diff options
| author | Daisuke Nojiri <dnojiri@chromium.org> | 2016-05-03 16:46:55 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-05-04 11:34:09 -0700 |
| commit | 8fc5916c7f66627be26203aa4f0d800a266b4b4b (patch) | |
| tree | 546d75085c15269376b248f1e9b9f3c3c1f04e36 | |
| parent | edc3c8e4409bd9bd5cccac8a2fe48ddd5927fa6a (diff) | |
| download | vboot-stabilize-8282.B.tar.gz | |
bdb: Rename subkey to datakeystabilize-8282.Bfirmware-gale-8281.B
This patch replaces subkey with datakey to make name use consistent
with the design document.
BUG=chrome-os-partner:51908
BRANCH=tot
TEST=make runtests
Change-Id: I3690abd51e6c18c5a1094a8449f375d803c7e0b2
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/342199
Reviewed-by: Randall Spangler <rspangler@chromium.org>
| -rw-r--r-- | firmware/bdb/bdb.c | 18 | ||||
| -rw-r--r-- | firmware/bdb/bdb.h | 8 | ||||
| -rw-r--r-- | firmware/bdb/bdb_struct.h | 2 | ||||
| -rw-r--r-- | firmware/bdb/host.c | 16 | ||||
| -rw-r--r-- | firmware/bdb/host.h | 18 | ||||
| -rw-r--r-- | tests/bdb_test.c | 26 | ||||
| -rw-r--r-- | tests/testkeys/datakey.crt (renamed from tests/testkeys/subkey.crt) | 0 | ||||
| -rw-r--r-- | tests/testkeys/datakey.keyb (renamed from tests/testkeys/subkey.keyb) | bin | 776 -> 776 bytes | |||
| -rw-r--r-- | tests/testkeys/datakey.pem (renamed from tests/testkeys/subkey.pem) | 0 |
9 files changed, 44 insertions, 44 deletions
diff --git a/firmware/bdb/bdb.c b/firmware/bdb/bdb.c index abcc0b59..663b43ff 100644 --- a/firmware/bdb/bdb.c +++ b/firmware/bdb/bdb.c @@ -214,12 +214,12 @@ const void *bdb_get_oem_area_0(const void *buf) return b8 + k->struct_size; } -const struct bdb_key *bdb_get_subkey(const void *buf) +const struct bdb_key *bdb_get_datakey(const void *buf) { const struct bdb_header *h = bdb_get_header(buf); const uint8_t *b8 = bdb_get_oem_area_0(buf); - /* Subkey follows OEM area 0 */ + /* datakey follows OEM area 0 */ return (const struct bdb_key *)(b8 + h->oem_area_0_size); } @@ -313,7 +313,7 @@ int bdb_verify(const void *buf, size_t size, const uint8_t *bdb_key_digest) { const uint8_t *end = (const uint8_t *)buf + size; const struct bdb_header *h; - const struct bdb_key *bdbkey, *subkey; + const struct bdb_key *bdbkey, *datakey; const struct bdb_sig *sig; const struct bdb_data *data; const void *oem; @@ -349,13 +349,13 @@ int bdb_verify(const void *buf, size_t size, const uint8_t *bdb_key_digest) if (h->oem_area_0_size > end - (const uint8_t *)oem) return BDB_ERROR_OEM_AREA_0; - /* Sanity-check subkey */ - subkey = bdb_get_subkey(buf); - if (bdb_check_key(subkey, end - (const uint8_t *)subkey)) - return BDB_ERROR_SUBKEY; + /* Sanity-check datakey */ + datakey = bdb_get_datakey(buf); + if (bdb_check_key(datakey, end - (const uint8_t *)datakey)) + return BDB_ERROR_DATAKEY; /* Make sure enough data was signed, and the signed data fits */ - if (h->oem_area_0_size + subkey->struct_size > h->signed_size || + if (h->oem_area_0_size + datakey->struct_size > h->signed_size || h->signed_size > end - (const uint8_t *)oem) return BDB_ERROR_BDB_SIGNED_SIZE; @@ -394,7 +394,7 @@ int bdb_verify(const void *buf, size_t size, const uint8_t *bdb_key_digest) if (vb2_digest_buffer((uint8_t *)data, data->signed_size, VB2_HASH_SHA256, digest, BDB_SHA256_DIGEST_SIZE)) return BDB_ERROR_DIGEST; - if (bdb_verify_sig(subkey, sig, digest)) + if (bdb_verify_sig(datakey, sig, digest)) return BDB_ERROR_DATA_SIG; /* Return success or success-other-than-BDB-key-mismatch */ diff --git a/firmware/bdb/bdb.h b/firmware/bdb/bdb.h index 177deeae..91834913 100644 --- a/firmware/bdb/bdb.h +++ b/firmware/bdb/bdb.