From 73ae31ce0ac09c0e45924d817644261c87ab1a60 Mon Sep 17 00:00:00 2001 From: Doug Zongker Date: Wed, 9 Dec 2009 17:01:45 -0800 Subject: [PATCH] add a simple unit test for the OTA package verifier --- Android.mk | 16 ++++++ testdata/alter-footer.zip | Bin 0 -> 4009 bytes testdata/alter-metadata.zip | Bin 0 -> 4009 bytes testdata/fake-eocd.zip | Bin 0 -> 4313 bytes testdata/jarsigned.zip | Bin 0 -> 2271 bytes testdata/otasigned.zip | Bin 0 -> 4009 bytes testdata/random.zip | Bin 0 -> 1024 bytes testdata/unsigned.zip | Bin 0 -> 376 bytes verifier.c | 4 +- verifier_test.c | 91 ++++++++++++++++++++++++++++++++++ verifier_test.sh | 94 ++++++++++++++++++++++++++++++++++++ 11 files changed, 203 insertions(+), 2 deletions(-) create mode 100644 testdata/alter-footer.zip create mode 100644 testdata/alter-metadata.zip create mode 100644 testdata/fake-eocd.zip create mode 100644 testdata/jarsigned.zip create mode 100644 testdata/otasigned.zip create mode 100644 testdata/random.zip create mode 100644 testdata/unsigned.zip create mode 100644 verifier_test.c create mode 100755 verifier_test.sh diff --git a/Android.mk b/Android.mk index deec80a..c7ae1f1 100644 --- a/Android.mk +++ b/Android.mk @@ -43,6 +43,22 @@ LOCAL_STATIC_LIBRARIES += libstdc++ libc include $(BUILD_EXECUTABLE) + +include $(CLEAR_VARS) + +LOCAL_SRC_FILES := verifier_test.c verifier.c + +LOCAL_MODULE := verifier_test + +LOCAL_FORCE_STATIC_EXECUTABLE := true + +LOCAL_MODULE_TAGS := tests + +LOCAL_STATIC_LIBRARIES := libmincrypt libcutils libstdc++ libc + +include $(BUILD_EXECUTABLE) + + include $(commands_recovery_local_path)/minui/Android.mk include $(commands_recovery_local_path)/minzip/Android.mk include $(commands_recovery_local_path)/mtdutils/Android.mk diff --git a/testdata/alter-footer.zip b/testdata/alter-footer.zip new file mode 100644 index 0000000000000000000000000000000000000000..f497ec000519e4b81802430b5098a9caa4cf2be3 GIT binary patch literal 4009 zcmd6oc|25Y8^`CE&0ZqAnuJNnnaEa&#FOlX%2F}LKBi2`zRXz4l9GL`WT&i^C^Dij zp~XIkP?5@#A=^88d!wHBegA&$`JB(3bDjHpf6n#0@9TFN>p@|B5LV_-InG)IvSIK+ zU=RasGfg>NLmhboO+#HBZLHZI1D%y-2;>y4iJhVW2^v~_@~B>v19P1_zTMXPoTgl& zc(p;R6P8#>KIlJ`{q=i2qdIFu+I9aFH6`Ihc2rh}Fv~sLEITu^M(LaIJu@)f}ZSz$MTR-ilq`R2NnbH6}4(6>WcU5pPG~S8$EN}($s_}y*%gh@j26}w+^^l z+733N~bl~);SKP?u6Pz+g+A*INgPR^zWs0_f?xHdY^RRY`H;t%>7!Y}~m@TI_ zAnMW_x5b)dA52PlbcyXa$K?1+b&iP1s(jgHo9^A?3tA>3b{5wqk@nrN50_Fkz8;o5 zmxx;a#5)nws-5(({JjQN{>=DnZkkD{Cw){&Z}PR}d_yS)biZAh8W1S9YNpx|s~9!z zU^6q?Ty=>orc)hc#k1winN| zt4DsX@qfQ)BvvEI=zcp=*d&m!z2@CFRgG}vpy2)wn)Mf^JS~bEW7-l7ylQ*AgdYF^7j&4vjS`95`W39Hk$8q$PRyRj_-xOGL@)im!s9 zOPnu#B_(4kwNH?QV@S`XU!`kZfnUY9ea{H|@*=s0_8!fD>O-M1HVJpAJg+ls^vp~B zo@9n&arwy--A4hXgbSUuiPQQ~v`CRvLB$otYw)nUvfCpCBQO6Yp_O!