Age | Commit message (Collapse) | Author |
|
am: db16b88f9a
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2400165
Change-Id: I9efe9cead9af659db58c6dba70d0e77833be9cdd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2400165
Change-Id: I313b6b7fb61f9afad1c06368c7876c56b47c0b28
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2400165
Change-Id: I74bb2ddcbdb78b08b38be4f282552609d2bec2ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 266636594
Fixes: 266636594
Test: builds
Change-Id: I9c036e8cad54a1dcf153a912c80b1af4bd00acd5
|
|
3e809ac3aa
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2400163
Change-Id: I91f6c1616ada3334024361aeee8aa194ba0707d2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2400163
Change-Id: Ia7dedcd8df602f0cafbe1411c21a53503ace3ded
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2400163
Change-Id: I420c29fae8c2c03e816b016ddc61b826f5cdc779
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 253568736
Test: atest com.android.server.pm.test.SettingsTest
Change-Id: Idbcf30009587976e927f591e4b91a31c41c821f3
|
|
am: 006c762eef am: 84ff393b11
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2008375
Change-Id: I0c17af8ff07753353afa30a0c2d0a1f31049da48
|
|
am: 006c762eef
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2008375
Change-Id: I57a713cccfe7e06a86b455af314ed2306375d15b
|
|
am: 006c762eef
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2008375
Change-Id: Iffca9c526219eca5139ec956fb82754d7351d154
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2008375
Change-Id: Ic1bc6d3ff483a1a4bcbbcc8fd6a798bc99ea5ebe
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2008375
Change-Id: I0e2ee285c0747354876d4b0b11b31db3378adb8a
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2008375
Change-Id: I757af2db752a515ed12002274be66db4183bf8b4
|
|
Comments not preserved during refresh.
Test: m nothing
Change-Id: I1605091d7ca2cb9361a283e284f5f1ec3d5382a0
|
|
sc-v2-dev-plus-aosp-without-vendor@8084891 am: 7451b68efb -s ours am: 4d8d60e05b -s ours
am skip reason: Merged-In I29c05c0675fd55ca0e6c5a7beb23b92969330cb3 with SHA-1 0051d4eeb7 is already in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/fsverity-utils/+/16843627
Change-Id: I626329563d18d87f7a12ab8b5104301e278ca78a
|
|
sc-v2-dev-plus-aosp-without-vendor@8084891 am: 7451b68efb -s ours
am skip reason: Merged-In I29c05c0675fd55ca0e6c5a7beb23b92969330cb3 with SHA-1 0051d4eeb7 is already in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/fsverity-utils/+/16843627
Change-Id: I83d4960b0bbed41b24c87afe19179aea0f02478b
|
|
Bug: 214455710
Merged-In: I29c05c0675fd55ca0e6c5a7beb23b92969330cb3
Change-Id: I82084ac80ab3ecd196c53a296a15d5ac644b1b08
|
|
7c6fce9125 am: 0685632d03 am: e483d62e0c
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1975207
Change-Id: I8f68e66e5e46d109f8645125235286972eec6348
|
|
7c6fce9125 am: 0685632d03
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1975207
Change-Id: Ia48e67a902b162fe918601a73768f734e6c5573d
|
|
7c6fce9125
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1975207
Change-Id: I06cce136b1b93938ca4f24c5f1e0020f784a4129
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1975207
Change-Id: I52c7b945d18b018baa4ce35dc760905f97a3766d
|
|
Upgrade to fsverity-utils v1.5 so that AOSP is on a tagged release
version. No significant changes since the last merge.
