am 158657bc: merge from open-source master
Merge commit '158657bc5ce438d3cf1f601255896b854fd49103'
* commit '158657bc5ce438d3cf1f601255896b854fd49103':
Security: Fix typo in recovery EOCD detection.
diff --git a/Android.mk b/Android.mk
index deec80a..e89b225 100644
--- a/Android.mk
+++ b/Android.mk
@@ -7,13 +7,14 @@
commands_recovery_local_path := $(LOCAL_PATH)
LOCAL_SRC_FILES := \
- recovery.c \
- bootloader.c \
- firmware.c \
- install.c \
- roots.c \
- ui.c \
- verifier.c
+ recovery.c \
+ bootloader.c \
+ firmware.c \
+ install.c \
+ roots.c \
+ ui.c \
+ verifier.c \
+ efs_migration.c
LOCAL_SRC_FILES += test_roots.c
@@ -43,6 +44,22 @@
include $(BUILD_EXECUTABLE)
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := verifier_test.c verifier.c
+
+LOCAL_MODULE := verifier_test
+
+LOCAL_FORCE_STATIC_EXECUTABLE := true
+
+LOCAL_MODULE_TAGS := tests
+
+LOCAL_STATIC_LIBRARIES := libmincrypt libcutils libstdc++ libc
+
+include $(BUILD_EXECUTABLE)
+
+
include $(commands_recovery_local_path)/minui/Android.mk
include $(commands_recovery_local_path)/minzip/Android.mk
include $(commands_recovery_local_path)/mtdutils/Android.mk
@@ -52,5 +69,5 @@
commands_recovery_local_path :=
endif # TARGET_ARCH == arm
-endif # !TARGET_SIMULATOR
+endif # !TARGET_SIMULATOR
diff --git a/efs_migration.c b/efs_migration.c
new file mode 100644
index 0000000..aeadd18
--- /dev/null
+++ b/efs_migration.c
@@ -0,0 +1,183 @@
+/*
+ * Copyright (C) 2009 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#include "efs_migration.h"
+#include "cutils/misc.h"
+#include "cutils/properties.h"
+#include "common.h"
+#include "mtdutils/mtdutils.h"
+#include "mtdutils/mounts.h"
+#include "roots.h"
+
+const char* efs_enabled_property = "persist.security.efs.enabled";
+const char* efs_transition_property = "persist.security.efs.trans";
+const char* efs_property_dir = "/data/property/";
+
+void get_property_file_name(char *buffer, const char *property_name) {
+ sprintf(buffer, "%s%s", efs_property_dir, property_name);
+}
+
+int get_text_file_contents(char *buffer, int buf_size, char *file_name) {
+ FILE *in_file;
+ char *read_data;
+
+ in_file = fopen(file_name, "r");
+ if (in_file == NULL) {
+ LOGE("Encrypted FS: error accessing properties.");
+ return EFS_ERROR;
+ }
+
+ read_data = fgets(buffer, buf_size, in_file);
+ if (read_data == NULL) {
+ // Error or unexpected data
+ fclose(in_file);
+ LOGE("Encrypted FS: error accessing properties.");
+ return EFS_ERROR;
+ }
+
+ fclose(in_file);
+ return EFS_OK;
+}
+
+int set_text_file_contents(char *buffer, char *file_name) {
+ FILE *out_file;
+ int result;
+
+ out_file = fopen(file_name, "w");
+ if (out_file == NULL) {
+ LOGE("Encrypted FS: error setting up properties.");
+ return EFS_ERROR;
+ }
+
+ result = fputs(buffer, out_file);
+ if (result != 0) {
+ // Error or unexpected data
+ fclose(out_file);
+ LOGE("Encrypted FS: error setting up properties.");
+ return EFS_ERROR;
+ }
+
+ fflush(out_file);
+ fclose(out_file);
+ return EFS_OK;
+}
+
+
+int read_efs_boolean_property(const char *prop_name, int *value) {
+ char prop_file_name[PROPERTY_KEY_MAX + 32];
+ char prop_value[PROPERTY_VALUE_MAX];
+ int result;
+
+ get_property_file_name(prop_file_name, prop_name);
+ result = get_text_file_contents(prop_value, PROPERTY_VALUE_MAX, prop_file_name);
+
+ if (result < 0) {
+ return result;
+ }
+
+ if (strncmp(prop_value, "1", 1) == 0) {
+ *value = 1;
