Loading tools/releasetools/build_image.py +3 −6 Original line number Diff line number Diff line Loading @@ -330,7 +330,7 @@ def BuildVerityFEC(sparse_image_path, verity_path, verity_fec_path, "Failed to build FEC data:\n{}".format(output)) def BuildVerityTree(sparse_image_path, verity_image_path, prop_dict): def BuildVerityTree(sparse_image_path, verity_image_path): cmd = ["build_verity_tree", "-A", FIXED_SALT, sparse_image_path, verity_image_path] output, exit_code = RunCommand(cmd) Loading @@ -338,8 +338,7 @@ def BuildVerityTree(sparse_image_path, verity_image_path, prop_dict): raise BuildImageError( "Failed to build verity tree:\n{}".format(output)) root, salt = output.split() prop_dict["verity_root_hash"] = root prop_dict["verity_salt"] = salt return root, salt def BuildVerityMetadata(image_size, verity_metadata_path, root_hash, salt, Loading Loading @@ -453,11 +452,9 @@ def MakeVerityEnabledImage(out_file, fec_supported, prop_dict): verity_fec_path = os.path.join(tempdir_name, "verity_fec.img") # Build the verity tree and get the root hash and salt. BuildVerityTree(out_file, verity_image_path, prop_dict) root_hash, salt = BuildVerityTree(out_file, verity_image_path) # Build the metadata blocks. root_hash = prop_dict["verity_root_hash"] salt = prop_dict["verity_salt"] verity_disable = "verity_disable" in prop_dict BuildVerityMetadata( image_size, verity_metadata_path, root_hash, salt, block_dev, signer_path, Loading tools/releasetools/verity_utils.py +12 −8 Original line number Diff line number Diff line Loading @@ -169,14 +169,17 @@ class VerifiedBootVersion1HashtreeInfoGenerator(HashtreeInfoGenerator): self.image.WriteRangeDataToFd(self.hashtree_info.filesystem_range, fd) generated_verity_tree = common.MakeTempFile(prefix="verity") prop_dict = {} BuildVerityTree(adjusted_partition, generated_verity_tree, prop_dict) assert prop_dict["verity_salt"] == self.hashtree_info.salt if prop_dict["verity_root_hash"] != self.hashtree_info.root_hash: print("Calculated verty root hash {} doesn't match the one in metadata" " {}".format(prop_dict["verity_root_hash"], self.hashtree_info.root_hash)) root_hash, salt = BuildVerityTree(adjusted_partition, generated_verity_tree) # The salt should be always identical, as we use fixed value. assert salt == self.hashtree_info.salt, \ "Calculated salt {} doesn't match the one in metadata {}".format( salt, self.hashtree_info.salt) if root_hash != self.hashtree_info.root_hash: print( "Calculated root hash {} doesn't match the one in metadata {}".format( root_hash, self.hashtree_info.root_hash)) return False # Reads the generated hash tree and checks if it has the exact same bytes Loading @@ -190,6 +193,7 @@ class VerifiedBootVersion1HashtreeInfoGenerator(HashtreeInfoGenerator): Returns: hashtree_info: The information needed to reconstruct the hashtree. Raises: HashtreeInfoGenerationError: If we fail to generate the exact bytes of the hashtree. Loading Loading
tools/releasetools/build_image.py +3 −6 Original line number Diff line number Diff line Loading @@ -330,7 +330,7 @@ def BuildVerityFEC(sparse_image_path, verity_path, verity_fec_path, "Failed to build FEC data:\n{}".format(output)) def BuildVerityTree(sparse_image_path, verity_image_path, prop_dict): def BuildVerityTree(sparse_image_path, verity_image_path): cmd = ["build_verity_tree", "-A", FIXED_SALT, sparse_image_path, verity_image_path] output, exit_code = RunCommand(cmd) Loading @@ -338,8 +338,7 @@ def BuildVerityTree(sparse_image_path, verity_image_path, prop_dict): raise BuildImageError( "Failed to build verity tree:\n{}".format(output)) root, salt = output.split() prop_dict["verity_root_hash"] = root prop_dict["verity_salt"] = salt return root, salt def BuildVerityMetadata(image_size, verity_metadata_path, root_hash, salt, Loading Loading @@ -453,11 +452,9 @@ def MakeVerityEnabledImage(out_file, fec_supported, prop_dict): verity_fec_path = os.path.join(tempdir_name, "verity_fec.img") # Build the verity tree and get the root hash and salt. BuildVerityTree(out_file, verity_image_path, prop_dict) root_hash, salt = BuildVerityTree(out_file, verity_image_path) # Build the metadata blocks. root_hash = prop_dict["verity_root_hash"] salt = prop_dict["verity_salt"] verity_disable = "verity_disable" in prop_dict BuildVerityMetadata( image_size, verity_metadata_path, root_hash, salt, block_dev, signer_path, Loading
tools/releasetools/verity_utils.py +12 −8 Original line number Diff line number Diff line Loading @@ -169,14 +169,17 @@ class VerifiedBootVersion1HashtreeInfoGenerator(HashtreeInfoGenerator): self.image.WriteRangeDataToFd(self.hashtree_info.filesystem_range, fd) generated_verity_tree = common.MakeTempFile(prefix="verity") prop_dict = {} BuildVerityTree(adjusted_partition, generated_verity_tree, prop_dict) assert prop_dict["verity_salt"] == self.hashtree_info.salt if prop_dict["verity_root_hash"] != self.hashtree_info.root_hash: print("Calculated verty root hash {} doesn't match the one in metadata" " {}".format(prop_dict["verity_root_hash"], self.hashtree_info.root_hash)) root_hash, salt = BuildVerityTree(adjusted_partition, generated_verity_tree) # The salt should be always identical, as we use fixed value. assert salt == self.hashtree_info.salt, \ "Calculated salt {} doesn't match the one in metadata {}".format( salt, self.hashtree_info.salt) if root_hash != self.hashtree_info.root_hash: print( "Calculated root hash {} doesn't match the one in metadata {}".format( root_hash, self.hashtree_info.root_hash)) return False # Reads the generated hash tree and checks if it has the exact same bytes Loading @@ -190,6 +193,7 @@ class VerifiedBootVersion1HashtreeInfoGenerator(HashtreeInfoGenerator): Returns: hashtree_info: The information needed to reconstruct the hashtree. Raises: HashtreeInfoGenerationError: If we fail to generate the exact bytes of the hashtree. Loading
