futility: show sha1sums for private keys too

Because all of our private key structs carry around the openssl
struct rsa_st data blobs, we can use those blobs to extract the
corresponding public key and generate a digest of it.

This lets us match our public and private keys without having to
rely on the filenames. There's no crypto verification without
actually *using* them, of course, but it's handy for quick reference.

BUG=chromium:231574
BRANCH=none
TEST=make runtests

This also adds a test to ensure that all the public and private
keys generated from the same .pem file have the same sha1sums.

Change-Id: If83492437e3ef37f7c4ebca4675336b75f631901
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/246768
Reviewed-by: Randall Spangler <rspangler@chromium.org>

5 files changed, 72 insertions, 4 deletions

diff --git a/futility/cmd_show.c b/futility/cmd_show.c
index f5f841c1..f4681f37 100644
--- a/futility/cmd_show.c
+++ b/futility/cmd_show.c
@@ -3,6 +3,10 @@
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  */
+
+#define OPENSSL_NO_SHA
+#include <openssl/rsa.h>
+
 #include <errno.h>
 #include <fcntl.h>
 #include <getopt.h>
@@ -109,15 +113,27 @@ int futil_cb_show_pubkey(struct futil_traverse_state_s *state)
 int futil_cb_show_privkey(struct futil_traverse_state_s *state)
 {
 	VbPrivateKey key;
-	int alg_okay;
+	const unsigned char *start;
+	int len, alg_okay;
 
 	key.algorithm = *(typeof(key.algorithm) *)state->my_area->buf;
+	start = state->my_area->buf + sizeof(key.algorithm);
+	len = state->my_area->len - sizeof(key.algorithm);
+	key.rsa_private_key = d2i_RSAPrivateKey(NULL, &start, len);
 
 	printf("Private Key file:      %s\n", state->in_filename);
 	printf("  Vboot API:           1.0\n");
 	alg_okay = key.algorithm < kNumAlgorithms;
 	printf("  Algorithm:           %" PRIu64 " %s\n", key.algorithm,
 	       alg_okay ? algo_strings[key.algorithm] : "(unknown)");
+	printf("  Key sha1sum:         ");
+	if (key.rsa_private_key) {
+		PrintPrivKeySha1Sum(&key);
+		RSA_free(key.rsa_private_key);
+	} else {
+		printf("<error>");
+	}
+	printf("\n");
 
 	if (alg_okay)
 		state->my_area->_flags |= AREA_IS_VALID;
diff --git a/futility/vb2_helper.c b/futility/vb2_helper.c
index 10aa6097..35541617 100644
--- a/futility/vb2_helper.c
+++ b/futility/vb2_helper.c
@@ -8,6 +8,7 @@
 #include "2common.h"
 #include "2guid.h"
 #include "2rsa.h"
+#include "util_misc.h"
 #include "vb2_common.h"
 #include "vb2_struct.h"
 
@@ -91,6 +92,25 @@ int futil_cb_show_vb2_pubkey(struct futil_traverse_state_s *state)
 	return 0;
 }
 
+static void vb2_print_private_key_sha1sum(struct vb2_private_key *key)
+{
+	uint8_t *buf, *digest;
+	uint32_t buflen;
+	int i;
+
+	if (vb_keyb_from_rsa(key->rsa_private_key, &buf, &buflen)) {
+		printf("<error>");
+		return;
+	}
+
+	digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM);
+	for (i = 0; i < SHA1_DIGEST_SIZE; i++)
+		printf("%02x", digest[i]);
+
+	free(digest);
+	free(buf);
+}
+
 int futil_cb_show_vb2_privkey(struct futil_traverse_state_s *state)
 {
 	struct vb2_private_key *key = 0;
@@ -118,7 +138,9 @@ int futil_cb_show_vb2_privkey(struct futil_traverse_state_s *state)
 	printf("  Hash Algorithm:      %d %s\n", key->hash_alg,
 	       entry ? entry->name : "(invalid)");
 	printf("  GUID:                %s\n", guid_str);
-
+	printf("  Key sha1sum:         ");
+	vb2_print_private_key_sha1sum(key);
+	printf("\n");
 
 	vb2_private_key_free(key);
 	return 0;
diff --git a/host/lib/include/util_misc.h b/host/lib/include/util_misc.h
index 0a6ed4c4..d5a08fe3 100644
--- a/host/lib/include/util_misc.h
+++ b/host/lib/include/util_misc.h
@@ -8,11 +8,15 @@
 #ifndef VBOOT_REFERENCE_UTIL_MISC_H_
 #define VBOOT_REFERENCE_UTIL_MISC_H_
 
+#include "host_key.h"
 #include "vboot_struct.h"
 struct rsa_st;
 
-/* Prints the sha1sum of the given VbPublicKey to stdout. */
-void PrintPubKeySha1Sum(VbPublicKey* key);
+/* Prints the sha1sum of a VbPublicKey to stdout. */
+void PrintPubKeySha1Sum(VbPublicKey *key);
+
+/* Prints the sha1sum of a VbPrivateKey to stdout. */
+void PrintPrivKeySha1Sum(VbPrivateKey *key);
 
 /*
  * Our packed RSBPublicKey buffer (historically in files ending with ".keyb",
diff --git a/host/lib/util_misc.c b/host/lib/util_misc.c
index d2c21f52..ecaf8ea3 100644
--- a/host/lib/util_misc.c
+++ b/host/lib/util_misc.c
@@ -29,6 +29,25 @@ void PrintPubKeySha1Sum(VbPublicKey *key)
 	free(digest);
 }
 
+void PrintPrivKeySha1Sum(VbPrivateKey *key)
+{
+	uint8_t *buf, *digest;
+	uint32_t buflen;
+	int i;
+
+	if (vb_keyb_from_rsa(key->rsa_private_key, &buf, &buflen)) {
+		printf("<error>");
+		return;
+	}
+
+	digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM);
+	for (i = 0; i < SHA1_DIGEST_SIZE; i++)
+		printf("%02x", digest[i]);
+
+	free(digest);
+	free(buf);
+}
+
 int vb_keyb_from_rsa(struct rsa_st *rsa_private_key,
 		     uint8_t **keyb_data, uint32_t *keyb_size)
 {
diff --git a/tests/futility/test_create.sh b/tests/futility/test_create.sh
index e1d8d334..3c1d38e2 100755
--- a/tests/futility/test_create.sh
+++ b/tests/futility/test_create.sh
@@ -34,6 +34,13 @@ for sig in rsa1024 rsa2048 rsa4096 rsa8192; do
   done
 done
 
+# Demonstrate that the sha1sums are the same for all the keys created from the
+# same .pem files, both public and private, vb1 and vb21.
+for sig in rsa1024 rsa2048 rsa4096 rsa8192; do
+  num=$(${FUTILITY} show ${TMP}_key_${sig}.* | grep sha1sum | uniq | wc -l)
+  [ "$num" -eq "1" ]
+done
+
 # cleanup
 rm -rf ${TMP}*
 exit 0