+ } else if (strncmp(prop_value, "0", 1) == 0) {
+ *value = 0;
+ } else {
+ LOGE("Encrypted FS: error accessing properties.");
+ return EFS_ERROR;
+ }
+
+ return EFS_OK;
+}
+
+int write_efs_boolean_property(const char *prop_name, int value) {
+ char prop_file_name[PROPERTY_KEY_MAX + 32];
+ char prop_value[PROPERTY_VALUE_MAX];
+ int result;
+
+ get_property_file_name(prop_file_name, prop_name);
+
+ // Create the directory if needed
+ mkdir(efs_property_dir, 0755);
+ if (value == 1) {
+ result = set_text_file_contents("1", prop_file_name);
+ } else if (value == 0) {
+ result = set_text_file_contents("0", prop_file_name);
+ } else {
+ return EFS_ERROR;
+ }
+ if (result < 0) {
+ return result;
+ }
+
+ return EFS_OK;
+}
+
+int read_encrypted_fs_info(encrypted_fs_info *efs_data) {
+ int result;
+ int value;
+ result = ensure_root_path_mounted("DATA:");
+ if (result != 0) {
+ LOGE("Encrypted FS: error mounting userdata partition.");
+ return EFS_ERROR;
+ }
+
+ // STOPSHIP: Read the EFS key from a file (TBD later)
+ // Future code goes here...
+
+ result = ensure_root_path_unmounted("DATA:");
+ if (result != 0) {
+ LOGE("Encrypted FS: error unmounting data partition.");
+ return EFS_ERROR;
+ }
+
+ return EFS_OK;
+}
+
+int restore_encrypted_fs_info(encrypted_fs_info *efs_data) {
+ int result;
+ result = ensure_root_path_mounted("DATA:");
+ if (result != 0) {
+ LOGE("Encrypted FS: error mounting userdata partition.");
+ return EFS_ERROR;
+ }
+
+ // Set the EFS properties to their respective values
+ result = write_efs_boolean_property(efs_enabled_property, efs_data->encrypted_fs_mode);
+ if (result != 0) {
+ return result;
+ }
+
+ // Signal "transition" of Encrypted File System settings
+ result = write_efs_boolean_property(efs_transition_property, 1);
+ if (result != 0) {
+ return result;
+ }
+
+ result = ensure_root_path_unmounted("DATA:");
+ if (result != 0) {
+ LOGE("Encrypted FS: error unmounting data partition.");
+ return EFS_ERROR;
+ }
+
+ return EFS_OK;
+}
+
diff --git a/efs_migration.h b/efs_migration.h
new file mode 100644
index 0000000..7857f94
--- /dev/null
+++ b/efs_migration.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2009 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+
+#ifndef __EFS_MIGRATION_H__
+#define __EFS_MIGRATION_H__
+
+#define MODE_ENCRYPTEDFS_DISABLED 0
+#define MODE_ENCRYPTEDFS_ENABLED 1
+
+#define EFS_OK 0
+#define EFS_ERROR (-1)
+
+struct encrypted_fs_info {
+ int encrypted_fs_mode;
+ char *encrypted_fs_key;
+};
+
+typedef struct encrypted_fs_info encrypted_fs_info;
+
+int read_encrypted_fs_info(encrypted_fs_info *efs_data);
+
+int restore_encrypted_fs_info(encrypted_fs_info *efs_data);
+
+#endif /* __EFS_MIGRATION_H__ */
+
diff --git a/minui/resources.c b/minui/resources.c
index 7ecfeef..3d2c727 100644
--- a/minui/resources.c
+++ b/minui/resources.c
@@ -97,9 +97,10 @@
int color_type = info_ptr->color_type;
int bit_depth = info_ptr->bit_depth;
int channels = info_ptr->channels;
- if (bit_depth != 8 || (channels != 3 && channels != 4) ||
- (color_type != PNG_COLOR_TYPE_RGB &&
- color_type != PNG_COLOR_TYPE_RGBA)) {
+ if (!(bit_depth == 8 &&
+ ((channels == 3 && color_type == PNG_COLOR_TYPE_RGB) ||
+ (channels == 4 && color_type == PNG_COLOR_TYPE_RGBA) ||
+ (channels == 1 && color_type == PNG_COLOR_TYPE_PALETTE)))) {
return -7;
goto exit;
}
@@ -118,6 +119,10 @@
surface->format = (channels == 3) ?
