53e790468c3ce7d094f1003648e7766395912ddb |
|
15-Sep-2015 |
Sami Tolvanen <samitolvanen@google.com> |
boot_signer: allow verification using an external certificate Add a -certificate parameter, which allows one to specify an external public key certificate to use for verifying boot image signatures: boot_signer -verify boot.img -certificate cert.x509.pem This makes it possible to confirm that the boot image has been signed with a specific key. Change-Id: I41f1a05e1c8be3bfac2a86678d81beaae0e371bb
/system/extras/verity/BootSignature.java
|
241f964e10ce8bc6c401073854fdaf1662013dae |
|
14-Nov-2014 |
Sami Tolvanen <samitolvanen@google.com> |
Add signature verification to keystore and verity signers This change adds -verify flags to keystore and verity signers for verifying the signatures of the signed content generated by the same tools. This allows implementers of verified boot to test and verify the correctness of their implementations. Bug: 15984840 Change-Id: I327de9c3a9e035cd11dc5022e978c840cd37581c
/system/extras/verity/BootSignature.java
|
40193d94182934b37f4b2ae00fde2402583e59e1 |
|
14-Nov-2014 |
Sami Tolvanen <samitolvanen@google.com> |
Fix comments in BootSignature.java. Clearly mark the comment above main() as an example and fix the parameters in the example command. Also briefly document the arguments in the main function for clarity. Bug: 18376609 Change-Id: I84eaf75799a8128100eb97c70e04563c609e9928
/system/extras/verity/BootSignature.java
|
3380f2fea1b9a18f26ae95b60a01eeb55565eb1b |
|
01-Nov-2014 |
Sami Tolvanen <samitolvanen@google.com> |
DO NOT MERGE: Implement boot signature verification Adds signature verification support to BootSignature.java. Bug: 15984840 Bug: 18120110 Change-Id: Ib1a67573bdcd0f41e2d920f518de15993c8750e0 (cherry picked from commit 7999c089cfa82d63d4a28606c78b381b74509175)
/system/extras/verity/BootSignature.java
|
29131b97ed091bb2b10917036a64f3403c507eb7 |
|
13-Nov-2014 |
Paul Lawrence <paullawrence@google.com> |
Reinstate "Update boot image signature format to version 1" This reverts commit 7377e002421ed9a04cc94cd808c234f48d93924d. Change-Id: I4b1d83b62ae4d4dd6952663744b1171b3e0d0766 Signed-off-by: Iliyan Malchev <malchev@google.com>
/system/extras/verity/BootSignature.java
|
7377e002421ed9a04cc94cd808c234f48d93924d |
|
13-Nov-2014 |
Paul Lawrence <paullawrence@google.com> |
Revert "Update boot image signature format to version 1" This reverts commit b62eabde2db40f01dfed1cef48ac2cbabdff4d03. Change-Id: I98019b7990c5436fe6ad5ef1052729478bccbe17
/system/extras/verity/BootSignature.java
|
b62eabde2db40f01dfed1cef48ac2cbabdff4d03 |
|
01-Nov-2014 |
Sami Tolvanen <samitolvanen@google.com> |
Update boot image signature format to version 1 Add the full X.509v3 certificate to the signature footer for easier verification. Change-Id: Ic969e9c1e4ab1a25ffdde2ab818b8edf2ad95253 (cherry picked from commit f67d3764c641e53d4a1b925b4d02fec92b7e894a)
/system/extras/verity/BootSignature.java
|
d66cefd9d9ef9aab181bdf6d429a0f7938cf0cb5 |
|
15-Aug-2014 |
Geremy Condra <gcondra@google.com> |
Fix issues with appended boot signature. In particular this changes the OID to the SHA1 OID and appends the full BootSignature. This is cherry-picked from a WIP bug checked into master, but is complete. The work in finalized by further changes from Sami Tolvanen Bug: 15984840 Change-Id: Ic43784fc339b9aedf91363c9ec9a453c3bb53294 (cherry picked from commit 1f2ebbd57e86fb0749aeb453fb337065985ab9c6)
/system/extras/verity/BootSignature.java
|
cee5bfdf119104b8ebce56d54dfcdcca1f537075 |
|
11-Jun-2014 |
Geremy Condra <gcondra@google.com> |
verity: Add tools to help OEMs generate signed boot images. Change-Id: Iea200def2fdd8a0d366888bb7b1ae401297063f1
/system/extras/verity/BootSignature.java
|