Google Git
Sign in
android / platform / system / update_engine / 7a78d630e11532d6f854ba7d794362804b33c950
commit7a78d630e11532d6f854ba7d794362804b33c950[log] [tgz]
authorTianjie Xu <xunchang@google.com>Tue Oct 08 16:32:39 2019 -0700
committerTianjie Xu <xunchang@google.com>Tue Oct 15 18:15:29 2019 -0700
treec442a3ed386ae1623defd9647c6f81e65c3db8f4
parent9cad266457c59e8330c830c369784764b36386c1 [diff]
Allow update engine read public keys from otacerts.zip

The android build system installs both otacerts.zip and
update-payload-key.pub.pem on the device. And the latter is
converted from the X509 certificates inside the otacerts.zip
during the build time.

We can consolidate these two by letting update engine to parse
the public keys from otacerts.zip directly. This also allows
update engine to use multiple keys to verify the payload.

Bug: 116660991
Test: unittests pass
Change-Id: I0a499405f2835e1ff8b7916452cb3123046306a7
20 files changed
tree: c442a3ed386ae1623defd9647c6f81e65c3db8f4
  1. binder_bindings/
  2. client_library/
  3. common/
  4. dbus_bindings/
  5. fuzz/
  6. init/
  7. payload_consumer/
  8. payload_generator/
  9. sample_images/
  10. scripts/
  11. update_engine/
  12. update_manager/
  13. update_payload_key/
  14. .clang-format
  15. .gitignore
  16. Android.bp
  17. binder_service_android.cc
  18. binder_service_android.h
  19. binder_service_brillo.cc
  20. binder_service_brillo.h
  21. boot_control_android.cc
  22. boot_control_android.h
  23. boot_control_android_unittest.cc
  24. boot_control_chromeos.cc
  25. boot_control_chromeos.h
  26. boot_control_chromeos_unittest.cc
  27. certificate_checker.cc
  28. certificate_checker.h
  29. certificate_checker_unittest.cc
  30. chrome_browser_proxy_resolver.cc
  31. chrome_browser_proxy_resolver.h
  32. COMMIT-QUEUE.ini
  33. common_service.cc
  34. common_service.h
  35. common_service_unittest.cc
  36. connection_manager.cc
  37. connection_manager.h
  38. connection_manager_android.cc
  39. connection_manager_android.h
  40. connection_manager_interface.h
  41. connection_manager_unittest.cc
  42. connection_utils.cc
  43. connection_utils.h
  44. CPPLINT.cfg
  45. daemon.cc
  46. daemon.h
  47. daemon_state_android.cc
  48. daemon_state_android.h
  49. daemon_state_interface.h
  50. dbus_connection.cc
  51. dbus_connection.h
  52. dbus_service.cc
  53. dbus_service.h
  54. dbus_test_utils.h
  55. dlcservice_chromeos.cc
  56. dlcservice_chromeos.h
  57. dynamic_partition_control_android.cc
  58. dynamic_partition_control_android.h
  59. dynamic_partition_control_android_unittest.cc
  60. dynamic_partition_control_interface.h
  61. dynamic_partition_test_utils.h
  62. dynamic_partition_utils.cc
  63. dynamic_partition_utils.h
  64. fake_file_writer.h
  65. fake_p2p_manager.h
  66. fake_p2p_manager_configuration.h
  67. fake_shill_proxy.cc
  68. fake_shill_proxy.h
  69. fake_system_state.cc
  70. fake_system_state.h
  71. generate_pc_file.sh
  72. hardware_android.cc
  73. hardware_android.h
  74. hardware_chromeos.cc
  75. hardware_chromeos.h
  76. hardware_chromeos_unittest.cc
  77. image_properties.h
  78. image_properties_android.cc
  79. image_properties_android_unittest.cc
  80. image_properties_chromeos.cc
  81. image_properties_chromeos_unittest.cc
  82. libcurl_http_fetcher.cc