GGL_PIXEL_FORMAT_RGBX_8888 : GGL_PIXEL_FORMAT_RGBA_8888;
+ if (color_type == PNG_COLOR_TYPE_PALETTE) {
+ png_set_palette_to_rgb(png_ptr);
+ }
+
int y;
if (channels == 3) {
for (y = 0; y < height; ++y) {
diff --git a/recovery.c b/recovery.c
index 4385307..58c84ef 100644
--- a/recovery.c
+++ b/recovery.c
@@ -37,12 +37,15 @@
#include "minzip/DirUtil.h"
#include "roots.h"
#include "recovery_ui.h"
+#include "efs_migration.h"
static const struct option OPTIONS[] = {
{ "send_intent", required_argument, NULL, 's' },
{ "update_package", required_argument, NULL, 'u' },
{ "wipe_data", no_argument, NULL, 'w' },
{ "wipe_cache", no_argument, NULL, 'c' },
+ // TODO{oam}: implement improved command line passing key, egnot to review.
+ { "set_encrypted_filesystem", required_argument, NULL, 'e' },
{ NULL, 0, NULL, 0 },
};
@@ -63,6 +66,7 @@
* --update_package=root:path - verify install an OTA package file
* --wipe_data - erase user data (and cache), then reboot
* --wipe_cache - wipe cache (but not user data), then reboot
+ * --set_encrypted_filesystem=on|off - enables / diasables encrypted fs
*
* After completing, we remove /cache/recovery/command and reboot.
* Arguments may also be supplied in the bootloader control block (BCB).
@@ -107,6 +111,26 @@
* 8g. finish_recovery() erases BCB
* -- after this, rebooting will (try to) restart the main system --
* 9. main() calls reboot() to boot main system
+ *
+ * ENCRYPTED FILE SYSTEMS ENABLE/DISABLE
+ * 1. user selects "enable encrypted file systems"
+ * 2. main system writes "--set_encrypted_filesystem=on|off" to
+ * /cache/recovery/command
+ * 3. main system reboots into recovery
+ * 4. get_args() writes BCB with "boot-recovery" and
+ * "--set_encrypted_filesystems=on|off"
+ * -- after this, rebooting will restart the transition --
+ * 5. read_encrypted_fs_info() retrieves encrypted file systems settings from /data
+ * Settings include: property to specify the Encrypted FS istatus and
+ * FS encryption key if enabled (not yet implemented)
+ * 6. erase_root() reformats /data
+ * 7. erase_root() reformats /cache
+ * 8. restore_encrypted_fs_info() writes required encrypted file systems settings to /data
+ * Settings include: property to specify the Encrypted FS status and
+ * FS encryption key if enabled (not yet implemented)
+ * 9. finish_recovery() erases BCB
+ * -- after this, rebooting will restart the main system --
+ * 10. main() calls reboot() to boot main system
*/
static const int MAX_ARG_LENGTH = 4096;
@@ -209,8 +233,7 @@
}
static void
-set_sdcard_update_bootloader_message()
-{
+set_sdcard_update_bootloader_message() {
struct bootloader_message boot;
memset(&boot, 0, sizeof(boot));
strlcpy(boot.command, "boot-recovery", sizeof(boot.command));
@@ -223,8 +246,7 @@
// record any intent we were asked to communicate back to the system.
