History log of /system/extras/verity/BootSignature.java
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
53e790468c3ce7d094f1003648e7766395912ddb 15-Sep-2015 Sami Tolvanen <samitolvanen@google.com> boot_signer: allow verification using an external certificate

Add a -certificate parameter, which allows one to specify an external
public key certificate to use for verifying boot image signatures:

boot_signer -verify boot.img -certificate cert.x509.pem

This makes it possible to confirm that the boot image has been signed
with a specific key.

Change-Id: I41f1a05e1c8be3bfac2a86678d81beaae0e371bb
/system/extras/verity/BootSignature.java
241f964e10ce8bc6c401073854fdaf1662013dae 14-Nov-2014 Sami Tolvanen <samitolvanen@google.com> Add signature verification to keystore and verity signers

This change adds -verify flags to keystore and verity signers for
verifying the signatures of the signed content generated by the
same tools. This allows implementers of verified boot to test and
verify the correctness of their implementations.

Bug: 15984840
Change-Id: I327de9c3a9e035cd11dc5022e978c840cd37581c
/system/extras/verity/BootSignature.java
40193d94182934b37f4b2ae00fde2402583e59e1 14-Nov-2014 Sami Tolvanen <samitolvanen@google.com> Fix comments in BootSignature.java.

Clearly mark the comment above main() as an example and fix
the parameters in the example command. Also briefly document
the arguments in the main function for clarity.

Bug: 18376609
Change-Id: I84eaf75799a8128100eb97c70e04563c609e9928
/system/extras/verity/BootSignature.java
3380f2fea1b9a18f26ae95b60a01eeb55565eb1b 01-Nov-2014 Sami Tolvanen <samitolvanen@google.com> DO NOT MERGE: Implement boot signature verification

Adds signature verification support to BootSignature.java.

Bug: 15984840
Bug: 18120110
Change-Id: Ib1a67573bdcd0f41e2d920f518de15993c8750e0
(cherry picked from commit 7999c089cfa82d63d4a28606c78b381b74509175)
/system/extras/verity/BootSignature.java
29131b97ed091bb2b10917036a64f3403c507eb7 13-Nov-2014 Paul Lawrence <paullawrence@google.com> Reinstate "Update boot image signature format to version 1"

This reverts commit 7377e002421ed9a04cc94cd808c234f48d93924d.

Change-Id: I4b1d83b62ae4d4dd6952663744b1171b3e0d0766
Signed-off-by: Iliyan Malchev <malchev@google.com>
/system/extras/verity/BootSignature.java
7377e002421ed9a04cc94cd808c234f48d93924d 13-Nov-2014 Paul Lawrence <paullawrence@google.com> Revert "Update boot image signature format to version 1"

This reverts commit b62eabde2db40f01dfed1cef48ac2cbabdff4d03.

Change-Id: I98019b7990c5436fe6ad5ef1052729478bccbe17
/system/extras/verity/BootSignature.java
b62eabde2db40f01dfed1cef48ac2cbabdff4d03 01-Nov-2014 Sami Tolvanen <samitolvanen@google.com> Update boot image signature format to version 1

Add the full X.509v3 certificate to the signature footer for easier
verification.

Change-Id: Ic969e9c1e4ab1a25ffdde2ab818b8edf2ad95253
(cherry picked from commit f67d3764c641e53d4a1b925b4d02fec92b7e894a)
/system/extras/verity/BootSignature.java
d66cefd9d9ef9aab181bdf6d429a0f7938cf0cb5 15-Aug-2014 Geremy Condra <gcondra@google.com> Fix issues with appended boot signature.

In particular this changes the OID to the SHA1 OID and
appends the full BootSignature.

This is cherry-picked from a WIP bug checked into master, but is complete.
The work in finalized by further changes from Sami Tolvanen

Bug: 15984840
Change-Id: Ic43784fc339b9aedf91363c9ec9a453c3bb53294
(cherry picked from commit 1f2ebbd57e86fb0749aeb453fb337065985ab9c6)
/system/extras/verity/BootSignature.java
cee5bfdf119104b8ebce56d54dfcdcca1f537075 11-Jun-2014 Geremy Condra <gcondra@google.com> verity: Add tools to help OEMs generate signed boot images.

Change-Id: Iea200def2fdd8a0d366888bb7b1ae401297063f1
/system/extras/verity/BootSignature.java