* aosp/upstream-master:
v1.5
NEWS.md: update for v1.5
scripts/do-release.sh: split into prepare and publish
scripts/run-sparse.sh: fix to exclude boringssl directory
Clarify the purpose of built-in signatures
Makefile: fix a typo
Add GitHub Actions support
Support automatically building BoringSSL for testing
run-tests.sh: make CFI test work on Ubuntu 20.04
run-tests.sh: allow running individual tests
Test: mmm external/fsverity-utils
Change-Id: Icdf6279c9bdaed4cc5a87aabaf444e5d179ff089
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
456606b97f am: 2fc32129e9 am: 5f70389b90
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1927574
Change-Id: Ifb82cf1a0a03fb4b2fe283cd213e615484621d88
|
|
456606b97f am: 2fc32129e9
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1927574
Change-Id: Iba777b5051df4a8bd085e18941d0b1cff4631b74
|
|
456606b97f
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1927574
Change-Id: I2bcc38d0ee9c5c395c327a24d4a54fc225f4a31d
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1927574
Change-Id: I790b8af173f67eb1af98454048f1d6880d0b7b56
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
* aosp/upstream-master:
lib: remove libfsverity_error_msg_errno()
Makefile: use -Wno-deprecated-declarations to avoid OpenSSL 3.0 warnings
scripts/run-tests.sh: test with OpenSSL 3.0
scripts/run-tests.sh: test with OpenSSL 1.0
Implement PKCS#11 opaque keys support through OpenSSL pkcs11 engine
Bug: 190084016
Test: m libfsverity
Test: m USE_HOST_MUSL=true libfsverity
Change-Id: I0fc0239104b2738292a2672c85e3dac15eb80024
|
|
This is currently unused, and it currently uses GNU strerror_r() which
is non-portable (doesn't work with musl libc). Just remove it for now.
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
c829e950b7 am: f7fa3c2426
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1906290
Change-Id: Ib246e41009680e64f5a3c9e1fc6bd33bd7cdf217
|
|
c829e950b7
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1906290
Change-Id: I1e939a0b80820aa7c5cd154322dfc5f88f69d964
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1906290
Change-Id: Ib0b1c4852780249189b55edaf7039204b84dbeb6
|
|
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1906290
Change-Id: I4e96661f86f64ec47eca8923a4f685ab6548bb75
|
|
Bug: 199914227
Test: build
Change-Id: I29c05c0675fd55ca0e6c5a7beb23b92969330cb3
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
PKCS#11 API allows us to use opaque keys confined in hardware security
modules (HSMs) and similar hardware tokens without direct access to the
key material, providing logical separation of the keys from the
cryptographic operations performed using them.
This commit allows using the popular libp11 pkcs11 module for the
OpenSSL library with `fsverity` so that direct access to a private key
file isn't necessary to sign files.
The user needs to supply the path to the engine shared library
(typically the libp11 shared object file) and the PKCS#11 module library
(a shared object file specific to the given hardware token). The user
may also supply a token-specific key identifier.
Test evidence with a hardware PKCS#11 token:
$ echo test > dummy
$ ./fsverity sign dummy dummy.sig \
--pkcs11-engine=/usr/lib64/engines-1.1/libpkcs11.so \
--pkcs11-module=/usr/local/lib64/pkcs11_module.so \
--cert=test-pkcs11-cert.pem && echo OK;
Signed file 'dummy'
(sha256:c497326752e21b3992b57f7eff159102d474a97d972dc2c2d99d23e0f5fbdb65)
OK
Test evidence for regression check (checking that regular file-based key
signing still works):
$ ./fsverity sign dummy dummy.sig --key=key.pem --cert=cert.pem && \
echo OK;
Signed file 'dummy'
(sha256:c497326752e21b3992b57f7eff159102d474a97d972dc2c2d99d23e0f5fbdb65)
OK
Signed-off-by: Aleksander Adamowski <olo@fb.com>
[EB: Avoided overloading the --key option and keyfile field, clarified
the documentation, removed logic from cmd_sign.c that libfsverity
already handles, and many other improvements.]
Link: https://lore.kernel.org/r/20210909212731.1151190-1-olo@fb.com
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
487486c712 am: 293f2557ec am: 2646788639
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1759569
Change-Id: I704a21d91e7ebc02729c63f7bd480983f44790a2
|
|
487486c712 am: 293f2557ec
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1759569
Change-Id: Ia8d6d05ab3ed843fae82c9ad2fe345a172a89974
|