commit 855fecc6dafe7c96fb80b5e66faa76a8774f10e6
author Alessandro Astone <ales.astone@gmail.com> Sun Dec 20 22:52:06 2020 +0100
committer Jackeagle <jackeagle102@gmail.com> Thu Dec 23 14:23:31 2021 +0100
tree a8269ac8f47ecf317b0446375c286106cd968c6d
parent cc3e5c297a9d00589b4f290aa76472ae43bc30e3

Don't verify payload signatures in recovery

Change-Id: I0ce626ef993c2a7c87e03f705ef2e866a3391db1

payload_consumer/delta_performer.cc

diff --git a/payload_consumer/delta_performer.cc b/payload_consumer/delta_performer.cc
index a57169b..7acedaf 100644
--- a/payload_consumer/delta_performer.cc
+++ b/payload_consumer/delta_performer.cc
@@ -361,12 +361,15 @@
     if (perform_verification) {
       return MetadataParseResult::kError;
     }
-  } else {
+  }
+#ifndef __ANDROID_RECOVERY__
+  else {
     // We have the full metadata in |payload|. Verify its integrity
     // and authenticity based on the information we have in Omaha response.
     *error = payload_metadata_.ValidateMetadataSignature(
         payload, payload_->metadata_signature, *payload_verifier);
   }
+#endif
   if (*error != ErrorCode::kSuccess) {
     if (install_plan_->hash_checks_mandatory) {
       // The autoupdate_CatchBadSignatures test checks for this string
@@ -1297,12 +1300,14 @@
   TEST_AND_RETURN_VAL(ErrorCode::kDownloadPayloadPubKeyVerificationError,
                       hash_data.size() == kSHA256Size);
 
+#ifndef __ANDROID_RECOVERY__
   if (!payload_verifier->VerifySignature(signatures_message_data_, hash_data)) {
     // The autoupdate_CatchBadSignatures test checks for this string
     // in log-files. Keep in sync.
     LOG(ERROR) << "Public key verification failed, thus update failed.";
     return ErrorCode::kDownloadPayloadPubKeyVerificationError;
   }
+#endif
 
   LOG(INFO) << "Payload hash matches value in payload.";
   return ErrorCode::kSuccess;