  83. libcurl_http_fetcher.h
  84. libupdate_engine-client-test.pc.in
  85. libupdate_engine-client.pc.in
  86. local_coverage_rate
  87. main.cc
  88. metrics_constants.h
  89. metrics_reporter_android.cc
  90. metrics_reporter_android.h
  91. metrics_reporter_interface.h
  92. metrics_reporter_omaha.cc
  93. metrics_reporter_omaha.h
  94. metrics_reporter_omaha_unittest.cc
  95. metrics_reporter_stub.cc
  96. metrics_reporter_stub.h
  97. metrics_utils.cc
  98. metrics_utils.h
  99. metrics_utils_unittest.cc
  100. mock_boot_control_hal.h
  101. mock_certificate_checker.h
  102. mock_connection_manager.h
  103. mock_dynamic_partition_control.h
  104. mock_file_writer.h
  105. mock_metrics_reporter.h
  106. mock_omaha_request_params.h
  107. mock_p2p_manager.h
  108. mock_payload_state.h
  109. mock_power_manager.h
  110. mock_service_observer.h
  111. mock_update_attempter.h
  112. MODULE_LICENSE_APACHE2
  113. network_selector.h
  114. network_selector_android.cc
  115. network_selector_android.h
  116. network_selector_interface.h
  117. network_selector_stub.cc
  118. network_selector_stub.h
  119. NOTICE
  120. omaha_request_action.cc
  121. omaha_request_action.h
  122. omaha_request_action_fuzzer.cc
  123. omaha_request_action_unittest.cc
  124. omaha_request_params.cc
  125. omaha_request_params.h
  126. omaha_request_params_unittest.cc
  127. omaha_response.h
  128. omaha_response_handler_action.cc
  129. omaha_response_handler_action.h
  130. omaha_response_handler_action_unittest.cc
  131. omaha_utils.cc
  132. omaha_utils.h
  133. omaha_utils_unittest.cc
  134. otacerts.zip
  135. OWNERS
  136. p2p_manager.cc
  137. p2p_manager.h
  138. p2p_manager_unittest.cc
  139. parcelable_update_engine_status.cc
  140. parcelable_update_engine_status.h
  141. parcelable_update_engine_status_unittest.cc
  142. payload_state.cc
  143. payload_state.h
  144. payload_state_interface.h
  145. payload_state_unittest.cc
  146. power_manager_android.cc
  147. power_manager_android.h
  148. power_manager_chromeos.cc
  149. power_manager_chromeos.h
  150. power_manager_interface.h
  151. PRESUBMIT.cfg
  152. PREUPLOAD.cfg
  153. pylintrc
  154. real_system_state.cc
  155. real_system_state.h
  156. run_unittests
  157. sample_omaha_v3_response.xml
  158. service_delegate_android_interface.h
  159. service_observer_interface.h
  160. shill_proxy.cc
  161. shill_proxy.h
  162. shill_proxy_interface.h
  163. sideload_main.cc
  164. system_state.h
  165. tar_bunzip2.gypi
  166. test_config.xml
  167. test_http_server.cc
  168. test_subprocess.cc
  169. testrunner.cc
  170. unittest_key.pem
  171. unittest_key2.pem
  172. unittest_key_EC.pem
  173. unittest_key_RSA4096.pem
  174. update_attempter.cc
  175. update_attempter.h
  176. update_attempter_android.cc
  177. update_attempter_android.h
  178. update_attempter_android_unittest.cc
  179. update_attempter_unittest.cc
  180. update_boot_flags_action.cc
  181. update_boot_flags_action.h
  182. update_boot_flags_action_unittest.cc
  183. update_engine-client.gyp
  184. update_engine.conf
  185. update_engine.gyp
  186. update_engine.rc
  187. update_engine_client.cc
  188. update_engine_client_android.cc
  189. update_metadata.proto
  190. update_status_utils.cc
  191. update_status_utils.h
  192. UpdateEngine.conf