commit ac104e8990f3be3a3f111241e9328e7f98bfb912
author Alessandro Astone <ales.astone@gmail.com> Sun Dec 20 22:52:06 2020 +0100
committer Michael Bestas <mkbestas@lineageos.org> Tue Aug 23 01:24:13 2022 +0300
tree 734b27566a1695bb116c2c1828d37f214775a6d7
parent d682a97ec4ccb9a869d3688fe93fc33bdf578b16

Don't verify payload signatures in recovery

Change-Id: I0ce626ef993c2a7c87e03f705ef2e866a3391db1

payload_consumer/delta_performer.cc

diff --git a/payload_consumer/delta_performer.cc b/payload_consumer/delta_performer.cc
index fc8858f..f9379b1 100644
--- a/payload_consumer/delta_performer.cc
+++ b/payload_consumer/delta_performer.cc
@@ -359,12 +359,15 @@
     if (perform_verification) {
       return MetadataParseResult::kError;
     }
-  } else {
+  }
+#ifndef __ANDROID_RECOVERY__
+  else {
     // We have the full metadata in |payload|. Verify its integrity
     // and authenticity based on the information we have in Omaha response.
     *error = payload_metadata_.ValidateMetadataSignature(
         payload, payload_->metadata_signature, *payload_verifier);
   }
+#endif
   if (*error != ErrorCode::kSuccess) {
     if (install_plan_->hash_checks_mandatory) {
       // The autoupdate_CatchBadSignatures test checks for this string
@@ -1176,12 +1179,14 @@
   TEST_AND_RETURN_VAL(ErrorCode::kDownloadPayloadPubKeyVerificationError,
                       hash_data.size() == kSHA256Size);
 
+#ifndef __ANDROID_RECOVERY__
   if (!payload_verifier->VerifySignature(signatures_message_data_, hash_data)) {
     // The autoupdate_CatchBadSignatures test checks for this string
     // in log-files. Keep in sync.
     LOG(ERROR) << "Public key verification failed, thus update failed.";
     return ErrorCode::kDownloadPayloadPubKeyVerificationError;
   }
+#endif
 
   LOG(INFO) << "Payload hash matches value in payload.";
   return ErrorCode::kSuccess;