Use BoringSSL instead of mincrypt to speed up package verification.

This changes the verification code in bootable/recovery to use
BoringSSL instead of mincrypt.

Cherry-pick of 452df6d99c81c4eeee3d2c7b2171901e8b7bc54a, with
merge conflict resolution, extra logging in verifier.cpp, and
an increase in the hash chunk size from 4KiB to 1MiB.

Bug: http://b/28135231
Change-Id: I1ed7efd52223dd6f6a4629cad187cbc383d5aa84
diff --git a/install.cpp b/install.cpp
index 8a82d7b..d009513 100644
--- a/install.cpp
+++ b/install.cpp
@@ -23,19 +23,19 @@
 #include <sys/wait.h>
 #include <unistd.h>
 
+#include <chrono>
 #include <vector>
 
 #include "common.h"
 #include "install.h"
-#include "mincrypt/rsa.h"
 #include "minui/minui.h"
 #include "minzip/SysUtil.h"
 #include "minzip/Zip.h"
 #include "mtdutils/mounts.h"
 #include "mtdutils/mtdutils.h"
 #include "roots.h"
-#include "verifier.h"
 #include "ui.h"
+#include "verifier.h"
 
 extern RecoveryUI* ui;
 
@@ -229,6 +229,7 @@
         return INSTALL_CORRUPT;
     }
 
+    // Load keys.
     std::vector<Certificate> loadedKeys;
     if (!load_keys(PUBLIC_KEYS_FILE, loadedKeys)) {
         LOGE("Failed to load keys\n");
@@ -236,18 +237,19 @@
     }
     LOGI("%zu key(s) loaded from %s\n", loadedKeys.size(), PUBLIC_KEYS_FILE);
 
+    // Verify package.
     ui->Print("Verifying update package...\n");
-
+    auto t0 = std::chrono::system_clock::now();
     int err = verify_file(map.addr, map.length, loadedKeys);
-    LOGI("verify_file returned %d\n", err);
+    std::chrono::duration<double> duration = std::chrono::system_clock::now() - t0;
+    ui->Print("Update package verification took %.1f s (result %d).\n", duration.count(), err);
     if (err != VERIFY_SUCCESS) {
         LOGE("signature verification failed\n");
         sysReleaseMap(&map);
         return INSTALL_CORRUPT;
     }
 
-    /* Try to open the package.
-     */
+    // Try to open the package.
     ZipArchive zip;
     err = mzOpenZipArchive(map.addr, map.length, &zip);
     if (err != 0) {
@@ -256,8 +258,7 @@
         return INSTALL_CORRUPT;
     }
 
-    /* Verify and install the contents of the package.
-     */
+    // Verify and install the contents of the package.
     ui->Print("Installing update...\n");
     ui->SetEnableReboot(false);
     int result = try_update_binary(path, &zip, wipe_cache);