aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-03-04Move comment to license_note am: 508a255e36 am: 4f610c7f85 am: 97484830cat_frc_odp_330442040t_frc_odp_330442000t_frc_ase_330444010android-t-qpr3-beta-3-gplandroid-t-qpr3-beta-1-gplandroid-t-qpr2-beta-3-gplandroid-t-qpr2-beta-2-gplandroid-t-qpr1-beta-3-gplandroid-t-qpr1-beta-2-gplandroid-t-qpr1-beta-1-gplandroid-13.0.0_r83android-13.0.0_r82android-13.0.0_r81android-13.0.0_r80android-13.0.0_r79android-13.0.0_r78android-13.0.0_r77android-13.0.0_r76android-13.0.0_r75android-13.0.0_r74android-13.0.0_r73android-13.0.0_r72android-13.0.0_r71android-13.0.0_r70android-13.0.0_r69android-13.0.0_r68android-13.0.0_r67android-13.0.0_r66android-13.0.0_r65android-13.0.0_r64android-13.0.0_r63android-13.0.0_r62android-13.0.0_r61android-13.0.0_r60android-13.0.0_r59android-13.0.0_r58android-13.0.0_r57android-13.0.0_r56android-13.0.0_r55android-13.0.0_r54android-13.0.0_r53android-13.0.0_r52android-13.0.0_r51android-13.0.0_r50android-13.0.0_r49android-13.0.0_r48android-13.0.0_r47android-13.0.0_r46android-13.0.0_r45android-13.0.0_r44android-13.0.0_r43android-13.0.0_r42android-13.0.0_r41android-13.0.0_r40android-13.0.0_r39android-13.0.0_r38android-13.0.0_r37android-13.0.0_r36android-13.0.0_r35android-13.0.0_r34android-13.0.0_r33android-13.0.0_r32android-13.0.0_r30android-13.0.0_r29android-13.0.0_r28android-13.0.0_r27android-13.0.0_r24android-13.0.0_r23android-13.0.0_r22android-13.0.0_r21android-13.0.0_r20android-13.0.0_r19android-13.0.0_r18android-13.0.0_r17android-13.0.0_r16aml_go_odp_330912000aml_go_ads_330915100aml_go_ads_330915000aml_go_ads_330913000main-16k-with-phonesmain-16kandroid13-qpr3-s9-releaseandroid13-qpr3-s8-releaseandroid13-qpr3-s7-releaseandroid13-qpr3-s6-releaseandroid13-qpr3-s5-releaseandroid13-qpr3-s4-releaseandroid13-qpr3-s3-releaseandroid13-qpr3-s2-releaseandroid13-qpr3-s14-releaseandroid13-qpr3-s13-releaseandroid13-qpr3-s12-releaseandroid13-qpr3-s11-releaseandroid13-qpr3-s10-releaseandroid13-qpr3-s1-releaseandroid13-qpr3-releaseandroid13-qpr3-c-s8-releaseandroid13-qpr3-c-s7-releaseandroid13-qpr3-c-s6-releaseandroid13-qpr3-c-s5-releaseandroid13-qpr3-c-s4-releaseandroid13-qpr3-c-s3-releaseandroid13-qpr3-c-s2-releaseandroid13-qpr3-c-s12-releaseandroid13-qpr3-c-s11-releaseandroid13-qpr3-c-s10-releaseandroid13-qpr3-c-s1-releaseandroid13-qpr2-s9-releaseandroid13-qpr2-s8-releaseandroid13-qpr2-s7-releaseandroid13-qpr2-s6-releaseandroid13-qpr2-s5-releaseandroid13-qpr2-s3-releaseandroid13-qpr2-s2-releaseandroid13-qpr2-s12-releaseandroid13-qpr2-s11-releaseandroid13-qpr2-s10-releaseandroid13-qpr2-s1-releaseandroid13-qpr2-releaseandroid13-qpr2-b-s1-releaseandroid13-qpr1-s8-releaseandroid13-qpr1-s7-releaseandroid13-qpr1-s6-releaseandroid13-qpr1-s5-releaseandroid13-qpr1-s4-releaseandroid13-qpr1-s3-releaseandroid13-qpr1-s2-releaseandroid13-qpr1-s1-releaseandroid13-qpr1-releaseandroid13-mainline-go-adservices-releaseandroid13-frc-odp-releaseandroid13-devandroid13-d4-s2-releaseandroid13-d4-s1-releaseandroid13-d4-releaseandroid13-d3-s1-releaseandroid13-d2-releaseBob Badour
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2008375 Change-Id: Ic1bc6d3ff483a1a4bcbbcc8fd6a798bc99ea5ebe
2022-03-04Move comment to license_note am: 508a255e36 am: 4f610c7f85Bob Badour
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2008375 Change-Id: I0e2ee285c0747354876d4b0b11b31db3378adb8a
2022-03-04Move comment to license_note am: 508a255e36Bob Badour
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/2008375 Change-Id: I757af2db752a515ed12002274be66db4183bf8b4
2022-03-03Move comment to license_noteBob Badour
Comments not preserved during refresh. Test: m nothing Change-Id: I1605091d7ca2cb9361a283e284f5f1ec3d5382a0
2022-02-11[automerger skipped] Empty merge of ↵Xin Li
