bootable_recovery.git - bootable/recovery

	Commit message (Collapse)	Author	Age	Files	Lines
*	Add a checker for signature boundary in verifier	Tianjie Xu	2017-03-22	1	-0/+6
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The 'signature_start' variable marks the location of the signature from the end of a zip archive. And a boundary check is missing where 'signature_start' should be within the EOCD comment field. This causes problems when sideloading a malicious package. Also add a corresponding test. Bug: 31914369 Test: Verification fails correctly when sideloading recovery_test.zip on angler. CVE-2017-0475 Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1 (cherry-picked from f69e6a9475983b2ad46729e44ab58d2b22cd74d0) (cherry picked from commit 54ea136fded56810bf475885eb4bd7bf1b11f09c) (cherry picked from commit 2c6c23f651abb3d215134dfba463eb72a5e9f8eb)
*	Add missing includes.	Elliott Hughes	2015-01-28	1	-2/+3
\| \| \| \|	Change-Id: I0737456e0221ebe9cc854d65c95a7d37d0869d56
*	am 4b6de1ba: am 026ebe02: Merge "Recovery 64-bit compile issues"	Mark Salyzyn	2014-03-14	1	-7/+7
\|\ \| \| \| \| \| \| \| \|	* commit '4b6de1ba1ce0fff95c18a8abb7ba6e5762006d49': Recovery 64-bit compile issues
\| *	Recovery 64-bit compile issues	Mark Salyzyn	2014-03-14	1	-7/+7
\| \| \| \| \| \| \| \|	Change-Id: I92d5abd1a628feab3b0246924fab7f97ba3b9d34
* \|	do verification and extraction on memory, not files	Doug Zongker	2014-01-16	1	-55/+15
\|/ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Changes minzip and recovery's file signature verification to work on memory regions, rather than files. For packages which are regular files, install.cpp now mmap()s them into memory and then passes the mapped memory to the verifier and to the minzip library. Support for files which are raw block maps (which will be used when we have packages written to encrypted data partitions) is present but largely untested so far. Bug: 12188746 Change-Id: I12cc3e809834745a489dd9d4ceb558cbccdc3f71
*	Add support for ECDSA signatures	Kenny Root	2013-10-10	1	-32/+198
\| \| \| \| \| \| \| \|	This adds support for key version 5 which is an EC key using the NIST P-256 curve parameters. OTAs may be signed with these keys using the ECDSA signature algorithm with SHA-256. Change-Id: Id88672a3deb70681c78d5ea0d739e10f839e4567
*	verifier: update to support certificates using SHA-256	Doug Zongker	2013-09-25	1	-17/+63
\| \| \| \| \| \|	(cherry picked from commit bac7fba02763ae5e78e8e4ba0bea727330ad953e) Change-Id: I01c38d7fea088622a8b0bbf2c833fa2d969417af
*	move key loading to verifier code	Doug Zongker	2012-11-02	1	-0/+102
\| \| \| \| \| \| \|	Add an option to verifier_test to load keys from a file, the way the recovery does. Change-Id: Icba0e391164f2c1a9fefeab4b0bcb878e91d17b4
*	refactor ui functions into a class	Doug Zongker	2011-10-31	1	-2/+4
\| \| \| \| \| \| \| \| \| \| \|	Move all the functions in ui.c to be members of a ScreenRecoveryUI class, which is a subclass of an abstract RecoveryUI class. Recovery then creates a global singleton instance of this class and then invoke the methods to drive the UI. We use this to allow substitution of a different RecoveryUI implementation for devices with radically different form factors (eg, that don't have a screen). Change-Id: I76bdd34eca506149f4cc07685df6a4890473f3d9
*	turn recovery into a C++ binary	Doug Zongker	2011-10-31	1	-0/+185
	Change-Id: I423a23581048d451d53eef46e5f5eac485b77555