}D!NatPN`E; z^17>v(Kl9M#SB=JOu6DVMJIY!kogO0qlKPu?xt69?ICgRyfjYpIN0v9alkKKO;}CR z%+GXLuE^*D{t~r-O75XsKF+{Y70Mp-fA}F&%W5h9$dT1SwP!S;dx7DfJugOQiiXm1 zFU@?uYiHY?`>~*Y$Ul$RN3Gg-o}v3;*Ss4i|I!v8Eqkl(NwjC2sML7E{pE?I-7S^F zgPk5GhHQ1Ehx9ou%;V@jv~3@q8kW;Y26I)Kow2clImhJH^Ww~r4d zt;!jcbg~WgTh*&PBXs3h7=|Jnz94((>faxhHqX>8+8^+p(0e*juq5f0Uc0MQAbWIS zUg;2Bq@&SfrsoXf%J9xEtZJ{w(~Ny+Wtg=Z?kjQOmaI@)i@h~Z;Y4;ytN!OXu;SeD zo)+r7-cj0aRGNH!S4sF39~dbL<#$0`i9|R@i6`DVI=aV&=;(~Yv(nw0OIF^`ro?lb zN(=ex?en#g+OOu@tSnc%cq$vWjE0M>h@ABi9kwfelUkIQ&q#V;|FPi7(>vp1UD2?w z0}odQ>2AYofIm{xhPpXd?fALgYr)eF&y8o ziYe9lFVZKFnRgsR-YHLV5+4hVj7pUn?S1pY!ET;A`W+mdv$WE1e@fqCQ~B70n>80B z>g1-Gdl%XwTKAXCH-#h&KlCU@PxE(ldxv)1af`X4H%Pc>sBu{Ae?L!cJwC_Qs82*k;r zKsd|3X8!90$MzwajRfuoVf~Z1;ABs-|AWZ0Rq5YI*!>_*|0F!mk_dPv0kH5v)_dy4 z=CjsQe;>aZ&L182&s8=W_gbS`A5+ZRU#t9VTYsZBsJ3SA>tm7G2!5xTR=5mSxdh5nQMQ{;8_Gn4&Y@;})>EyA~lJ4(phKx zeS;vnkRH?RTxyte;lHGcl@u{-MqZWG`FRlvP_RY8n`f})b80GGl(P#L5A z^YNeh*%Sb^QDA^s(G-A-xrqQP3k3imov}i&fkqCA(#dDIw>{mG>gq2D6Jo=wh^V{| zkMdr)zV;&KvgZ=UxT`lM@3UC#QTNQ(djH{|9=>v9CG+*z@u^|QJdxTm@SYbHrd6X) z60FquwqtA9SCw0a;nW(H!04K`tIhSj+ungqSpA_;lIokc%HhZFwPEqqD4Euf1cSM?IneZJCscF zKLA@HC5t5wrruS#Stby8Tg=L3<>Pi10D7Ce1dNjYjvqwJ>fGfC zgJ)e3Dq?Gn;sMD`Ywvf$$aNsOCg{J;xkXONA}9VsPXc8_#c{5s!V80gPykrncs!W( z$2=YY#HTnRYQp%bCfr1@y|=I!u!^{7iO$`cNv$vv=i9p4+X`i~tj&^RAX!NSl=Emk zvHva%QX{P`%c@5WxPL34D7{8d7G+q9<(W0_mbibsZ-g$c5hLdjwsJXM49Hu#ch~Z; z4ffQ$A_guYt`ns+EW7*kLR_a<7w9t5G#4*&yG~wAh_AnKyD+X-ZXP`cUCFlDFKfp2 z*bhikswzu4>|Q4@XnLTpVTSCZ`}Ru?=i|T&0s%foLI<^G#gQZjqP{`!&|}LmR=*h| zxlcQWwVMetCH!N-c0tCko`RoqsV<_ruP?HnEDRK;&|)KxVpOyw9>aj|Tlm$CPjEXK zU?@N{vqT!1rUsHT|Dij&(L*=*?gl$$Ry&LWKn}c@nZ-0(N(94&(llDAI32!|{L|k4 z%U<59{Sf=jDzxivYDo9=m~NayFFsDKv6EWAd12^8dvZ&BG?XoD1asRjwF1UJkN$q! zEwsLhxa@fPp*eaySTBd9UdlkxGqJ_=mo3uQc04 zbP0k3>JwD#vM1ANBgGfP)1Qx8qM{hN2l_|)Vyl+@w`piJI+UgAU>kB;GyE9^9tQ(D zPBltIr-Uez*xKSSDbzdzr^_C1Q283Gpw<2m34l literal 0 HcmV?d00001 diff --git a/testdata/alter-metadata.zip b/testdata/alter-metadata.zip new file mode 100644 index 0000000000000000000000000000000000000000..1c71fbc49e2e50444ea0d1136ad0ad878d6124b0 GIT binary patch literal 4009 zcmd6oc{o&UAIImI&0ZqAOu{78ne38Cd6L~wwu&*<#>lkTml;c0QX)H*>}0Q`A|ncu zwAcp`DpFZ$?B3DS8+qRA{rkDkb*^*n-?=~cb$;LbzP~>ceJG3%!pgi<;%(I+>lz;f z1~EKrt}U-;q`SvZ+elCMFxGsxq3&`s1agAb#7@zI1P?Aec~mdTfw{(gz0KbCjJABD z#6!bY7c8-gygy(t``dgy<6+jY%;|lT)Rctd+0j|;!Yp^~vmDIL8)a_7ce`ReBM)X= zuL_jk9{gknJdTHqQY@2n(^v?^SJtYVYAW7!d}=}BZ}iG>Pg573@b;R`$LCC?-qP^2 zb|~Sc5!(D@%b~jL4l^rn19BqY?8~bh-d>gPdSUF{2kHIlK!3q}mZph5l9drsx22Go zT0iqPS)Z`#x_lvl`*S-;LEh@!