dumpkey.py outputs everything as version 1

RESOLVED FIXED in Firefox OS v2.1

Status

Firefox OS
GonkIntegration
RESOLVED FIXED
4 years ago
4 years ago

People

(Reporter: pehrsons, Assigned: pehrsons)

Tracking

unspecified
2.1 S3 (29aug)
All
Gonk (Firefox OS)

Firefox Tracking Flags

(b2g-v2.1 fixed)

Details

Attachments

(2 attachments)

(Assignee)

Description

4 years ago
dumpkey.py was introduced in bug 904517, but where android's dumpkey.jar supports 4 different key versions, dumpkey.py's output only conforms to version 1.

I had a case where recovery could not verify the update package. I was then using a version 2 key, but the output from dumpkey.py did not include the "v2 " prefix necessary to identify the correct version. It was instead interpreted as a version 1 key.

From DumpPublicKey.java:
---
    /**
     * @param key to perform sanity checks on
     * @return version number of key.  Supported versions are:
     *     1: 2048-bit RSA key with e=3 and SHA-1 hash
     *     2: 2048-bit RSA key with e=65537 and SHA-1 hash
     *     3: 2048-bit RSA key with e=3 and SHA-256 hash
     *     4: 2048-bit RSA key with e=65537 and SHA-256 hash
     * @throws Exception if the key has the wrong size or public exponent
     */
    static int checkRSA(RSAPublicKey key, boolean useSHA256) throws Exception {
---

We could implement something similar.
(Assignee)

Updated

4 years ago
Assignee: nobody → pehrsons
Depends on: 904517
(Assignee)

Comment 1

4 years ago
Created attachment 8474560 [details] [review]
[KK 4.4] dumpkey.py: support key versions 1,2,3,4

Adds a function to check the key version. Either returns the version, or None if unsupported.

Then outputs the version as expected by recovery.

Tested on version 1 and 2 keys.
Attachment #8474560 - Flags: review?(mwu)
Attachment #8474560 - Flags: feedback?(kli)
(Assignee)

Comment 2

4 years ago
Created attachment 8474563 [details] [review]
[JB 4.3] dumpkey.py: support key versions 1,2,3,4

DumpPublicKey.java for Jellybean only supports version 1 and 2, however here I just cherry-picked the 4.4 commit.
Attachment #8474563 - Flags: review?(mwu)
Attachment #8474563 - Flags: feedback?(kli)
(Assignee)

Comment 3

4 years ago
I just updated the PRs with improved error handling. In case anyone just had a look you might want to reload.

Comment 4

4 years ago
Hey Marshall, would you be able to review this? This looks like code you originally wrote. Can find someone else if you prefer, though. Thanks!
Flags: needinfo?(marshall)
Comment on attachment 8474563 [details] [review]
[JB 4.3] dumpkey.py: support key versions 1,2,3,4

some minor nits, but overall it looks good
Attachment #8474563 - Flags: review?(mwu) → review+
Flags: needinfo?(marshall)
Attachment #8474560 - Flags: review?(mwu) → review+
Comment on attachment 8474560 [details] [review]
[KK 4.4] dumpkey.py: support key versions 1,2,3,4

It is better to support 4 different key veraion. Andreas, Thanks for you input!
Attachment #8474560 - Flags: feedback?(kli) → feedback+
Attachment #8474563 - Flags: feedback?(kli) → feedback+
(Assignee)

Comment 7

4 years ago
Thanks guys. Nits fixed and PRs updated.
Keywords: checkin-needed
b2g-4.3_r2.1: https://github.com/mozilla-b2g/platform_build/commit/7eef86294cd794ab9e6a53d218c238bfc63c3a6d

b2g-4.4.2_r1: https://github.com/mozilla-b2g/platform_build/commit/1865c6639c51f0290d5778adef146147d5d6a5f0
Status: NEW → RESOLVED
Last Resolved: 4 years ago
status-b2g-v2.1: --- → fixed
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → 2.1 S3 (29aug)
You need to log in before you can comment on or make changes to this bug.