1 // 2 // Copyright (C) 2014 The Android Open Source Project 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 // 16 17 #ifndef UPDATE_ENGINE_PAYLOAD_CONSUMER_PAYLOAD_VERIFIER_H_ 18 #define UPDATE_ENGINE_PAYLOAD_CONSUMER_PAYLOAD_VERIFIER_H_ 19 20 #include <string> 21 #include <vector> 22 23 #include <base/macros.h> 24 #include <brillo/secure_blob.h> 25 26 #include "update_engine/update_metadata.pb.h" 27 28 // This class encapsulates methods used for payload signature verification. 29 // See payload_generator/payload_signer.h for payload signing. 30 31 namespace chromeos_update_engine { 32 33 class PayloadVerifier { 34 public: 35 // Interprets |signature_blob| as a protocol buffer containing the Signatures 36 // message and decrypts each signature data using the |public_key_path|. 37 // Returns whether *any* of the decrypted hashes matches the |hash_data|. 38 // In case of any error parsing the signatures or the public key, returns 39 // false. 40 static bool VerifySignature(const brillo::Blob& signature_blob, 41 const std::string& public_key_path, 42 const brillo::Blob& hash_data); 43 44 // Decrypts sig_data with the given public_key_path and populates 45 // out_hash_data with the decoded raw hash. Returns true if successful, 46 // false otherwise. 47 static bool GetRawHashFromSignature(const brillo::Blob& sig_data, 48 const std::string& public_key_path, 49 brillo::Blob* out_hash_data); 50 51 // Pads a SHA256 hash so that it may be encrypted/signed with RSA2048 52 // using the PKCS#1 v1.5 scheme. 53 // hash should be a pointer to vector of exactly 256 bits. The vector 54 // will be modified in place and will result in having a length of 55 // 2048 bits. Returns true on success, false otherwise. 56 static bool PadRSA2048SHA256Hash(brillo::Blob* hash); 57 58 private: 59 // This should never be constructed 60 DISALLOW_IMPLICIT_CONSTRUCTORS(PayloadVerifier); 61 }; 62 63 } // namespace chromeos_update_engine 64 65 #endif // UPDATE_ENGINE_PAYLOAD_CONSUMER_PAYLOAD_VERIFIER_H_ 66