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2015 The Chromium OS Authors. All rights reserved. +/* Copyright 2015 The Chromium OS Authors. All rights reserved. * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. * @@ -21,7 +21,7 @@ bdb_check_header(buf, size); Load and verify the entire BDB bdb_verify(buf, size, bdb_key_hash, dev_mode_flag); -Check RW subkey version. If normal boot from primary BDB, roll forward +Check RW datakey version. If normal boot from primary BDB, roll forward Check data version. If normal boot from primary BDB, roll forward */ @@ -59,7 +59,7 @@ enum bdb_return_code { BDB_ERROR_HEADER, BDB_ERROR_BDBKEY, BDB_ERROR_OEM_AREA_0, - BDB_ERROR_SUBKEY, + BDB_ERROR_DATAKEY, BDB_ERROR_BDB_SIGNED_SIZE, BDB_ERROR_HEADER_SIG, BDB_ERROR_DATA, @@ -115,7 +115,7 @@ int bdb_verify(const void *buf, size_t size, const uint8_t *bdb_key_digest); const struct bdb_header *bdb_get_header(const void *buf); const struct bdb_key *bdb_get_bdbkey(const void *buf); const void *bdb_get_oem_area_0(const void *buf); -const struct bdb_key *bdb_get_subkey(const void *buf); +const struct bdb_key *bdb_get_datakey(const void *buf); const struct bdb_sig *bdb_get_header_sig(const void *buf); const struct bdb_data *bdb_get_data(const void *buf); const void *bdb_get_oem_area_1(const void *buf); diff --git a/firmware/bdb/bdb_struct.h b/firmware/bdb/bdb_struct.h index f8d2b321..fbb0c2e1 100644 --- a/firmware/bdb/bdb_struct.h +++ b/firmware/bdb/bdb_struct.h @@ -214,7 +214,7 @@ struct bdb_data { /* Reserved; set 0 */ uint8_t reserved0[2]; - /* Number of bytes of data signed by the subkey, including this + /* Number of bytes of data signed by the datakey, including this * header */ uint32_t signed_size; diff --git a/firmware/bdb/host.c b/firmware/bdb/host.c index f6431f2e..68a62803 100644 --- a/firmware/bdb/host.c +++ b/firmware/bdb/host.c @@ -253,7 +253,7 @@ struct bdb_header *bdb_create(struct bdb_create_params *p) bdb_size = sizeof(struct bdb_header); bdb_size += p->bdbkey->struct_size; bdb_size += p->oem_area_0_size; - bdb_size += p->subkey->struct_size; + bdb_size += p->datakey->struct_size; bdb_size += sig_size; bdb_size += sizeof(struct bdb_data); bdb_size += p->oem_area_1_size; @@ -281,7 +281,7 @@ struct bdb_header *bdb_create(struct bdb_create_params *p) h->struct_size = sizeof(*h); h->bdb_load_address = p->bdb_load_address; h->bdb_size = bdb_size; - h->signed_size = p->oem_area_0_size + p->subkey->struct_size; + h->signed_size = p->oem_area_0_size + p->datakey->struct_size; h->oem_area_0_size = p->oem_area_0_size; bnext += h->struct_size; @@ -296,9 +296,9 @@ struct bdb_header *bdb_create(struct bdb_create_params *p) bnext += p->oem_area_0_size; } - /* Copy subkey */ - memcpy(bnext, p->subkey, p->subkey->struct_size); - bnext += p->subkey->struct_size; + /* Copy datakey */ + memcpy(bnext, p->datakey, p->datakey->struct_size); + bnext += p->datakey->struct_size; /* * Create header signature using private BDB key. @@ -340,9 +340,9 @@ struct bdb_header *bdb_create(struct bdb_create_params *p) memcpy(bnext, p->hash, hashes_size); bnext += hashes_size; - /* Create data signature using private subkey */ - sig = bdb_create_sig(data, data->signed_size, p->private_subkey, - p->subkey->sig_alg, p->data_sig_description); + /* Create data signature using private datakey */ + sig = bdb_create_sig(data, data->signed_size, p->private_datakey, + p->datakey->sig_alg, p->data_sig_description); memcpy(bnext, sig, sig->struct_size); /* Return the BDB */ diff --git a/firmware/bdb/host.h b/firmware/bdb/host.h index 9334680b..474d82d1 100644 --- a/firmware/bdb/host.h +++ b/firmware/bdb/host.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2015 The Chromium OS Authors. All rights reserved. +/* Copyright 2015 The Chromium OS Authors. All rights reserved. * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. * @@ -30,17 +30,17 @@ bdb_verify(buf, size, bdb_key_hash, dev_mode_flag); If dev_mode_flag(), mismatch is not fatal bdb_check_sig() on BDB header sig - bdb_sha256() on OEM area 1, RW subkey + bdb_sha256() on OEM area 1, RW datakey bdb_rsa_verify() on digest using BDB key - bdb_check_key() on RW subkey + bdb_check_key() on RW datakey bdb_check_data() on RW data bdb_check_sig() on data sig bdb_sha256() on data, OEM area 1, hashes - bdb_rsa_verify() on digest using RW subkey + bdb_rsa_verify() on digest using