// this function is idempotent: call it as many times as you like.
static void
-finish_recovery(const char *send_intent)
-{
+finish_recovery(const char *send_intent) {
// By this point, we're ready to return to the main system...
if (send_intent != NULL) {
FILE *fp = fopen_root_path(INTENT_FILE, "w");
@@ -255,7 +277,7 @@
check_and_fclose(log, LOG_FILE);
}
- // Reset the bootloader message to revert to a normal main system boot.
+ // Reset to mormal system boot so recovery won't cycle indefinitely.
struct bootloader_message boot;
memset(&boot, 0, sizeof(boot));
set_bootloader_message(&boot);
@@ -272,8 +294,7 @@
}
static int
-erase_root(const char *root)
-{
+erase_root(const char *root) {
ui_set_background(BACKGROUND_ICON_INSTALLING);
ui_show_indeterminate_progress();
ui_print("Formatting %s...\n", root);
@@ -384,8 +405,7 @@
}
static void
-prompt_and_wait()
-{
+prompt_and_wait() {
char** headers = prepend_title(MENU_HEADERS);
for (;;) {
@@ -438,14 +458,12 @@
}
static void
-print_property(const char *key, const char *name, void *cookie)
-{
+print_property(const char *key, const char *name, void *cookie) {
fprintf(stderr, "%s=%s\n", key, name);
}
int
-main(int argc, char **argv)
-{
+main(int argc, char **argv) {
time_t start = time(NULL);
// If these fail, there's not really anywhere to complain...
@@ -459,7 +477,10 @@
int previous_runs = 0;
const char *send_intent = NULL;
const char *update_package = NULL;
+ const char *efs_mode = NULL;
int wipe_data = 0, wipe_cache = 0;
+ int toggle_efs = 0;
+ encrypted_fs_info efs_data;
int arg;
while ((arg = getopt_long(argc, argv, "", OPTIONS, NULL)) != -1) {
@@ -469,6 +490,7 @@
case 'u': update_package = optarg; break;
case 'w': wipe_data = wipe_cache = 1; break;
case 'c': wipe_cache = 1; break;
+ case 'e': efs_mode = optarg; toggle_efs = 1; break;
case '?':
LOGE("Invalid command argument\n");
continue;
@@ -486,7 +508,42 @@
int status = INSTALL_SUCCESS;
- if (update_package != NULL) {
+ if (toggle_efs) {
+ if (strcmp(efs_mode,"on") == 0) {
+ efs_data.encrypted_fs_mode = MODE_ENCRYPTEDFS_ENABLED;
+ ui_print("Enabling Encrypted FS.\n");
+ } else if (strcmp(efs_mode,"off") == 0) {
+ efs_data.encrypted_fs_mode = MODE_ENCRYPTEDFS_DISABLED;
+ ui_print("Disabling Encrypted FS.\n");
+ } else {
+ ui_print("Error: invalid Encrypted FS setting.\n");
+ status = INSTALL_ERROR;
+ }
+
+ // Recovery strategy: if the data partition is damaged, disable encrypted file systems.
+ // This preventsthe device recycling endlessly in recovery mode.
+ // TODO{oam}: implement improved recovery strategy later. egnor to review.