}yj1%!kRriXfc%!5iyvRqT;Q}UMLG2d-- z-7Jb?7HO7o@_iN&9W*uK9Y1{OIHxRb2x%whmO!r~1Ioo2Mz^W2AvhGdLn0fL7|4#{?e<)#w)mCu9**t5^Zy$a2 zBRw%T-Bp{n*FQx1UbjJXbT}Q6Mkwm>rx}->6&nma}|UG6GWTMVqP8G(KU%P6CQ`=nU&wHS{PxXGCDcQCc`s z=u$AOJIp6wT7UZJ7KLd(>RxOM7o2leYsi-RImSok@LaMC$V24haSFY3jm$#lN{hx( zBQ|>?ciu@%yKx$YZar;hZ->Xb+PM%2IDV~4>E{lB+E7VFH#h0ANttN3VBP+TSWv3F(%D?n! zyq_AB<2t;OdSOI1{YGu+ccbpf;epJSmsCy7qo=k%4vMSmh}4m5UGR^TyigTj!RNkU zSJqZC-KH5eUlZ_Q!C0(DiqZ9MxUfkeLA>VucQvgDmEe%RkJ|O;CcUhR8e?B382a3< zn8UVEq+HPjIrLKH;mV^boo|eJ)UPIv&tMJ?Egu+dRM0qXOB|u^f21RI@O6l1gtBK^z}t@4ebM(|HQ{a6KoRhKt*0h z_{gbO2HnXF=aLG`QoTokWrTAbwTV*((X=R$6+y*i#jEh}Vma|B!Kh1rN$MossgCJY zuT$=jlDc+U)%ZKBuwn+RNwz|9o1zQ7GuYw6-Ho%9^L^792JF#`T|$7c5G-r`PT* z6UZK!n^itQ7in)ao$fxxxIDC@6RXxE@-#yUtpc-E$9*Ht-I5b}+2Ux+Q#hWT(rWPK z2UvOLSa%C`R{scX7b027*Q_F6yKo{Kw}gg^EQ@&fiViuHyiG02%V#9rcl=cF=0?;(# zLoCPq6*1-7fCc(EGV_je=zEn3PU2&s;SuRFFT|Qy$cidwy>kkkv82gvhjG326!0Y_f z(9`WX4F+?rlToH~pAzzm^dgM?ZH&*9C}8|XN4n5~I8yr6cS3zu9P!Ow1xb2FKNgF( z*SSAGb)1W7-An^JKhs8mK_KObzYUE2r-L(VmnsTWS7rtwt2Y4Qg4kP_!y!;BO_aWc zHw5D1NFaEyubTfF!67~isxv#YaW+C`ZA6hMX zOsikT*&%B}ZIpHmf5cSdPoX!m8%17YzcAT9CEv(ylzWXuAt8`I#W&H1udWPp`4JE= zW>RL%5zUCRuFgb9JPPN7!ZP2q&zy#U6htwCZCCh_a0VBEWVuN}++c=MSpWdT0kR?B zvfNM>VK@ZjSQ`Y~q`-z#K(F3}vH&bBY>+r&Q4Mkm7y!9`4+P*$jvW7U9;gKj z!OLQS#qfeW2xfbMFdz`C;$NIh!cYKH*!dpO+3TB>+X`$)OdrMbRm+k3ESEUqoLo_=)NM1sqN6}k6a zaH7B$H@Je;XiofRxr(XKn^{iJedD|KVc682Rd(;eZ+Sv=KR9VAIIs*Q(>UKA>LK*i zS4mn59RVt&@Vv&g{Ygzby^i#LcXl)9BAY*d*o=HI^p}MK&(qT>43GZLv>4Y9&okR% zyrog`2a-tv8n9(jvRLv!YO(6ga)F@RVm5BepTt=J=xy>MNS*`5m>Wlo8^#agJ7NVn zwjV90Tg(#<&pIbm#MT_m1CpCozwdyN>p*f%@c$fhi=2{0PW+ed1j@P-$GMscFANSs z0bphQ_F$er=Jo&}z9k9K<0enF;iiIZJ%uHJP2>e@bneznYNfFR-`16$Rw$cwZI(O( z$x0%iTu17OeZ??Hjm%*=R()#Vy<34r={16KD5Ekg&x}Qv(jZVNc8|V&IYzy3xu*a=T8>#dnBxf^Nf2Kdy`1uG=Ff#Mjp-E{yAupGE(G zE@#{AlQZXf><^?VSC^+8^sEyYFw^L5m?rz`z5ANO`8epDK%lR&(0-j62_(shXkZvJ z_}Ds})qmPp{`2;s!_5TQQvT5phhUS}Pr)y_R5ww*Hy79~3xk9yw794v7*!p~$1q@i z3%|O_ac&nw3a_2p;npC&NbDanbp}*)x9J@ z25#{1m1UcXE<$iXeS)e(_Cz{uxa2}a`tuQMR5T-3qi?u3u6ik8o0e9iQ+cW`wjrlA zBY;tGet%&5iAKqolu#8io80kOw9$)#LrCA;{?O1Y)ArtH)of_qP;<+k15k)UuG<2Ny)xevPSkw6d6%5 zNsE0DA(5UeHFodl>5V+^`~Lm>@!s<}pE>6`_xJvs>v!MR?=sed!uTMp%%5_cjS6Jl z;Df**2HIwta=L~(@&=lQx;olevpohn%S{l-N!kl`iUuTTVByK5dQlF{b?*39JDanb za)}bv1})B5VkP;Y|3LQF`Fcim*3d4u{gc#`gcI3OS#82B_w2Il&CD8i-GuLP!Fog- z&WNuJklP;gWCuK!hm2Azm2^F@5P+|!RWngnyyx)LoW$Sgnd6?OCOqNgIh&8qnM%EN zz{ASEn3qOq^_3}u>ag3-ti1EjiFms|uVQF>Wx|_7vFCZ(SAVI{qZw^p+ar5MoTc4cZnpxBC;YFn&g z)R?2~^l($vC9;@Kb&wg`VxGXN5;wB$Ptcfo@&f-$37)?xVT#pMaK>3bYs_yOdHp>- zF(%zblefn&So(gKepFN#9g#*T?DnJSn-+2+=&agN94Qvq1 zAXrzZxBs->^sy}p(|pvu*k&#`=d8w{4fS)h_b%Sk(0+Un8Xe|5QPv4i-M)41g%?o~v2SE9^R!a2ED-i;4Z z19M!4R#Gnx%cS3^E%|2HH96Fu+5C#Cu72$F_Q!#-b?p&avMmdK5t0`x{muE@7i>#g zi>F)FBj;=UKQ0)F)krZq-wzeM5J(WO`S49uBV0KsxOY^u{`{n;Wnp8?s{{k@+vRiE zW{Q*x`c4kLL}{qvm~zKkBObMDiQ_Yv!-LC*Mj90koUkDd(+@tNNlChQABS^wAc70F3O4qsqzlwh~pAq=y%j6o`M>PM*(E?