RW datakey -Check RW subkey version. If normal boot from primary BDB, roll forward +Check RW datakey version. If normal boot from primary BDB, roll forward Check data version. If normal boot from primary BDB, roll forward */ @@ -135,13 +135,13 @@ struct bdb_create_params uint8_t *oem_area_1; uint32_t oem_area_1_size; - /* Public BDB key and subkey */ + /* Public BDB key and datakey */ struct bdb_key *bdbkey; - struct bdb_key *subkey; + struct bdb_key *datakey; - /* Private BDB key and subkey */ + /* Private BDB key and datakey */ struct rsa_st *private_bdbkey; - struct rsa_st *private_subkey; + struct rsa_st *private_datakey; /* Descriptions for header and data signatures */ char *header_sig_description; diff --git a/tests/bdb_test.c b/tests/bdb_test.c index d96e71a8..d9226f4d 100644 --- a/tests/bdb_test.c +++ b/tests/bdb_test.c @@ -296,13 +296,13 @@ void check_bdb_verify(const char *key_dir) /* Load keys */ sprintf(filename, "%s/bdbkey.keyb", key_dir); p.bdbkey = bdb_create_key(filename, 100, "BDB key"); - sprintf(filename, "%s/subkey.keyb", key_dir); - p.subkey = bdb_create_key(filename, 200, "Subkey"); + sprintf(filename, "%s/datakey.keyb", key_dir); + p.datakey = bdb_create_key(filename, 200, "datakey"); sprintf(filename, "%s/bdbkey.pem", key_dir); p.private_bdbkey = read_pem(filename); - sprintf(filename, "%s/subkey.pem", key_dir); - p.private_subkey = read_pem(filename); - if (!p.bdbkey || !p.subkey || !p.private_bdbkey || !p.private_subkey) { + sprintf(filename, "%s/datakey.pem", key_dir); + p.private_datakey = read_pem(filename); + if (!p.bdbkey || !p.datakey || !p.private_bdbkey || !p.private_datakey) { fprintf(stderr, "Unable to load test keys\n"); exit(2); } @@ -344,11 +344,11 @@ void check_bdb_verify(const char *key_dir) TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_OEM_AREA_0); memcpy(h, hgood, hsize); - ((struct bdb_key *)bdb_get_subkey(h))->struct_magic++; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_SUBKEY); + ((struct bdb_key *)bdb_get_datakey(h))->struct_magic++; + TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATAKEY); memcpy(h, hgood, hsize); - ((struct bdb_key *)bdb_get_subkey(h))->struct_size += 4; + ((struct bdb_key *)bdb_get_datakey(h))->struct_size += 4; TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_BDB_SIGNED_SIZE); memcpy(h, hgood, hsize); @@ -365,7 +365,7 @@ void check_bdb_verify(const char *key_dir) /* Also make sure the header sig really covers all the fields */ memcpy(h, hgood, hsize); - ((struct bdb_key *)bdb_get_subkey(h))->key_version++; + ((struct bdb_key *)bdb_get_datakey(h))->key_version++; TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG); memcpy(h, hgood, hsize); @@ -430,9 +430,9 @@ void check_bdb_verify(const char *key_dir) TEST_EQ_S(memcmp(bdb_get_oem_area_0(h), oem_area_0, sizeof(oem_area_0)), 0); - TEST_EQ_S(strcmp(bdb_get_subkey(h)->description, p.subkey->description), + TEST_EQ_S(strcmp(bdb_get_datakey(h)->description, p.datakey->description), 0); - TEST_EQ_S(bdb_get_subkey(h)->key_version, p.subkey->key_version); + TEST_EQ_S(bdb_get_datakey(h)->key_version, p.datakey->key_version); TEST_EQ_S(strcmp(bdb_get_header_sig(h)->description, p.header_sig_description), 0); @@ -463,9 +463,9 @@ void check_bdb_verify(const char *key_dir) /* Free keys and buffers */ free(p.bdbkey); - free(p.subkey); + free(p.datakey); RSA_free(p.private_bdbkey); - RSA_free(p.private_subkey); + RSA_free(p.private_datakey); free(hgood); free(h); } diff --git a/tests/testkeys/subkey.crt b/tests/testkeys/datakey.crt index fad23f48..fad23f48 100644 --- a/tests/testkeys/subkey.crt +++ b/tests/testkeys/datakey.crt diff --git a/tests/testkeys/subkey.keyb b/tests/testkeys/datakey.keyb Binary files differindex 33ed4ace..33ed4ace 100644 --- a/tests/testkeys/subkey.keyb +++ b/tests/testkeys/datakey.keyb diff --git a/tests/testkeys/subkey.pem b/tests/testkeys/datakey.pem index 2a8885e0..2a8885e0 100644 --- a/tests/testkeys/subkey.pem +++ b/tests/testkeys/datakey.pem |