+ if (read_encrypted_fs_info(&efs_data)) {
+ ui_print("Encrypted FS change aborted, resetting to disabled state.\n");
+ efs_data.encrypted_fs_mode = MODE_ENCRYPTEDFS_DISABLED;
+ }
+
+ if (status != INSTALL_ERROR) {
+ if (erase_root("DATA:")) {
+ ui_print("Data wipe failed.\n");
+ status = INSTALL_ERROR;
+ } else if (erase_root("CACHE:")) {
+ ui_print("Cache wipe failed.\n");
+ status = INSTALL_ERROR;
+ } else if (restore_encrypted_fs_info(&efs_data)) {
+ ui_print("Encrypted FS change aborted.\n");
+ status = INSTALL_ERROR;
+ } else {
+ ui_print("Successfully updated Encrypted FS.\n");
+ status = INSTALL_SUCCESS;
+ }
+ }
+ } else if (update_package != NULL) {
status = install_package(update_package);
if (status != INSTALL_SUCCESS) ui_print("Installation aborted.\n");
} else if (wipe_data) {
diff --git a/res/images/indeterminate1.png b/res/images/indeterminate1.png
index 264bf27..90cb9fb 100644
--- a/res/images/indeterminate1.png
+++ b/res/images/indeterminate1.png
Binary files differ
diff --git a/res/images/indeterminate2.png b/res/images/indeterminate2.png
index c30c049..f7fb289 100644
--- a/res/images/indeterminate2.png
+++ b/res/images/indeterminate2.png
Binary files differ
diff --git a/res/images/indeterminate3.png b/res/images/indeterminate3.png
index 891a000..ba10dfa 100644
--- a/res/images/indeterminate3.png
+++ b/res/images/indeterminate3.png
Binary files differ
diff --git a/res/images/indeterminate4.png b/res/images/indeterminate4.png
index 7a64151..ad5d9a5 100644
--- a/res/images/indeterminate4.png
+++ b/res/images/indeterminate4.png
Binary files differ
diff --git a/res/images/indeterminate5.png b/res/images/indeterminate5.png
index cd6ab20..8c19c8d 100644
--- a/res/images/indeterminate5.png
+++ b/res/images/indeterminate5.png
Binary files differ
diff --git a/res/images/indeterminate6.png b/res/images/indeterminate6.png
index ddd9e73..c0c6638 100644
--- a/res/images/indeterminate6.png
+++ b/res/images/indeterminate6.png
Binary files differ
diff --git a/res/images/progress_bar_empty.png b/res/images/progress_bar_empty.png
deleted file mode 100644
index 9013f04..0000000
--- a/res/images/progress_bar_empty.png
+++ /dev/null
Binary files differ
diff --git a/res/images/progress_bar_empty_left_round.png b/res/images/progress_bar_empty_left_round.png
deleted file mode 100644
index dae7d5d..0000000
--- a/res/images/progress_bar_empty_left_round.png
+++ /dev/null
Binary files differ
diff --git a/res/images/progress_bar_empty_right_round.png b/res/images/progress_bar_empty_right_round.png
deleted file mode 100644
index 5427088..0000000
--- a/res/images/progress_bar_empty_right_round.png
+++ /dev/null
Binary files differ
diff --git a/res/images/progress_bar_fill.png b/res/images/progress_bar_fill.png
deleted file mode 100644
index 37c04b4..0000000
--- a/res/images/progress_bar_fill.png
+++ /dev/null
Binary files differ
diff --git a/res/images/progress_bar_left_round.png b/res/images/progress_bar_left_round.png
deleted file mode 100644
index e72af47..0000000
--- a/res/images/progress_bar_left_round.png
+++ /dev/null
Binary files differ
diff --git a/res/images/progress_bar_right_round.png b/res/images/progress_bar_right_round.png
deleted file mode 100644
index d04c980..0000000
--- a/res/images/progress_bar_right_round.png
+++ /dev/null
Binary files differ