sc-v2-dev-plus-aosp-without-vendor@8084891 am: 7451b68efb -s ours am: 4d8d60e05b -s ours am skip reason: Merged-In I29c05c0675fd55ca0e6c5a7beb23b92969330cb3 with SHA-1 0051d4eeb7 is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/external/fsverity-utils/+/16843627 Change-Id: I626329563d18d87f7a12ab8b5104301e278ca78a
2022-02-11[automerger skipped] Empty merge of ↵Xin Li
sc-v2-dev-plus-aosp-without-vendor@8084891 am: 7451b68efb -s ours am skip reason: Merged-In I29c05c0675fd55ca0e6c5a7beb23b92969330cb3 with SHA-1 0051d4eeb7 is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/external/fsverity-utils/+/16843627 Change-Id: I83d4960b0bbed41b24c87afe19179aea0f02478b
2022-02-11Empty merge of sc-v2-dev-plus-aosp-without-vendor@8084891Xin Li
Bug: 214455710 Merged-In: I29c05c0675fd55ca0e6c5a7beb23b92969330cb3 Change-Id: I82084ac80ab3ecd196c53a296a15d5ac644b1b08
2022-02-08Merge remote-tracking branch 'aosp/upstream-master' am: 58926f716c am: ↵Eric Biggers
7c6fce9125 am: 0685632d03 am: e483d62e0c Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1975207 Change-Id: I8f68e66e5e46d109f8645125235286972eec6348
2022-02-08Merge remote-tracking branch 'aosp/upstream-master' am: 58926f716c am: ↵Eric Biggers
7c6fce9125 am: 0685632d03 Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1975207 Change-Id: Ia48e67a902b162fe918601a73768f734e6c5573d
2022-02-08Merge remote-tracking branch 'aosp/upstream-master' am: 58926f716c am: ↵Eric Biggers
7c6fce9125 Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1975207 Change-Id: I06cce136b1b93938ca4f24c5f1e0020f784a4129
2022-02-08Merge remote-tracking branch 'aosp/upstream-master' am: 58926f716cEric Biggers
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1975207 Change-Id: I52c7b945d18b018baa4ce35dc760905f97a3766d
2022-02-07Merge remote-tracking branch 'aosp/upstream-master'android-t-preview-1android-s-v2-beta-3android-t-preview-1android-s-v2-beta-3Eric Biggers
Upgrade to fsverity-utils v1.5 so that AOSP is on a tagged release version. No significant changes since the last merge. * aosp/upstream-master: v1.5 NEWS.md: update for v1.5 scripts/do-release.sh: split into prepare and publish scripts/run-sparse.sh: fix to exclude boringssl directory Clarify the purpose of built-in signatures Makefile: fix a typo Add GitHub Actions support Support automatically building BoringSSL for testing run-tests.sh: make CFI test work on Ubuntu 20.04 run-tests.sh: allow running individual tests Test: mmm external/fsverity-utils Change-Id: Icdf6279c9bdaed4cc5a87aabaf444e5d179ff089
2022-02-06v1.5Eric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2022-02-06NEWS.md: update for v1.5Eric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2022-02-06scripts/do-release.sh: split into prepare and publishEric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2022-02-06scripts/run-sparse.sh: fix to exclude boringssl directoryEric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2022-01-18Clarify the purpose of built-in signaturesEric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2022-01-18Makefile: fix a typoEric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2022-01-05Merge remote-tracking branch 'aosp/upstream-master' am: b820c71271 am: ↵Colin Cross
456606b97f am: 2fc32129e9 am: 5f70389b90 Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1927574 Change-Id: Ifb82cf1a0a03fb4b2fe283cd213e615484621d88
2022-01-05Merge remote-tracking branch 'aosp/upstream-master' am: b820c71271 am: ↵Colin Cross
456606b97f am: 2fc32129e9 Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1927574 Change-Id: Iba777b5051df4a8bd085e18941d0b1cff4631b74
2022-01-05Merge remote-tracking branch 'aosp/upstream-master' am: b820c71271 am: ↵Colin Cross
