- compare against new byte[] array as a quick tell, since when streaming from a partition with an unsigned image "signature" would of course read without issue but then remain filled by zero padding, resulting in the following:
java.io.IOException: unexpected end-of-contents marker
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source:14)
at com.topjohnwu.signing.SignBoot$BootSignature.<init>(SignBoot.java:235)
at com.topjohnwu.signing.SignBoot.verifySignature(SignBoot.java:144)
at com.topjohnwu.signing.BootSigner.main(BootSigner.java:15)
at a.a.main(a.java:20)
- `!= remain` shouldn't indicate "not signed", it should indicate a read error as with `!= hdr.length`
- attempt to catch unsigned images at signature read, before they make it to `BootSignature bootsig = new BootSignature(signature);` and result in the following:
java.io.IOException: unexpected end-of-contents marker
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source:14)
at com.topjohnwu.signing.SignBoot$BootSignature.<init>(SignBoot.java:230)
at com.topjohnwu.signing.SignBoot.verifySignature(SignBoot.java:139)
at com.topjohnwu.signing.BootSigner.main(BootSigner.java:15)
at a.a.main(a.java:20)
- increase SignBoot bootimg header version maximum from 4 to 8 (upstream AOSP is already at 3) and make a variable for future ease
- hdr read size of 1024 bytes was too small as hdr_v1 and hdr_v2 have increased the used header page areas to 1632 and 1648 bytes, respectively, so raise this to the minimum page size of 2048 and also make a variable for future ease
- do not return "not signed" for all caught exceptions, show StackTrace for future debugging then still return false for script purposes
- correct "test keys" boot image signing strings (scripts and app) to "verity keys"
"Allow recovery-dtbo in recovery.img to be signed" by Hridya Valsaraju:
9bb9f8f857
"boot_signer should support boot header version 2" by Hridya Valsaraju
590e58454d