diff --git a/res/images/progress_empty.png b/res/images/progress_empty.png
new file mode 100644
index 0000000..4cb4998
--- /dev/null
+++ b/res/images/progress_empty.png
Binary files differ
diff --git a/res/images/progress_fill.png b/res/images/progress_fill.png
new file mode 100644
index 0000000..eb71754
--- /dev/null
+++ b/res/images/progress_fill.png
Binary files differ
diff --git a/testdata/alter-footer.zip b/testdata/alter-footer.zip
new file mode 100644
index 0000000..f497ec0
--- /dev/null
+++ b/testdata/alter-footer.zip
Binary files differ
diff --git a/testdata/alter-metadata.zip b/testdata/alter-metadata.zip
new file mode 100644
index 0000000..1c71fbc
--- /dev/null
+++ b/testdata/alter-metadata.zip
Binary files differ
diff --git a/testdata/fake-eocd.zip b/testdata/fake-eocd.zip
new file mode 100644
index 0000000..15dc0a9
--- /dev/null
+++ b/testdata/fake-eocd.zip
Binary files differ
diff --git a/testdata/jarsigned.zip b/testdata/jarsigned.zip
new file mode 100644
index 0000000..8b1ef8b
--- /dev/null
+++ b/testdata/jarsigned.zip
Binary files differ
diff --git a/testdata/otasigned.zip b/testdata/otasigned.zip
new file mode 100644
index 0000000..a6bc53e
--- /dev/null
+++ b/testdata/otasigned.zip
Binary files differ
diff --git a/testdata/random.zip b/testdata/random.zip
new file mode 100644
index 0000000..18c0b3b
--- /dev/null
+++ b/testdata/random.zip
Binary files differ
diff --git a/testdata/unsigned.zip b/testdata/unsigned.zip
new file mode 100644
index 0000000..24e3ead
--- /dev/null
+++ b/testdata/unsigned.zip
Binary files differ
diff --git a/ui.c b/ui.c
index 51df1fa..fdc0991 100644
--- a/ui.c
+++ b/ui.c
@@ -38,13 +38,11 @@
#define PROGRESSBAR_INDETERMINATE_STATES 6
#define PROGRESSBAR_INDETERMINATE_FPS 15
-enum { LEFT_SIDE, CENTER_TILE, RIGHT_SIDE, NUM_SIDES };
-
static pthread_mutex_t gUpdateMutex = PTHREAD_MUTEX_INITIALIZER;
static gr_surface gBackgroundIcon[NUM_BACKGROUND_ICONS];
static gr_surface gProgressBarIndeterminate[PROGRESSBAR_INDETERMINATE_STATES];
-static gr_surface gProgressBarEmpty[NUM_SIDES];
-static gr_surface gProgressBarFill[NUM_SIDES];
+static gr_surface gProgressBarEmpty;
+static gr_surface gProgressBarFill;
static const struct { gr_surface* surface; const char *name; } BITMAPS[] = {
{ &gBackgroundIcon[BACKGROUND_ICON_INSTALLING], "icon_installing" },
@@ -59,12 +57,8 @@
{ &gProgressBarIndeterminate[3], "indeterminate4" },
{ &gProgressBarIndeterminate[4], "indeterminate5" },
{ &gProgressBarIndeterminate[5], "indeterminate6" },
- { &gProgressBarEmpty[LEFT_SIDE], "progress_bar_empty_left_round" },
- { &gProgressBarEmpty[CENTER_TILE], "progress_bar_empty" },
- { &gProgressBarEmpty[RIGHT_SIDE], "progress_bar_empty_right_round" },
- { &gProgressBarFill[LEFT_SIDE], "progress_bar_left_round" },
- { &gProgressBarFill[CENTER_TILE], "progress_bar_fill" },
- { &gProgressBarFill[RIGHT_SIDE], "progress_bar_right_round" },
+ { &gProgressBarEmpty, "progress_empty" },
+ { &gProgressBarFill, "progress_fill" },
{ NULL, NULL },
};
@@ -123,8 +117,8 @@
if (gProgressBarType == PROGRESSBAR_TYPE_NONE) return;
int iconHeight = gr_get_height(gBackgroundIcon[BACKGROUND_ICON_INSTALLING]);
- int width = gr_get_width(gProgressBarIndeterminate[0]);
- int height = gr_get_height(gProgressBarIndeterminate[0]);
+ int width = gr_get_width(gProgressBarEmpty);
+ int height = gr_get_height(gProgressBarEmpty);