*^67EoWUVGT^ z>DT&Q$qc9Ba*Gn(M**dT^X;{XQ~FV~NRbsm#bw27@US9T@kqhQ%YR5}CEcxx?oq2# zYL}9_?xte&ja67N1NK6uTydMCGrc3o{3W%~QcpN{)0?=~khl+C8mD+1?e^I^;uo(b ztR!jXXSyy`WOM+3h+0CW_Ry^!XJD!dWRLkj9L?0SUW`9-WTjv28BOS3VE7l$i_w{) zp|spf(_f10?K*Qm-Kih&&m;CwtM;8^=#K83b?4+?+~T9&8>s6i+I&v%xLy--CBD?77^AAg#rt20Q4)~7iJsrQZDCM4ByR%dv zdw6bE=@4C{tonua;EoQgYPZPKjD2Wjn2j3lD{=0YtkA1w2OFM(@$8fq{V(6a zinGVNnyIsTM`^oJY4Y_QCE=5NV5BIN-xYBs65$dhk$CIq@E%v9lM4>dO800gS^hYa z63=bAOUPeupRcv_el_1FWx3jgli9c>G+bm^`F+w-(r;rBfcEeWd0cBF%j2q)<`L1*zJ>BWd3rlz(oB z;h4WFrc~>{Kp#hD-gOH3pgh4zd@M9HEM01}_uWfJ`&sVj4{&tO;&Q|NNqx&rGFvpVglF`}oyxHgwpHtE@Nf)kd{8CYiUtR{7bs{zk7;ZPnb@#saeu{7y5ieidhj ztO>PI+BN(UQ;pw+-pFngd5!(TWPg`@BfC-VH5P@0Kz0I2l>1I&u109?#X1Xx)p003!^6@v9Oa!8g=Jj1>3>XcGfe@Pe@8(cv| z<&8edd+GMpi>ZJ@WW1Pl)b^CoKf~m!V`D=er}_gx>l}NeiK) zK)Dp2*QmBH>BUaZqdni8T+O)1X3wjekPip{FjwGt>XyPd)AyMc?eg(?W^1&UG%D^; zGRgk{Y?+iSmfW9Oq;j)NAn>-Bwd?XHaTWl2o4g2;=Rh&$!4czz@x%CzT0)K=M9b&cfiPXAh{;!KhC*DPRSxC{zFd!WnIN_uBO5ZgM&~2SXqBO znDxgz9stCrI3a4>_^Bq`M6k8Hpct@@xM+pW-I__QFp}Wgy3*YOWwWZyl4BrQNd%P3 za6PfN2nMOyr7g>JDG4GVTf4paiE};=4cOh)~a=aLjw|uY2 z>aZ>L#oP?$oCjXa7`(UN=&1Ln8zs~Ml* zb~eCJfF@>%G%`&MBxn9ZcXYjnuJhe>cFL@F7zKbF_$V`jX|$3Ih6|->G*fXpd=~su z-u_Eo-m1M2hs`Rq>+WhukMx*MoMSgWPOY(>TEBU2;6!V3b9^+EEo=yL+b^{O#y^Xm zzwI7cUqxJUI`z;TJr=B&LsBngpy-*{V*2YEKWl_)MLs*%R9|LRM|)-0k^mXF!NXUY zZ6dk|!2$IND)!kE>9nEZi{a_dhpkXijNAjgLp`xoOa9w5G#VYtQgyHmIV~Cfj5`+& z2DF`Ql#EUZQ6{s=o`^vkzPxh;>660 literal 0 HcmV?d00001 diff --git a/testdata/jarsigned.zip b/testdata/jarsigned.zip new file mode 100644 index 0000000000000000000000000000000000000000..8b1ef8bddb23751822eb3e6a2ddd5309310500d3 GIT binary patch literal 2271 zcmaKt2{e@JAID$2Y+Z3>>rxt%>=}DaB<^MGGb&LS#yTdZWoWWwsfp2`#n^vJ4`!55{sw|4x>B{`dEu=bY!f@B4Yq`F@{szF%t?2d5~&%X+jE9Cd&# zBMNW=7RCreWm8KNRSQE)Qxju2LdC*ltq}muQQz=|833XE%$HSl(){XiLW!*|j( zNe3z|nmyr|^6STf`m?5%>ll@pLkd3n)07m_=`3PqnCLf9Oj&u6W_=vXGL4-bb0iZe=xkHc-eD)GIrzSOYHGH%(7+A^^9T>y|x}`rxSl zS=S;FD!LV~_?W|l&vkD7V^B8XgMLog(Ef7Ld*;~Z5&2_!Y`uBQnNVvO4=*FUc27P_ zS}$u^|6jqsu)h8jY-DVUP=TAAds`_KrUpdzr$^vMb2tu6v&ZR(Y6gIW5h@Oew$Wj> z1Y7d?!AuM|WQHD)Fm&s*fFcjo>}r$6pO-5hLtMoDr4>nwoULJjR1Ac>SL!7*OBvQH z?cJEL#}SJP$EH->+;xh7V(cB1pDf{`~nQAa~0_2w@ zyZTjRJhs_5`FZJx0bJE-Z0=#2O$m-h*Md!aIJ;P1qORuuS9xl1$i8)iZd*KrIOgs= zOK+^Wd3~QrWhi3TO3vO5C+=rHouIOGim?5c6T<&;!WM3*;fZv3-H_Wh{B9vVDK_29 zP^9}>xct*Db0YBujXMop@aY=W+_pe~o5pKQ`Sr+S_IXW9w$wW5Mv6RDR1$p%Ez3LL$9qv1JnWWD-%CfyOA;h*g>rU9 z1_sT-X3h3!%!*Quz?%fQ1Qrbj94TL80u_vx?kT7VV+4fVBW}fAXQv6K5s{RrU;KFv z6(*(K_mKrR`#8HeySaHed!o@uF;KG)+S?i9DMS}K<)N*9Se8dkPLboHh@2{iby|3C zRBUYjCpS|P{&l&XR`oIR+~;9IJN?R1-6E9Cs>itfG_r+I+Lfd@L%OKk64>x8H6+_> zXg&1`T`~QBP4T>C*Yr?dMpFv~3N>@u{~{#5ww++4)Xcm_IC!Nz$WGLk>0HuUG}{V| zUak%rVOs601~EE659PnvOOmM`oYyso(hd#p88xiCG>x+_XozhgSp@!7x&&_u19^e- zvT4OyLuF>#9UrWO_3kE( jnSUW!4pmFrHBZf{pR%HY_@jl$Y)SFPezJ}MZ^iIIj z)>6p7Qo6;lNQS~f`W>3lZLT|REz9JPZ*T8aQ%AsJ=SK6b;mOG3r8(_4=uYp|v4*cfU_)jYt>_FgP#l?xN}J?zVD=w4Q93o8i4$ zM($wyUD}=lq(VFUf~;PVuVfbVd^E$zVI}e8$@Mlwh<wxQil6pnf1Z#6T>LI5vOAnMJTAEOf!ujJ_Db41S3upF^~rbX4Fr8&gBxo<~vdl3&LJ@|vJ;*Ig}Lb~zN{2PncM&?oyg=`fhf?