verify whole-file signature instead of jarsigner signatures
In recovery, verify a signature that covers the entire zip file,
instead of using the jarsigner format to verify individual files.
Bug: 1328985
diff --git a/verifier.h b/verifier.h
index d784dce..1bdfca6 100644
--- a/verifier.h
+++ b/verifier.h
@@ -17,14 +17,14 @@
#ifndef _RECOVERY_VERIFIER_H
#define _RECOVERY_VERIFIER_H
-#include "minzip/Zip.h"
#include "mincrypt/rsa.h"
-/*
- * Check the digital signature (as applied by jarsigner) on a Zip archive.
- * Every file in the archive must be signed by one of the supplied RSA keys.
+/* Look in the file for a signature footer, and verify that it
+ * matches one of the given keys. Return one of the constants below.
*/
-bool verify_jar_signature(const ZipArchive *pArchive,
- const RSAPublicKey *pKeys, int numKeys);
+int verify_file(const char* path, const RSAPublicKey *pKeys, unsigned int numKeys);
+
+#define VERIFY_SUCCESS 0
+#define VERIFY_FAILURE 1
#endif /* _RECOVERY_VERIFIER_H */