int dx = (gr_fb_width() - width)/2;
int dy = (3*gr_fb_height() + iconHeight - 2*height)/4;
@@ -137,18 +131,12 @@
float progress = gProgressScopeStart + gProgress * gProgressScopeSize;
int pos = (int) (progress * width);
- gr_surface s = (pos ? gProgressBarFill : gProgressBarEmpty)[LEFT_SIDE];
- gr_blit(s, 0, 0, gr_get_width(s), gr_get_height(s), dx, dy);
-
- int x = gr_get_width(s);
- while (x + (int) gr_get_width(gProgressBarEmpty[RIGHT_SIDE]) < width) {
- s = (pos > x ? gProgressBarFill : gProgressBarEmpty)[CENTER_TILE];
- gr_blit(s, 0, 0, gr_get_width(s), gr_get_height(s), dx + x, dy);
- x += gr_get_width(s);
+ if (pos > 0) {
+ gr_blit(gProgressBarFill, 0, 0, pos, height, dx, dy);
}
-
- s = (pos > x ? gProgressBarFill : gProgressBarEmpty)[RIGHT_SIDE];
- gr_blit(s, 0, 0, gr_get_width(s), gr_get_height(s), dx + x, dy);
+ if (pos < width-1) {
+ gr_blit(gProgressBarEmpty, pos, 0, width-pos, height, dx+pos, dy);
+ }
}
if (gProgressBarType == PROGRESSBAR_TYPE_INDETERMINATE) {
diff --git a/verifier.c b/verifier.c
index 164fb4a..9d39fd1 100644
--- a/verifier.c
+++ b/verifier.c
@@ -42,7 +42,7 @@
// An archive with a whole-file signature will end in six bytes:
//
- // $ff $ff (2-byte comment size) (2-byte signature start)
+ // (2-byte signature start) $ff $ff (2-byte comment size)
//
// (As far as the ZIP format is concerned, these are part of the
// archive comment.) We start by reading this footer, this tells
@@ -169,7 +169,7 @@
const uint8_t* sha1 = SHA_final(&ctx);
for (i = 0; i < numKeys; ++i) {
- // The 6 bytes is the "$ff $ff (signature_start) (comment_size)" that
+ // The 6 bytes is the "(signature_start) $ff $ff (comment_size)" that
// the signing tool appends after the signature itself.
if (RSA_verify(pKeys+i, eocd + eocd_size - 6 - RSANUMBYTES,
RSANUMBYTES, sha1)) {
diff --git a/verifier_test.c b/verifier_test.c
new file mode 100644
index 0000000..5b6c1f4
--- /dev/null
+++ b/verifier_test.c
@@ -0,0 +1,91 @@
+/*
+ * Copyright (C) 2009 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+
+#include "verifier.h"
+
+// This is build/target/product/security/testkey.x509.pem after being
+// dumped out by dumpkey.jar.
+RSAPublicKey test_key =
+ { 64, 0xc926ad21,
+ { 1795090719, 2141396315, 950055447, -1713398866,
+ -26044131, 1920809988, 546586521, -795969498,
+ 1776797858, -554906482, 1805317999, 1429410244,
+ 129622599, 1422441418, 1783893377, 1222374759,
+ -1731647369, 323993566, 28517732, 609753416,
+ 1826472888, 215237850, -33324596, -245884705,
+ -1066504894, 774857746, 154822455, -1797768399,
+ -1536767878, -1275951968, -1500189652, 87251430,
+ -1760039318, 120774784, 571297800, -599067824,
+ -1815042109, -483341846, -893134306, -1900097649,
+ -1027721089, 950095497, 555058928, 414729973,
+ 1136544882, -1250377212, 465547824, -236820568,
+ -1563171242, 1689838846, -404210357, 1048029507,
+ 895090649, 247140249, 178744550, -747082073,
+ -1129788053, 109881576, -350362881, 1044303212,
+ -522594267, -1309816990, -557446364, -695002876},
+ { -857949815, -510492167, -1494742324, -1208744608,
+ 251333580, 2131931323, 512774938, 325948880,
+ -1637480859, 2102694287, -474399070, 792812816,
+ 1026422502, 2053275343, -1494078096, -1181380486,
+ 165549746, -21447327, -229719404, 1902789247,
+ 772932719, -353118870, -642223187, 216871947,
+ -1130566647, 1942378755, -298201445, 1055777370,