%3> z2YG!xe51B<4f9+Uauv)awI+4ps`P+s(Z|$+oLoloGt`&7m#+%PhC5<7r+S~odgE)R zCW*@3b@}d%!5_}RhgQ$~NA_ZyB#zT`C>ZL{=+ zlv`jLWp&NL%CAU69Y0L(1P3Fr>32U%^w{$!G~)7-O)VEz9__F7{oCoZAS=3A0d{$= zHH;Gg9&`UM!1!2E1$^%=Sv5T^)=OYxu>pdBiyeXs;IN0v!t4S7z!QZ=U*Ova|4o8l zreAR@f&5N5{va-SqOhnPM2?G2&sM_qJ8}L8fxCc3yRis1c2QunQ@57SMyGC{pM|rd zVRxRgHMlp5YICMp+n=ZWsI7m|TU^@+_swClieNjI qn!L$Qve@mG?__t{y~)b*0Kj(htzldnH^aJqZUDy;Wy|^l0R90pvXUDB literal 0 HcmV?d00001 diff --git a/testdata/otasigned.zip b/testdata/otasigned.zip new file mode 100644 index 0000000000000000000000000000000000000000..a6bc53e4127e5d23532c9614546f99c0b927d834 GIT binary patch literal 4009 zcmd6oc|25Y8^`CE&0aFuWfG=Bor!EoB%Wk9RF;Y{*2a`+u`e^0vZQ2RE7>Vqi&SJp z8I!cw2N5b#S!(Rw(c2q&-uM0cx#x2}bIx_{@BKN~@4m0!Wo8J4p&*>>pK83F8f4W# zL0}MLJxd)$0~7t7#yTbj`g%Ca9me{LbO_`aqmi4c4GHd_d-AAGf(Lt*KcU6J?zE0# zlJrC4W>*}klCn3TKj+(Q9qVEC;I@-{#%ZaEM{=UGTg5o;I%GRqS~hIE4&UL1^Nie| znNS(1xHTh1+82r7k#@-w)c|@6XS21;43V6yklGDJ z?9_VMm)ZYJcs={=?}T;rEG&26^pCxG$WH|!Vf`7QULW(J(&HRg)lj>=Wd$sE*d|y+ zQ7s}ZGLOH{CSigmhP>kkFCO8QM=}oiHW^<(S5>a;AmS+@pEwO`q53dL%7|X^Cv!Q9 zhP@K*^!N>SWTy~v>Z1!>hk3?EUTN_}j#U*XEZBE!ADPiL7k9M2DvNaLfPK7>ru}Wd z?CB)*!e_zJ*k--t2NfT*aXU|pOy#AUmw7RVR1C-7*i6@#VL{KEm1%)Nl1rBAt#QiH zBhL1dL-eW(6iNMu!IoU}`NGReT+6;U#$e|u2>d@K1pcOk1x`oF6>s~jp`dm6)sKv% z*bFxv!EXN$xqF>P(b3^dL^`p!%b#InQOt{Aa_U9%q#kV(Q7$V6UGbTv!6^~35fO0? z6@1({Mj6 zDA#RpDee4_e8#n!((fjnC^iV}&s_?L`s@~x_vZjD-% zHd)!LC)G^9bBZZv!W!i(ls756GTVc#UeFq>4aM@-y^e1Qjeqa0eO$oVVYj_AVg7RB zQnF4#mixk;%y!@}32UhA4yMiHOl(z=!l8f%AG36A=MxSbSnAVw#t^+56!FFDd`y-^ z7$fh(Z zR5{SscFx>{tF~;P5wEpXJkyu4>62^yLOR*_N0m-nTwGu7p`BX!JLR{LS;>zqUn}-V zjr1iiDH@lyarO7u)~P)sw&z-#gdyv{B0HH{vk%JXleKeBntr2(Pe%*qWj!)#ww4L! z49!fd>|=_zHkeO#o?u-X*wT(u?-GBSxf`Pjv(vzTBhB1U5PjL?WG7HGnv>dW^yLS5 z=k(#uCfc;&LB@7;`p&xc(ui>s7$pG}az|W>LbydsC*3$Ww8Nd`;)W-1GCk>~iyx*^ z6ZkE*i3S+%_Oq4Sqv1zaRjipimV;lwz{MBEPx(p=IF`IkE6y)qCEs`YRQTlSt&!pO z7}&So`?2nRHQ&BOD|XivInx8*9K{VT9QO?CB{yvmZ$fF2!z6g;WNQWvq<_C(@wq;h zXZEtBN=?8Va}=3%%O&)^>KHHSvFPBCT$$;vw=bL>r}<;v!!fz@i}m-$jjY#I43B!) z@v)+huA97j_GM)Ap3>>Y(8PfU=SnaWLaiM>VXe13VlNr?5zm|YmsF2fmPo^E{nRm& zt-19^Gj8Ki<};rX3yKXQO#N+5PnRfR{f37+FoAe-#+7%XJ=Q$&bg#l>1Ct-~w>Q^% zJU?-Sk8Ry-13Nd>LWMyf<%oY97&qIhAU}H-8q`o>2O-NB0O5l;SXsg$P-`u;p_MlT z;_5^sp5k6M{}qBqs$YIJf&WR^{UXk~I+2~$5cv*jJ*x@FpTzNBgx4uDk-#PZ4isdi zr><^3%RTka@w?