diff options
author | Nicolas Boichat <drinkcat@google.com> | 2017-03-02 21:54:29 -0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-03-16 11:25:47 -0700 |
commit | 114ac2079ed5fafc8deb9cbf58b5af01e74432b1 (patch) | |
tree | 401b63b547037efce3515aac15c24a8ebc70edc1 | |
parent | e0a3f85a46b50bfc0197a75e800eec0ae893e466 (diff) | |
download | vboot-114ac2079ed5fafc8deb9cbf58b5af01e74432b1.tar.gz |
vbutil_keyblock: Force checking the signature if signpubkey is provided
Previously, futility vbutil_keyblock --unpack would just ignore the error
if the keyblock was not signed (but a signing public key was provided).
This fix would have caught the regression introduced by
939cc3a "futility: Use only vboot 2.0 APIs for keyblocks"
BUG=chromium:611535
BRANCH=none
TEST=make runtests on m/master => fails
TEST=make runtests with CL:448399 => succeeds
Change-Id: Id7f0a248863aae2f41c2fa46fbb8a37848e707a9
Reviewed-on: https://chromium-review.googlesource.com/449058
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
-rw-r--r-- | futility/cmd_vbutil_keyblock.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/futility/cmd_vbutil_keyblock.c b/futility/cmd_vbutil_keyblock.c index f79b8ea8..61053497 100644 --- a/futility/cmd_vbutil_keyblock.c +++ b/futility/cmd_vbutil_keyblock.c @@ -175,11 +175,18 @@ static int Unpack(const char *infile, const char *datapubkey, return 1; } - /* If the block is signed, then verify it with the signing public key, - * since vb2_read_keyblock() only verified the hash. */ - if (block->keyblock_signature.sig_size && signpubkey) { + /* If the signing public key is provided, then verify the block + * signature, since vb2_read_keyblock() only verified the hash. */ + if (signpubkey) { static uint8_t workbuf[VB2_WORKBUF_RECOMMENDED_SIZE]; static struct vb2_workbuf wb; + + if (block->keyblock_signature.sig_size == 0) { + fprintf(stderr, + "vbutil_keyblock: signpubkey provided but keyblock is not signed.\n"); + return 1; + } + vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); sign_key = vb2_read_packed_key(signpubkey); |