1 // 2 // Copyright (C) 2014 The Android Open Source Project 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 // 16 17 #ifndef UPDATE_ENGINE_PAYLOAD_CONSUMER_PAYLOAD_VERIFIER_H_ 18 #define UPDATE_ENGINE_PAYLOAD_CONSUMER_PAYLOAD_VERIFIER_H_ 19 20 #include <memory> 21 #include <string> 22 #include <utility> 23 #include <vector> 24 25 #include <brillo/secure_blob.h> 26 #include <openssl/evp.h> 27 28 #include "update_engine/update_metadata.pb.h" 29 30 // This class holds the public keys and implements methods used for payload 31 // signature verification. See payload_generator/payload_signer.h for payload 32 // signing. 33 34 namespace chromeos_update_engine { 35 36 class PayloadVerifier { 37 public: 38 // Pads a SHA256 hash so that it may be encrypted/signed with RSA2048 or 39 // RSA4096 using the PKCS#1 v1.5 scheme. 40 // hash should be a pointer to vector of exactly 256 bits. |rsa_size| must be 41 // one of 256 or 512 bytes. The vector will be modified in place and will 42 // result in having a length of 2048 or 4096 bits, depending on the rsa size. 43 // Returns true on success, false otherwise. 44 static bool PadRSASHA256Hash(brillo::Blob* hash, size_t rsa_size); 45 46 // Parses the input as a PEM encoded public string. And creates a 47 // PayloadVerifier with that public key for signature verification. 48 static std::unique_ptr<PayloadVerifier> CreateInstance( 49 const std::string& pem_public_key); 50 51 // Extracts the public keys from the certificates contained in the input 52 // zip file. And creates a PayloadVerifier with these public keys. 53 static std::unique_ptr<PayloadVerifier> CreateInstanceFromZipPath( 54 const std::string& certificate_zip_path); 55 56 // Interprets |signature_proto| as a protocol buffer containing the 57 // |Signatures| message and decrypts each signature data using the stored 58 // public key. Pads the 32 bytes |sha256_hash_data| to 256 or 512 bytes 59 // according to the PKCS#1 v1.5 standard; and returns whether *any* of the 60 // decrypted hashes matches the padded hash data. In case of any error parsing 61 // the signatures, returns false. 62 bool VerifySignature(const std::string& signature_proto, 63 const brillo::Blob& sha256_hash_data) const; 64 65 // Verifies if |sig_data| is a raw signature of the hash |sha256_hash_data|. 66 // If PayloadVerifier is using RSA as the public key, further puts the 67 // decrypted data of |sig_data| into |decrypted_sig_data|. 68 bool VerifyRawSignature(const brillo::Blob& sig_data, 69 const brillo::Blob& sha256_hash_data, 70 brillo::Blob* decrypted_sig_data) const; 71 72 private: 73 explicit PayloadVerifier( 74 std::vector<std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)>>&& 75 public_keys) 76 : public_keys_(std::move(public_keys)) {} 77 78 // Decrypts |sig_data| with the given |public_key| and populates 79 // |out_hash_data| with the decoded raw hash. Returns true if successful, 80 // false otherwise. 81 bool GetRawHashFromSignature(const brillo::Blob& sig_data, 82 const EVP_PKEY* public_key, 83 brillo::Blob* out_hash_data) const; 84 85 std::vector<std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)>> public_keys_; 86 }; 87 88 } // namespace chromeos_update_engine 89 90 #endif // UPDATE_ENGINE_PAYLOAD_CONSUMER_PAYLOAD_VERIFIER_H_ 91