%y>9A{8S#8|QjcR3#vu}T|@~dtAjb5eNvbnE}Id&uXlV)4}GR_TI z5o)cpEBGU}8h;ACmR&3I3j2l4{weudcCFkiEE)-c{3*VfA$)mf*xQeQc(IeRV9%f< z&bYadoCs*V4;sh5(>Z+-0#XsT5nS8D4~Db&03^qCD&iVDl*R!7SRRlI0hi~8a)`kp zAkWGq;5rpn3{qkFAQgJ$I+O$8;NXJ9k&3I46F?ux_j@7$XLFSJpX)%aUaI0dmkp{~eB}JitxDe4rY*YnM8RRZ>z`u@UA|+6}5= zRewGHQ$L#upjQhFuq&Dh@Ub@$;N+kJ0HiHW6xQ3oBU3i^4F9gPLsm=c1#whzUNqO9P#9{u2>r!@GFLi2p73hBWxYv+SIk=ehX87>VMz7G5nj_4U-63wOUY2^~=ljx~@&{!N!remb^OVp-D4oJ~K|_u6Myn!e89s zO4h@<@t+kcCPJ@gJ3sf0@7ROo(r{7Tv6Haj3CUys_)(F*MJR>A`}RN=v8S$5=BVgF zphA`)Xj;>o+_=^2VE1ix`!ar^K*t0l%;4jsQQ zg&d#>TO_AQru3!VR=Zv<9CTCC)_w7l6bAskNtp*JGoU2<;7IbrgkY$H){w({F$(&( z1;XLkXGM#-=+OcorE&TF78s=#q*Mq0*Eu&Rso9jIf9Oe|uBtfRoMp=WQ@~8?$J4Or=p9m%5svTsAe?iYz22nTU29 zsw4H>hC!;g=_zm;(gN?@2rSO17EwT(l;H%XtU6@w9qt}vN^8d|o(o^Rm>>z{FW$Xv zv)>+fY+4x$myy`2k(bvEQR$ z$@kbFNLQ&UPu=fXE8J(H*M3fvNOrZIHdovO*p6j zq^aWP%>#OLqI{{)aEN2D+3Tm^mpq!ggu$Eh+((Oo#Hft8sDoHFU75!)V0MF$hS?E* zS7R&{ptDP)fo*CaCF>u$qpLl1mG7>yQ+Bn(r~pLsgZvb>!A2$oE}E|0M8oT&jtWiq z1T1*_sP{me)~hkDdT1a$Gh#dN&Rv9fjfOT_-TImSBP}US2{BNv@ImZN|Fkj;D$;_>@ds9zkr2aNvQ`-j&CJ4;Fke;s+alEO6mauR^k!wZw^ep72vdM-0;sYa zbBTEf9;i!HbIcjbU<{U=kH~mFWP^@ojQZg4J7)5q24HfIK~3eW8g zY(3T>6O$UMO5svC5{of;QFs99o7Wo}nr+_N{j7=$BN%FlYAzz@3h-P^M3nuw&;43< kI6Y}oigbl@(MGBi%km-Y!ejZs^`7PD7Ag@-OLWA)0LcmaEdT%j literal 0 HcmV?d00001 diff --git a/testdata/random.zip b/testdata/random.zip new file mode 100644 index 0000000000000000000000000000000000000000..18c0b3b9f777fd9cb2505d93345c27bbddf7b038 GIT binary patch literal 1024 zcmV+b1poW{fB;}`9jVazH&U!1mb>%elE$-;2m8SbvXF`p=carf9fIO1Ky z(NSv4=?dxw=BwV;*>YnbW)DSy>6{U<=lxAkbw zY1wv;NBObkE1=ZS3^d9P2ZNPs{!e$^pXHcDLRjn&YVe3fxHzz{8iG#iH1X6>K`|z0 z;1o*HN8?eV(b_SG&95}(oG+zK8;Yipf)=3?lf(x6ksHsBHdLQVHTPbS!y&5+D@AzK zSrVpoLw(ciEyI1DG?9SQ70P=_D4mx*$VdI}apn3OcBAzxfO7#kv&OYd--x3~TtA+m~oIRJdKmo57fIlSVl} zbrN8Gv-9s4xUC4~>t%*}L@~Tk!Ohx(_KcungDp+p=u>ix!Tn$T9|c6$#JN3K=)9M` zlQnX%{J@jj=9TwG_#rCza0a;w1`}GGik3cZt2oy*L&xuVn${vVF5y9|+44ZGdZQCh zY;`<;RYLwcRP!0Y7 literal 0 HcmV?d00001 diff --git a/testdata/unsigned.zip b/testdata/unsigned.zip new file mode 100644 index 0000000000000000000000000000000000000000..24e3eadacdf88d2d0f77d39463b9479514ea64f3 GIT binary patch literal 376 zcmWIWW@h1H0D-`!PHP1ND>F7A8-y7dL>Ur8LpT|jBkdHtK{&L6g`r=xLpUQfCnujP z0Io9#sFPd%p*FJ4B(TmHpe_)G=`6`eElNew84T39BGKY5vd(0%&N!eh5Qgb2&o9bJ z0qSIA5@*KcUS5zlfbM2sSkMS!0bS1uaeZh70|T;NOcx{TwF2q|x*w<);&xQMm~KYa eTLRPz^Z`&W#PuM(tRU|(FazNhAiWO6VE_QeWIKug literal 0 HcmV?d00001 diff --git a/verifier.c b/verifier.c index 164fb4a..9d39fd1 100644 --- a/verifier.c +++ b/verifier.c @@ -42,7 +42,7 @@ int verify_file(const char* path, const RSAPublicKey *pKeys, unsigned int numKey // An archive with a whole-file signature will end in six bytes: // - // $ff $ff (2-byte comment size) (2-byte signature start) + // (2-byte signature start) $ff $ff (2-byte comment size) // // (As far as the