+ 964047799, 629391717, -2062222979, -384408304,
+ 191868569, -1536083459, -612150544, -1297252564,
+ -1592438046, -724266841, -518093464, -370899750,
+ -739277751, -1536141862, 1323144535, 61311905,
+ 1997411085, 376844204, 213777604, -217643712,
+ 9135381, 1625809335, -1490225159, -1342673351,
+ 1117190829, -57654514, 1825108855, -1281819325,
+ 1111251351, -1726129724, 1684324211, -1773988491,
+ 367251975, 810756730, -1941182952, 1175080310 }
+ };
+
+void ui_print(const char* fmt, ...) {
+ char buf[256];
+ va_list ap;
+ va_start(ap, fmt);
+ vsnprintf(buf, 256, fmt, ap);
+ va_end(ap);
+
+ fputs(buf, stderr);
+}
+
+void ui_set_progress(float fraction) {
+}
+
+int main(int argc, char **argv) {
+ if (argc != 2) {
+ fprintf(stderr, "Usage: %s <package>\n", argv[0]);
+ return 2;
+ }
+
+ int result = verify_file(argv[1], &test_key, 1);
+ if (result == VERIFY_SUCCESS) {
+ printf("SUCCESS\n");
+ return 0;
+ } else if (result == VERIFY_FAILURE) {
+ printf("FAILURE\n");
+ return 1;
+ } else {
+ printf("bad return value\n");
+ return 3;
+ }
+}
diff --git a/verifier_test.sh b/verifier_test.sh
new file mode 100755
index 0000000..6350e80
--- /dev/null
+++ b/verifier_test.sh
@@ -0,0 +1,94 @@
+#!/bin/bash
+#
+# A test suite for applypatch. Run in a client where you have done
+# envsetup, choosecombo, etc.
+#
+# DO NOT RUN THIS ON A DEVICE YOU CARE ABOUT. It will mess up your
+# system partition.
+#
+#
+# TODO: find some way to get this run regularly along with the rest of
+# the tests.
+
+EMULATOR_PORT=5580
+DATA_DIR=$ANDROID_BUILD_TOP/bootable/recovery/testdata
+
+WORK_DIR=/data/local/tmp
+
+# set to 0 to use a device instead
+USE_EMULATOR=0
+
+# ------------------------
+
+if [ "$USE_EMULATOR" == 1 ]; then
+ emulator -wipe-data -noaudio -no-window -port $EMULATOR_PORT &
+ pid_emulator=$!
+ ADB="adb -s emulator-$EMULATOR_PORT "
+else
+ ADB="adb -d "
+fi
+
+echo "waiting to connect to device"
+$ADB wait-for-device
+
+# run a command on the device; exit with the exit status of the device
+# command.
+run_command() {
+ $ADB shell "$@" \; echo \$? | awk '{if (b) {print a}; a=$0; b=1} END {exit a}'
+}
+
+testname() {
+ echo
+ echo "::: testing $1 :::"
+ testname="$1"
+}
+
+fail() {
+ echo
+ echo FAIL: $testname
+ echo
+ [ "$open_pid" == "" ] || kill $open_pid
+ [ "$pid_emulator" == "" ] || kill $pid_emulator
+ exit 1
+}
+
+
+cleanup() {
+ # not necessary if we're about to kill the emulator, but nice for
+ # running on real devices or already-running emulators.
+ run_command rm $WORK_DIR/verifier_test
+ run_command rm $WORK_DIR/package.zip
+
+ [ "$pid_emulator" == "" ] || kill $pid_emulator
+}
+
+$ADB push $ANDROID_PRODUCT_OUT/system/bin/verifier_test \
+ $WORK_DIR/verifier_test
+
+expect_succeed() {
+ testname "$1 (should succeed)"
+ $ADB push $DATA_DIR/$1 $WORK_DIR/package.zip
+ run_command $WORK_DIR/verifier_test $WORK_DIR/package.zip || fail
+}
+
+expect_fail() {
+ testname "$1 (should fail)"
+ $ADB push $DATA_DIR/$1 $WORK_DIR/package.zip
+ run_command $WORK_DIR/verifier_test $WORK_DIR/package.zip && fail
+}
+
+expect_fail unsigned.zip
+expect_fail jarsigned.zip
+expect_succeed otasigned.zip
+expect_fail random.zip
+expect_fail fake-eocd.zip
+expect_fail alter-metadata.zip
+expect_fail alter-footer.zip
+
+# --------------- cleanup ----------------------
+
+cleanup
+
+echo
+echo PASS
+echo
