diff options
author | Daisuke Nojiri <dnojiri@chromium.org> | 2016-10-04 09:48:18 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2016-10-19 11:38:50 -0700 |
commit | 77d9dd0dd58d2cac1ea6aa8873491afcf2441945 (patch) | |
tree | aedc83aff64e8f8dd804a99183edad775f408f62 | |
parent | 1fd0b10f791f045fdf61195f9769d9c637137113 (diff) | |
download | vboot-77d9dd0dd58d2cac1ea6aa8873491afcf2441945.tar.gz |
bdb: Add --data_version to futility-bdb --resign
This change makes futility-bdb command take --data_version parameter.
BUG=chromium:649554
BRANCH=none
TEST=make runtests
$ futility bdb --resign test/futility/data/bin.bdb --data_version 2
then futility show --type bdb test/futility/data/bin.bdb
Change-Id: I567d5879555f4ae7382fc47ef79135e7a13b7600
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/399593
Commit-Ready: Daisuke Nojiri <dnojiri@google.com>
Tested-by: Daisuke Nojiri <dnojiri@google.com>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
-rw-r--r-- | futility/cmd_bdb.c | 23 | ||||
-rwxr-xr-x | tests/futility/test_bdb.sh | 19 |
2 files changed, 38 insertions, 4 deletions
diff --git a/futility/cmd_bdb.c b/futility/cmd_bdb.c index c37ff1b0..d3c06728 100644 --- a/futility/cmd_bdb.c +++ b/futility/cmd_bdb.c @@ -33,9 +33,10 @@ enum { OPT_DATAKEY_PUB, OPT_DATA, OPT_KEY_DIGEST, - /* key version */ + /* versions */ OPT_BDBKEY_VERSION, OPT_DATAKEY_VERSION, + OPT_DATA_VERSION, /* integer options */ OPT_OFFSET, OPT_PARTITION, @@ -58,6 +59,7 @@ static const struct option long_opts[] = { {"datakey_pub", 1, 0, OPT_DATAKEY_PUB}, {"bdbkey_version", 1, 0, OPT_BDBKEY_VERSION}, {"datakey_version", 1, 0, OPT_DATAKEY_VERSION}, + {"data_version", 1, 0, OPT_DATA_VERSION}, {"data", 1, 0, OPT_DATA}, {"key_digest", 1, 0, OPT_KEY_DIGEST}, {"offset", 1, 0, OPT_OFFSET}, @@ -319,7 +321,8 @@ static int do_resign(const char *bdb_filename, uint32_t bdbkey_version, const char *datakey_pri_filename, const char *datakey_pub_filename, - uint32_t datakey_version) + uint32_t datakey_version, + uint32_t data_version) { uint8_t *bdb = NULL; struct rsa_st *bdbkey_pri = NULL; @@ -339,6 +342,11 @@ static int do_resign(const char *bdb_filename, goto exit; } + if (data_version != -1) { + struct bdb_data *data = (struct bdb_data *)bdb_get_data(bdb); + data->data_version = data_version; + } + if (bdbkey_pub_filename) { struct bdb_key *key = bdb_create_key(bdbkey_pub_filename, bdbkey_version, NULL); @@ -528,6 +536,7 @@ static void print_help(int argc, char *argv[]) " --bdbkey_pub <file> New BDB key in .keyb format\n" " --datakey_pri <file> New data key in .pem format\n" " --datakey_pub <file> New data key in .keyb format\n" + " --data_version <number> Data version\n" "\n" "For '--verify <bdb_file> [OPTIONS]', optional OPTIONS are:\n" " --key_digest <file> BDB key digest\n" @@ -548,6 +557,7 @@ static int do_bdb(int argc, char *argv[]) const char *key_digest_filename = NULL; uint32_t bdbkey_version = 0; uint32_t datakey_version = 0; + uint32_t data_version = -1; uint64_t offset = 0; uint8_t partition = 0; uint8_t type = 0; @@ -615,6 +625,13 @@ static int do_bdb(int argc, char *argv[]) parse_error = 1; } break; + case OPT_DATA_VERSION: + data_version = strtoul(optarg, &e, 0); + if (!*optarg || (e && *e)) { + fprintf(stderr, "Invalid --data_version\n"); + parse_error = 1; + } + break; case OPT_OFFSET: offset = strtoul(optarg, &e, 0); if (!*optarg || (e && *e)) { @@ -674,7 +691,7 @@ static int do_bdb(int argc, char *argv[]) return do_resign(bdb_filename, bdbkey_pri_filename, bdbkey_pub_filename, bdbkey_version, datakey_pri_filename, datakey_pub_filename, - datakey_version); + datakey_version, data_version); case OPT_MODE_VERIFY: return do_verify(bdb_filename, key_digest_filename, ignore_key_digest); diff --git a/tests/futility/test_bdb.sh b/tests/futility/test_bdb.sh index 90151b45..eef1a98c 100755 --- a/tests/futility/test_bdb.sh +++ b/tests/futility/test_bdb.sh @@ -40,6 +40,20 @@ get_num_hash() { | grep '# of Hashes' | cut -d':' -f 2) } +# Tests field matches a specified value in a BDB +# e.g. check_field 'Data Version:' 2 returns error if the data version isn't 2. +check_field() { + # Find the field + x=$(${FUTILITY} show ${BDB_FILE} | grep "${1}") + [ "${x}" ] || return 1 + # Remove the field name + x=${x##*:} + [ "${x}" ] || return 1 + # Remove the leading and trailing spaces + x=${x//[[:blank:]]/} + [ "${x}" == "${2}" ] || return 1 +} + # Demonstrate bdb --create can create a valid BDB ${FUTILITY} bdb --create ${BDB_FILE} \ --bdbkey_pri ${BDBKEY_PRI} --bdbkey_pub ${BDBKEY_PUB} \ @@ -56,8 +70,11 @@ num_hash+=1 # TODO: verify partition, type, offset, and load_address # Demonstrate futility bdb --resign can resign the BDB -${FUTILITY} bdb --resign ${BDB_FILE} --datakey_pri ${DATAKEY_PRI} +data_version=2 +${FUTILITY} bdb --resign ${BDB_FILE} --datakey_pri ${DATAKEY_PRI} \ + --data_version $data_version verify +check_field "Data Version:" $data_version # Demonstrate futility bdb --resign can resign with a new data key # Note resigning with a new data key requires a private BDB key as well |