ZIP format is concerned, these are part of the // archive comment.) We start by reading this footer, this tells @@ -169,7 +169,7 @@ int verify_file(const char* path, const RSAPublicKey *pKeys, unsigned int numKey const uint8_t* sha1 = SHA_final(&ctx); for (i = 0; i < numKeys; ++i) { - // The 6 bytes is the "$ff $ff (signature_start) (comment_size)" that + // The 6 bytes is the "(signature_start) $ff $ff (comment_size)" that // the signing tool appends after the signature itself. if (RSA_verify(pKeys+i, eocd + eocd_size - 6 - RSANUMBYTES, RSANUMBYTES, sha1)) { diff --git a/verifier_test.c b/verifier_test.c new file mode 100644 index 0000000..5b6c1f4 --- /dev/null +++ b/verifier_test.c @@ -0,0 +1,91 @@ +/* + * Copyright (C) 2009 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include + +#include "verifier.h" + +// This is build/target/product/security/testkey.x509.pem after being +// dumped out by dumpkey.jar. +RSAPublicKey test_key = + { 64, 0xc926ad21, + { 1795090719, 2141396315, 950055447, -1713398866, + -26044131, 1920809988, 546586521, -795969498, + 1776797858, -554906482, 1805317999, 1429410244, + 129622599, 1422441418, 1783893377, 1222374759, + -1731647369, 323993566, 28517732, 609753416, + 1826472888, 215237850, -33324596, -245884705, + -1066504894, 774857746, 154822455, -1797768399, + -1536767878, -1275951968, -1500189652, 87251430, + -1760039318, 120774784, 571297800, -599067824, + -1815042109, -483341846, -893134306, -1900097649, + -1027721089, 950095497, 555058928, 414729973, + 1136544882, -1250377212, 465547824, -236820568, + -1563171242, 1689838846, -404210357, 1048029507, + 895090649, 247140249, 178744550, -747082073, + -1129788053, 109881576, -350362881, 1044303212, + -522594267, -1309816990, -557446364, -695002876}, + { -857949815, -510492167, -1494742324, -1208744608, + 251333580, 2131931323, 512774938, 325948880, + -1637480859, 2102694287, -474399070, 792812816, + 1026422502, 2053275343, -1494078096, -1181380486, + 165549746, -21447327, -229719404, 1902789247, + 772932719, -353118870, -642223187, 216871947, + -1130566647, 1942378755, -298201445, 1055777370, + 964047799, 629391717, -2062222979, -384408304, + 191868569, -1536083459, -612150544, -1297252564, + -1592438046, -724266841, -518093464, -370899750, + -739277751, -1536141862, 1323144535, 61311905, + 1997411085, 376844204, 213777604, -217643712, + 9135381, 1625809335, -1490225159, -1342673351, + 1117190829, -57654514, 1825108855, -1281819325, + 1111251351, -1726129724, 1684324211, -1773988491, + 367251975, 810756730, -1941182952, 1175080310 } + }; + +void ui_print(const char* fmt, ...) { + char buf[256]; + va_list ap; + va_start(ap, fmt); + vsnprintf(buf, 256, fmt, ap); + va_end(ap); + + fputs(buf, stderr); +} + +void