diff options
author | Tianjie <xunchang@google.com> | 2021-02-24 11:45:33 -0800 |
---|---|---|
committer | Tianjie <xunchang@google.com> | 2021-02-24 11:45:33 -0800 |
commit | 78ac4474a1f319ca523cc01acbec86c0baeea214 (patch) | |
tree | c02a0e1107a2d00c6c57eb70ad3efa8bff9023b3 /verity | |
parent | cf793310726398d5d50c12ff0eeba24a49674688 (diff) | |
download | extras-78ac4474a1f319ca523cc01acbec86c0baeea214.tar.gz |
Support blake2b-256 in hashtree builder
Now that blake2b-256 can be used to generate hashtree, add
the algorithm support in hashtree builder. This is needed to
perform on-device verity computation during an OTA update.
Bug: 178117377
Test: disable vabc on CF, check blake2b-256 verity tree generates correctly on device
Change-Id: I54de6f9db34f7b128f914de15af9b7fb61c41d1a
Diffstat (limited to 'verity')
-rw-r--r-- | verity/build_verity_tree_test.cpp | 12 | ||||
-rw-r--r-- | verity/hash_tree_builder.cpp | 3 |
2 files changed, 15 insertions, 0 deletions
diff --git a/verity/build_verity_tree_test.cpp b/verity/build_verity_tree_test.cpp index 8e1f114a..74fe9c06 100644 --- a/verity/build_verity_tree_test.cpp +++ b/verity/build_verity_tree_test.cpp @@ -101,6 +101,18 @@ TEST_F(BuildVerityTreeTest, HashSingleLevel) { HashTreeBuilder::BytesArrayToString(builder->root_hash())); } +TEST_F(BuildVerityTreeTest, HashSingleLevel_blake2b256) { + std::vector<unsigned char> data(128 * 4096, 0x0); + + builder.reset( + new HashTreeBuilder(4096, HashTreeBuilder::HashFunction("blake2b-256"))); + + GenerateHashTree(data, salt_hex); + ASSERT_EQ(1u, verity_tree().size()); + ASSERT_EQ("6d5b006af5308523f7db6956c60b2650ff3e7edab1e2194cc8ee19b1a1398c03", + HashTreeBuilder::BytesArrayToString(builder->root_hash())); +} + TEST_F(BuildVerityTreeTest, HashMultipleLevels) { std::vector<unsigned char> data(129 * 4096, 0xff); diff --git a/verity/hash_tree_builder.cpp b/verity/hash_tree_builder.cpp index df6f7864..52899a35 100644 --- a/verity/hash_tree_builder.cpp +++ b/verity/hash_tree_builder.cpp @@ -42,6 +42,9 @@ const EVP_MD* HashTreeBuilder::HashFunction(const std::string& hash_name) { if (android::base::EqualsIgnoreCase(hash_name, "sha512")) { return EVP_sha512(); } + if (android::base::EqualsIgnoreCase(hash_name, "blake2b-256")) { + return EVP_blake2b256(); + } LOG(ERROR) << "Unsupported hash algorithm " << hash_name; return nullptr; |