com/269643
Trybot-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Alex Deymo <deymo@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
/system/update_engine/payload_generator/payload_signer.cc
|
| f68bbbc952aa9a71898e4939b5f36187fa564a50 |
|
09-Feb-2015 |
Alex Vakulenko <avakulenko@chromium.org> |
update_engine: replace std::vector<char> with chromeos::Blob
To make update engine consistent with the rest of platform2 code
replaced std::vector<char> as the container of binary data with
chromeos::Blob.
BUG=None
TEST=`FEATURES=test emerge-link update_engine`
Change-Id: I6385fd2257d15aa24bfa74ac35512c2a06c33012
Reviewed-on: https://chromium-review.googlesource.com/247793
Reviewed-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Alex Deymo <deymo@chromium.org>
Tested-by: Alex Vakulenko <avakulenko@chromium.org>
Commit-Queue: Alex Vakulenko <avakulenko@chromium.org>
/system/update_engine/payload_generator/payload_signer.cc
|
| 981a9fb68ec5fe56f57b3ecb117a0dc681bf5e83 |
|
09-Feb-2015 |
Alex Vakulenko <avakulenko@chromium.org> |
platform2: Switch over to using base64 functions from libchromeos
Replaced existing implementations of Base64Encode/Base64Decode
with the functions from libchromeos, which were added as part
of an earlier change (see CL:247690).
BUG=None
TEST=`FEATURES=test emerge-link cryptohome debugd metrics privetd update_engine`
Change-Id: I8cec677ce2c2fd3b97ca2228d35c2cf5cd133f4c
Reviewed-on: https://chromium-review.googlesource.com/247792
Reviewed-by: Vitaly Buka <vitalybuka@chromium.org>
Tested-by: Alex Vakulenko <avakulenko@chromium.org>
Commit-Queue: Alex Vakulenko <avakulenko@chromium.org>
/system/update_engine/payload_generator/payload_signer.cc
|
| 020600db42428e7e96bb0d2e05da225e68650955 |
|
06-Nov-2014 |
Alex Deymo <deymo@chromium.org> |
update_engine: Use C++11 range-based for loop when possible.
This cleanup just simplifies the notation of several for loops using
the new range-based syntax.
BUG=None
TEST=`FEATURES=test USE="lang clang" emerge-link update_engine`
Change-Id: I2120a1b1c3fd00e9a02a62abfa8427932080d0f9
Reviewed-on: https://chromium-review.googlesource.com/227897
Tested-by: Alex Deymo <deymo@chromium.org>
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Commit-Queue: Alex Deymo <deymo@chromium.org>
/system/update_engine/payload_generator/payload_signer.cc
|
| f9cb98c0cacccca803db48502c7bd461d04cb6b0 |
|
22-Sep-2014 |
Ben Chan <benchan@chromium.org> |
update_engine: Clean up angle brackets in template types.
C++11 no longer has the angle bracket pitfall in template types.
BUG=None
TEST=`FEATURES=test emerge-$BOARD update_engine`
Change-Id: I0168b9f208ad8e62ae614b8a3b8bcf31c58fa9f2
Reviewed-on: https://chromium-review.googlesource.com/219203
Commit-Queue: Ben Chan <benchan@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
/system/update_engine/payload_generator/payload_signer.cc
|
| 88b591f24cb3f94f982d7024c2e8ed25c2cc26a2 |
|
29-Aug-2014 |
Alex Vakulenko <avakulenko@chromium.org> |
update_engine: Replace NULL with nullptr
Replaced the usage of NULL with nullptr. This also makes it possible to
use standard gtest macros to compare pointers in Update Manager's unit tests.
So, there is no need in custom UMTEST_... macros which are replaced with the
gtest macros (see change in update_engine/update_manager/umtest_utils.h):
UMTEST_ASSERT_NULL(p) => ASSERT_EQ(nullptr, p)
UMTEST_ASSERT_NOT_NULL(p) => ASSERT_NE(nullptr, p)
UMTEST_EXPECT_NULL(p) => EXPECT_EQ(nullptr, p)
UMTEST_EXPECT_NOT_NULL(p) => EXPECT_NE(nullptr, p)
BUG=None
TEST=FEATURES=test emerge-link update_engine
USE="clang asan" FEATURES=test emerge-link update_engine
Change-Id: I77a42a1e9ce992bb2f9f263db5cf75fe6110a4ec
Reviewed-on: https://chromium-review.googlesource.com/215136
Tested-by: Alex Vakulenko <avakulenko@chromium.org>
Reviewed-by: Alex Deymo <deymo@chromium.org>
Commit-Queue: Alex Vakulenko <avakulenko@chromium.org>
/system/update_engine/payload_generator/payload_signer.cc
|
| 923d8faa6b341ce5e16a760749e98cc6703ca2fd |
|
16-Jul-2014 |
Alex Deymo <deymo@chromium.org> |
update_engine: Split payload signing and verification.
Payloads are only signed on server-side code (delta_generator) and
verified on both sides and unittest. This removes the dependency of
payload_generator/ code from delta_performer.cc by spliting the
payload signing and verification in two files.
Currently, both files are still included on all the built files.
This patch also includes some minor linter fixes.
BUG=chromium:394184
TEST=FEATURES="test" emerge-link update_engine; sudo emerge update_engine
Change-Id: Ia4268257f4260902bc37612f429f44ba7e8f65fd
Reviewed-on: https://chromium-review.googlesource.com/208540
Tested-by: Alex Deymo <deymo@chromium.org>
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Commit-Queue: Alex Deymo <deymo@chromium.org>
/system/update_engine/payload_generator/payload_signer.cc
|