456606b97f Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1927574 Change-Id: I2bcc38d0ee9c5c395c327a24d4a54fc225f4a31d
2022-01-05Merge remote-tracking branch 'aosp/upstream-master' am: b820c71271Colin Cross
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1927574 Change-Id: I790b8af173f67eb1af98454048f1d6880d0b7b56
2021-12-23Add GitHub Actions supportEric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2021-12-23Support automatically building BoringSSL for testingEric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2021-12-23run-tests.sh: make CFI test work on Ubuntu 20.04Eric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2021-12-23run-tests.sh: allow running individual testsEric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2021-12-20Merge remote-tracking branch 'aosp/upstream-master'Colin Cross
* aosp/upstream-master: lib: remove libfsverity_error_msg_errno() Makefile: use -Wno-deprecated-declarations to avoid OpenSSL 3.0 warnings scripts/run-tests.sh: test with OpenSSL 3.0 scripts/run-tests.sh: test with OpenSSL 1.0 Implement PKCS#11 opaque keys support through OpenSSL pkcs11 engine Bug: 190084016 Test: m libfsverity Test: m USE_HOST_MUSL=true libfsverity Change-Id: I0fc0239104b2738292a2672c85e3dac15eb80024
2021-12-18lib: remove libfsverity_error_msg_errno()Eric Biggers
This is currently unused, and it currently uses GNU strerror_r() which is non-portable (doesn't work with musl libc). Just remove it for now. Signed-off-by: Eric Biggers <ebiggers@google.com>
2021-11-30Make libfsverity available in recovery am: 0051d4eeb7 am: 04504dbf3d am: ↵Jeff Vander Stoep
c829e950b7 am: f7fa3c2426 Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1906290 Change-Id: Ib246e41009680e64f5a3c9e1fc6bd33bd7cdf217
2021-11-30Make libfsverity available in recovery am: 0051d4eeb7 am: 04504dbf3d am: ↵Jeff Vander Stoep
c829e950b7 Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1906290 Change-Id: I1e939a0b80820aa7c5cd154322dfc5f88f69d964
2021-11-30Make libfsverity available in recovery am: 0051d4eeb7 am: 04504dbf3dJeff Vander Stoep
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1906290 Change-Id: Ib0b1c4852780249189b55edaf7039204b84dbeb6
2021-11-30Make libfsverity available in recovery am: 0051d4eeb7Jeff Vander Stoep
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1906290 Change-Id: I4e96661f86f64ec47eca8923a4f685ab6548bb75
2021-11-30Make libfsverity available in recoveryJeff Vander Stoep
Bug: 199914227 Test: build Change-Id: I29c05c0675fd55ca0e6c5a7beb23b92969330cb3
2021-09-22Makefile: use -Wno-deprecated-declarations to avoid OpenSSL 3.0 warningsEric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2021-09-22scripts/run-tests.sh: test with OpenSSL 3.0Eric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2021-09-13scripts/run-tests.sh: test with OpenSSL 1.0Eric Biggers
Signed-off-by: Eric Biggers <ebiggers@google.com>
2021-09-13Implement PKCS#11 opaque keys support through OpenSSL pkcs11 engineAleksander Adamowski
PKCS#11 API allows us to use opaque keys confined in hardware security modules (HSMs) and similar hardware tokens without direct access to the key material, providing logical separation of the keys from the cryptographic operations performed using them. This commit allows using the popular libp11 pkcs11 module for the OpenSSL library with `fsverity` so that direct access to a private key file isn't necessary to sign files. The user needs to supply the path to the engine shared library (typically the libp11 shared object file) and the PKCS#11 module library (a shared object file specific to the given hardware token). The user may also supply a token-specific key identifier. Test evidence with a hardware PKCS#11 token: $ echo test > dummy $ ./fsverity sign dummy dummy.sig \ --pkcs11-engine=/usr/lib64/engines-1.1/libpkcs11.so \ --pkcs11-module=/usr/local/lib64/pkcs11_module.so \ --cert=test-pkcs11-cert.pem && echo OK; Signed file 'dummy' (sha256:c497326752e21b3992b57f7eff159102d474a97d972dc2c2d99d23e0f5fbdb65) OK Test evidence for regression check (checking that regular file-based key signing still works): $ ./fsverity sign dummy dummy.sig --key=key.pem --cert=cert.pem && \ echo OK; Signed file 'dummy' (sha256:c497326752e21b3992b57f7eff159102d474a97d972dc2c2d99d23e0f5fbdb65) OK Signed-off-by: Aleksander Adamowski <olo@fb.com> [EB: Avoided overloading the --key option and keyfile field, clarified the documentation, removed logic from cmd_sign.c that libfsverity already handles, and many other improvements.] Link: https://lore.kernel.org/r/20210909212731.1151190-1-olo@fb.com Signed-off-by: Eric Biggers <ebiggers@google.com>
2021-07-12Make fsverity_utils available to com.android.compos. am: daf3d3fc8d am: ↵Alan Stokes
487486c712 am: 293f2557ec am: 2646788639 Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1759569 Change-Id: I704a21d91e7ebc02729c63f7bd480983f44790a2
2021-07-12Make fsverity_utils available to com.android.compos. am: daf3d3fc8d am: ↵Alan Stokes
487486c712 am: 293f2557ec Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1759569 Change-Id: Ia8d6d05ab3ed843fae82c9ad2fe345a172a89974
2021-07-12Make fsverity_utils available to com.android.compos. am: daf3d3fc8d am: ↵android-s-v2-preview-1android-s-v2-preview-1Alan Stokes
487486c712 Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1759569 Change-Id: I12e3c47778343f13afcf6ccf080511e1ec9f4e23
2021-07-12Make fsverity_utils available to com.android.compos. am: daf3d3fc8dAlan Stokes
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1759569 Change-Id: I91405e95e3113bdd8835bd490af6781879615c1a
2021-07-09Make fsverity_utils available to com.android.compos.android-s-beta-5android-s-beta-4android-s-beta-3android-s-beta-5android-s-beta-4Alan Stokes
Bug: 190166662 Test: Client code builds. Change-Id: I6bd0ecbf04e3894c1971fb9288333f241e3bd873
2021-06-28Fix the METADATA file am: 3b72157b43 am: c45fa3e888 am: 7609ef88a5 am: ↵Eric Biggers
d78a28aac4 Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1747534 Change-Id: Ib4684d099fb90e32177e84d46fa04efe87f2b47d
2021-06-28Fix the METADATA file am: 3b72157b43 am: c45fa3e888 am: 7609ef88a5Eric Biggers
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1747534 Change-Id: If2401d1538378d49d503a93030c3a6fc4b5cfc6e
2021-06-28Fix the METADATA file am: 3b72157b43 am: c45fa3e888Eric Biggers
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1747534 Change-Id: I56ab5b52d8346f20de9526525e519cd648dcfc21
2021-06-28Fix the METADATA file am: 3b72157b43Eric Biggers
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1747534 Change-Id: Ifc62f161c9e09cb71a0e4938977271a242d27d8f
2021-06-24Fix the METADATA fileEric Biggers
I forgot to update 'version' and 'last_upgrade_date' when doing the upgrade to v1.4. Change-Id: I10cb5be8e087d684fc14d2779107c15970e4a3f7
2021-06-15Upgrade fsverity-utils to v1.4 am: 410ed4977f am: a58f0a3a9a am: b46b4d1286 ↵Eric Biggers
am: 176bee678c Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1736357 Change-Id: Icf15923d55708318afbe164747c62f5ba79c7e20
2021-06-15Upgrade fsverity-utils to v1.4 am: 410ed4977f am: a58f0a3a9a am: b46b4d1286Eric Biggers
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1736357 Change-Id: I46f454247a703f7026bb9b5254bfd818ecbbd70d
2021-06-15Upgrade fsverity-utils to v1.4 am: 410ed4977f am: a58f0a3a9aEric Biggers
Original change: https://android-review.googlesource.com/c/platform/external/fsverity-utils/+/1736357 Change-Id: I83912bac31fcc2f245f42c8073441d40a1d283e3
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-08 05:34:45 +0000