diff options
| author | Bill Richardson <wfrichar@chromium.org> | 2014-08-27 15:37:47 -0700 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-11-06 01:14:49 +0000 |
| commit | 6fb3a9645e584cdf6ff5e2739d8ac94d5f2ea38d (patch) | |
| tree | 881e952ba641c00773aadb2e835886842affed68 | |
| parent | e16cf8657ab8780bb5c01c605171fe964e00fcbb (diff) | |
| download | vboot-6fb3a9645e584cdf6ff5e2739d8ac94d5f2ea38d.tar.gz | |
futility: add separate check function for VPbublicKey
Provide a PublicKeyLooksOkay() function to sanity-check VbPublicKey structs.
This was just part of PublicKeyRead(), but I want to separate the reading
from the checking.
BUG=chromium:224734
BRANCH=ToT
TEST=make runtests
Change-Id: I1dd808e623e2a7fdc2789e02305619111a7b01e6
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/214621
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/227855
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org>
| -rw-r--r-- | host/lib/host_key.c | 56 | ||||
| -rw-r--r-- | host/lib/include/host_key.h | 2 |
2 files changed, 33 insertions, 25 deletions
diff --git a/host/lib/host_key.c b/host/lib/host_key.c index e2736f95..c9efa85c 100644 --- a/host/lib/host_key.c +++ b/host/lib/host_key.c @@ -201,39 +201,45 @@ VbPublicKey* PublicKeyReadKeyb(const char* filename, uint64_t algorithm, } +int PublicKeyLooksOkay(VbPublicKey *key, uint64_t file_size) +{ + uint64_t key_size; + + /* Sanity-check key data */ + if (0 != VerifyPublicKeyInside(key, file_size, key)) { + VBDEBUG(("PublicKeyRead() not a VbPublicKey\n")); + return 0; + } + if (key->algorithm >= kNumAlgorithms) { + VBDEBUG(("PublicKeyRead() invalid algorithm\n")); + return 0; + } + if (key->key_version > 0xFFFF) { + VBDEBUG(("PublicKeyRead() invalid version\n")); + return 0; /* Currently, TPM only supports 16-bit version */ + } + if (!RSAProcessedKeySize(key->algorithm, &key_size) || + key_size != key->key_size) { + VBDEBUG(("PublicKeyRead() wrong key size for algorithm\n")); + return 0; + } + + /* Success */ + return 1; +} + + + VbPublicKey* PublicKeyRead(const char* filename) { VbPublicKey* key; uint64_t file_size; - uint64_t key_size; key = (VbPublicKey*)ReadFile(filename, &file_size); if (!key) return NULL; - do { - /* Sanity-check key data */ - if (0 != VerifyPublicKeyInside(key, file_size, key)) { - VBDEBUG(("PublicKeyRead() not a VbPublicKey\n")); - break; - } - if (key->algorithm >= kNumAlgorithms) { - VBDEBUG(("PublicKeyRead() invalid algorithm\n")); - break; - } - if (key->key_version > 0xFFFF) { - VBDEBUG(("PublicKeyRead() invalid version\n")); - break; /* Currently, TPM only supports 16-bit version */ - } - if (!RSAProcessedKeySize(key->algorithm, &key_size) || - key_size != key->key_size) { - VBDEBUG(("PublicKeyRead() wrong key size for algorithm\n")); - break; - } - - /* Success */ - return key; - - } while(0); + if (PublicKeyLooksOkay(key, file_size)) + return key; /* Error */ free(key); diff --git a/host/lib/include/host_key.h b/host/lib/include/host_key.h index 018c25d3..85aef244 100644 --- a/host/lib/include/host_key.h +++ b/host/lib/include/host_key.h @@ -52,6 +52,8 @@ VbPublicKey* PublicKeyAlloc(uint64_t key_size, uint64_t algorithm, * Returns NULL if error. */ VbPublicKey* PublicKeyRead(const char* filename); +/* Return true if the public key struct appears correct. */ +int PublicKeyLooksOkay(VbPublicKey *key, uint64_t file_size); /* Read a public key from a .keyb file. Caller owns the returned * pointer, and must free it with Free(). |