verify whole-file signature instead of jarsigner signatures

In recovery, verify a signature that covers the entire zip file,
instead of using the jarsigner format to verify individual files.

Bug: 1328985
diff --git a/install.c b/install.c
index 2c557ea..7710cec 100644
--- a/install.c
+++ b/install.c
@@ -234,20 +234,8 @@
 }
 
 static int
-handle_update_package(const char *path, ZipArchive *zip,
-                      const RSAPublicKey *keys, int numKeys)
+handle_update_package(const char *path, ZipArchive *zip)
 {
-    // Give verification half the progress bar...
-    ui_print("Verifying update package...\n");
-    ui_show_progress(
-            VERIFICATION_PROGRESS_FRACTION,
-            VERIFICATION_PROGRESS_TIME);
-
-    if (!verify_jar_signature(zip, keys, numKeys)) {
-        LOGE("Verification failed\n");
-        return INSTALL_CORRUPT;
-    }
-
     // Update should take the rest of the progress bar.
     ui_print("Installing update...\n");
 
@@ -360,10 +348,25 @@
     }
     LOGI("%d key(s) loaded from %s\n", numKeys, PUBLIC_KEYS_FILE);
 
+    // Give verification half the progress bar...
+    ui_print("Verifying update package...\n");
+    ui_show_progress(
+            VERIFICATION_PROGRESS_FRACTION,
+            VERIFICATION_PROGRESS_TIME);
+
+    int err;
+    err = verify_file(path, loadedKeys, numKeys);
+    free(loadedKeys);
+    LOGI("verify_file returned %d\n", err);
+    if (err != VERIFY_SUCCESS) {
+        LOGE("signature verification failed\n");
+        return INSTALL_CORRUPT;
+    }
+
     /* Try to open the package.
      */
     ZipArchive zip;
-    int err = mzOpenZipArchive(path, &zip);
+    err = mzOpenZipArchive(path, &zip);
     if (err != 0) {
         LOGE("Can't open %s\n(%s)\n", path, err != -1 ? strerror(err) : "bad");
         return INSTALL_CORRUPT;
@@ -371,8 +374,7 @@
 
     /* Verify and install the contents of the package.
      */
-    int status = handle_update_package(path, &zip, loadedKeys, numKeys);
+    int status = handle_update_package(path, &zip);
     mzCloseZipArchive(&zip);
-    free(loadedKeys);
     return status;
 }