ui_set_progress(float fraction) { +} + +int main(int argc, char **argv) { + if (argc != 2) { + fprintf(stderr, "Usage: %s \n", argv[0]); + return 2; + } + + int result = verify_file(argv[1], &test_key, 1); + if (result == VERIFY_SUCCESS) { + printf("SUCCESS\n"); + return 0; + } else if (result == VERIFY_FAILURE) { + printf("FAILURE\n"); + return 1; + } else { + printf("bad return value\n"); + return 3; + } +} diff --git a/verifier_test.sh b/verifier_test.sh new file mode 100755 index 0000000..6350e80 --- /dev/null +++ b/verifier_test.sh @@ -0,0 +1,94 @@ +#!/bin/bash +# +# A test suite for applypatch. Run in a client where you have done +# envsetup, choosecombo, etc. +# +# DO NOT RUN THIS ON A DEVICE YOU CARE ABOUT. It will mess up your +# system partition. +# +# +# TODO: find some way to get this run regularly along with the rest of +# the tests. + +EMULATOR_PORT=5580 +DATA_DIR=$ANDROID_BUILD_TOP/bootable/recovery/testdata + +WORK_DIR=/data/local/tmp + +# set to 0 to use a device instead +USE_EMULATOR=0 + +# ------------------------ + +if [ "$USE_EMULATOR" == 1 ]; then + emulator -wipe-data -noaudio -no-window -port $EMULATOR_PORT & + pid_emulator=$! + ADB="adb -s emulator-$EMULATOR_PORT " +else + ADB="adb -d " +fi + +echo "waiting to connect to device" +$ADB wait-for-device + +# run a command on the device; exit with the exit status of the device +# command. +run_command() { + $ADB shell "$@" \; echo \$? | awk '{if (b) {print a}; a=$0; b=1} END {exit a}' +} + +testname() { + echo + echo "::: testing $1 :::" + testname="$1" +} + +fail() { + echo + echo FAIL: $testname + echo + [ "$open_pid" == "" ] || kill $open_pid + [ "$pid_emulator" == "" ] || kill $pid_emulator + exit 1 +} + + +cleanup() { + # not necessary if we're about to kill the emulator, but nice for + # running on real devices or already-running emulators. + run_command rm $WORK_DIR/verifier_test + run_command rm $WORK_DIR/package.zip + + [ "$pid_emulator" == "" ] || kill $pid_emulator +} + +$ADB push $ANDROID_PRODUCT_OUT/system/bin/verifier_test \ + $WORK_DIR/verifier_test + +expect_succeed() { + testname "$1 (should succeed)" + $ADB push $DATA_DIR/$1 $WORK_DIR/package.zip + run_command $WORK_DIR/verifier_test $WORK_DIR/package.zip || fail +} + +expect_fail() { + testname "$1 (should fail)" + $ADB push $DATA_DIR/$1 $WORK_DIR/package.zip + run_command $WORK_DIR/verifier_test $WORK_DIR/package.zip && fail +} + +expect_fail unsigned.zip +expect_fail jarsigned.zip +expect_succeed otasigned.zip +expect_fail random.zip +expect_fail fake-eocd.zip +expect_fail alter-metadata.zip +expect_fail alter-footer.zip + +# --------------- cleanup ---------------------- + +cleanup + +echo +echo PASS +echo