From f3d93e18ceb3a4528ea930346533c08487ca3e16 Mon Sep 17 00:00:00 2001
From: bigbiff <bigbiff@teamw.in>
Date: Sun, 4 Jul 2021 11:44:32 -0400
Subject: [PATCH] zip signature: update code to aosp11

Change-Id: I13b46d8092a75517fc83baf6c2dc83b8a68fdd5c
---
 twrpinstall/verifier.cpp | 86 +++-------------------------------------
 1 file changed, 5 insertions(+), 81 deletions(-)

diff --git a/twrpinstall/verifier.cpp b/twrpinstall/verifier.cpp
index 0fc25349..1fa8279a 100755
--- a/twrpinstall/verifier.cpp
+++ b/twrpinstall/verifier.cpp
@@ -110,8 +110,7 @@ static bool read_pkcs7(const uint8_t* pkcs7_der, size_t pkcs7_der_len,
   return true;
 }
 
-int verify_file(VerifierInterface* package, const std::vector<Certificate>& keys,
-  const std::function<void(float)>& set_progress) {
+int verify_file(VerifierInterface* package, const std::vector<Certificate>& keys, const std::function<void(float)>& set_progress) {
   CHECK(package);
   package->SetProgress(0.0);
 
@@ -317,83 +316,9 @@ int verify_file(VerifierInterface* package, const std::vector<Certificate>& keys
   return VERIFY_FAILURE;
 }
 
-std::unique_ptr<RSA, RSADeleter> parse_rsa_key(FILE* file, uint32_t exponent) {
-    // Read key length in words and n0inv. n0inv is a precomputed montgomery
-    // parameter derived from the modulus and can be used to speed up
-    // verification. n0inv is 32 bits wide here, assuming the verification logic
-    // uses 32 bit arithmetic. However, BoringSSL may use a word size of 64 bits
-    // internally, in which case we don't have a valid n0inv. Thus, we just
-    // ignore the montgomery parameters and have BoringSSL recompute them
-    // internally. If/When the speedup from using the montgomery parameters
-    // becomes relevant, we can add more sophisticated code here to obtain a
-    // 64-bit n0inv and initialize the montgomery parameters in the key object.
-    uint32_t key_len_words = 0;
-    uint32_t n0inv = 0;
-    if (fscanf(file, " %i , 0x%x", &key_len_words, &n0inv) != 2) {
-        return nullptr;
-    }
-
-    if (key_len_words > 8192 / 32) {
-        LOG(ERROR) << "key length (" << key_len_words << ") too large";
-        return nullptr;
-    }
-
-    // Read the modulus.
-    std::unique_ptr<uint32_t[]> modulus(new uint32_t[key_len_words]);
-    if (fscanf(file, " , { %u", &modulus[0]) != 1) {
-        return nullptr;
-    }
-    for (uint32_t i = 1; i < key_len_words; ++i) {
-        if (fscanf(file, " , %u", &modulus[i]) != 1) {
-            return nullptr;
-        }
-    }
-
-    // Cconvert from little-endian array of little-endian words to big-endian
-    // byte array suitable as input for BN_bin2bn.
-    std::reverse((uint8_t*)modulus.get(),
-                 (uint8_t*)(modulus.get() + key_len_words));
-
-    // The next sequence of values is the montgomery parameter R^2. Since we
-    // generally don't have a valid |n0inv|, we ignore this (see comment above).
-    uint32_t rr_value;
-    if (fscanf(file, " } , { %u", &rr_value) != 1) {
-        return nullptr;
-    }
-    for (uint32_t i = 1; i < key_len_words; ++i) {
-        if (fscanf(file, " , %u", &rr_value) != 1) {
-            return nullptr;
-        }
-    }
-    if (fscanf(file, " } } ") != 0) {
-        return nullptr;
-    }
-
-    // Initialize the key.
-    std::unique_ptr<RSA, RSADeleter> key(RSA_new());
-    if (!key) {
-      return nullptr;
-    }
-
-    key->n = BN_bin2bn((uint8_t*)modulus.get(),
-                       key_len_words * sizeof(uint32_t), NULL);
-    if (!key->n) {
-      return nullptr;
-    }
-
-    key->e = BN_new();
-    if (!key->e || !BN_set_word(key->e, exponent)) {
-      return nullptr;
-    }
-
-    return key;
-}
-
-
 static std::vector<Certificate> IterateZipEntriesAndSearchForKeys(const ZipArchiveHandle& handle) {
   void* cookie;
-  std::string suffix("x509.pem");
-  int32_t iter_status = StartIteration(handle, &cookie, nullptr, suffix);
+  int32_t iter_status = StartIteration(handle, &cookie, "", "x509.pem");
   if (iter_status != 0) {
     LOG(ERROR) << "Failed to iterate over entries in the certificate zipfile: "
                << ErrorCodeString(iter_status);
@@ -402,22 +327,21 @@ static std::vector<Certificate> IterateZipEntriesAndSearchForKeys(const ZipArchi
 
   std::vector<Certificate> result;
 
-  std::string name;
+  std::string_view name;
   ZipEntry entry;
   while ((iter_status = Next(cookie, &entry, &name)) == 0) {
     std::vector<uint8_t> pem_content(entry.uncompressed_length);
     if (int32_t extract_status =
             ExtractToMemory(handle, &entry, pem_content.data(), pem_content.size());
         extract_status != 0) {
-      LOG(ERROR) << "Failed to extract " << std::string(name.c_str(), name.c_str() + name.size());
+      LOG(ERROR) << "Failed to extract " << name;
       return {};
     }
 
     Certificate cert(0, Certificate::KEY_TYPE_RSA, nullptr, nullptr);
     // Aborts the parsing if we fail to load one of the key file.
     if (!LoadCertificateFromBuffer(pem_content, &cert)) {
-      LOG(ERROR) << "Failed to load keys from "
-                 << std::string(name.c_str(), name.c_str() + name.size());
+      LOG(ERROR) << "Failed to load keys from " << name;
       return {};
     }