diff options
| author | Joel Kitching <kitching@google.com> | 2019-12-12 14:45:29 +0800 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2020-02-11 02:04:10 +0000 |
| commit | 166840277a2d4806fa0d89980b3501090441d5ed (patch) | |
| tree | 66a0245aea8b0ae841143e13dfb69eb651d09522 | |
| parent | 9e39b7452393486d1a37ff9eee61906452f5d4f7 (diff) | |
| download | vboot-166840277a2d4806fa0d89980b3501090441d5ed.tar.gz | |
vboot: move vboot 2.1 functions and structs into host code
These structs and functions need to stick around for futility
to use, but they are no longer supported in firmware code.
Rename host/lib21/include/* files to end in 21 instead of 2.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I01e181e2f03553d60724fbdc826f5ada63777303
Cq-Depend: chromium:1969172
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1963621
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
38 files changed, 178 insertions, 202 deletions
@@ -337,7 +337,7 @@ INCLUDES += \ # TPM commands and various external functions that are provided by the BIOS. ifeq (${FIRMWARE_ARCH},) INCLUDES += -Ihost/include -Ihost/lib/include -INCLUDES += -Ihost/lib21/include -Ifirmware/lib21/include +INCLUDES += -Ihost/lib21/include endif # Firmware library, used by the other firmware components (depthcharge, @@ -348,7 +348,6 @@ FWLIB = ${BUILD}/vboot_fw.a # Separate TPM lightweight command library (TLCL) TLCL = ${BUILD}/tlcl.a -# Additional firmware library sources needed by VbSelectAndLoadKernel() call FWLIB_SRCS = \ firmware/lib/cgptlib/cgptlib.c \ firmware/lib/cgptlib/cgptlib_internal.c \ @@ -364,7 +363,6 @@ FWLIB_SRCS = \ firmware/lib/vboot_ui_menu.c \ firmware/lib/vboot_ui_wilco.c -# Code common to both vboot 2.0 (old structs) and 2.1 (new structs) FWLIB2X_SRCS = \ firmware/2lib/2api.c \ firmware/2lib/2auxfw_sync.c \ @@ -392,10 +390,6 @@ FWLIB20_SRCS = \ firmware/lib20/misc.c \ firmware/lib20/packed_key.c -FWLIB21_SRCS = \ - firmware/lib21/common.c \ - firmware/lib21/packed_key.c - # TPM lightweight command library ifeq (${TPM2_MODE},) TLCL_SRCS = \ @@ -438,10 +432,8 @@ endif FWLIB_OBJS = ${FWLIB_SRCS:%.c=${BUILD}/%.o} FWLIB2X_OBJS = ${FWLIB2X_SRCS:%.c=${BUILD}/%.o} FWLIB20_OBJS = ${FWLIB20_SRCS:%.c=${BUILD}/%.o} -FWLIB21_OBJS = ${FWLIB21_SRCS:%.c=${BUILD}/%.o} TLCL_OBJS = ${TLCL_SRCS:%.c=${BUILD}/%.o} -ALL_OBJS += ${FWLIB_OBJS} ${FWLIB2X_OBJS} ${FWLIB20_OBJS} ${FWLIB21_OBJS} \ - ${TLCL_OBJS} +ALL_OBJS += ${FWLIB_OBJS} ${FWLIB2X_OBJS} ${FWLIB20_OBJS} ${TLCL_OBJS} # Intermediate library for the vboot_reference utilities to link against. UTILLIB = ${BUILD}/libvboot_util.a @@ -469,6 +461,7 @@ UTILLIB_SRCS = \ host/lib/signature_digest.c \ host/lib/subprocess.c \ host/lib/util_misc.c \ + host/lib21/host_common.c \ host/lib21/host_key.c \ host/lib21/host_misc.c \ host/lib21/host_signature.c @@ -655,7 +648,7 @@ FUTIL_CMD_LIST = ${BUILD}/gen/futility_cmds.c FUTIL_OBJS = ${FUTIL_SRCS:%.c=${BUILD}/%.o} ${FUTIL_CMD_LIST:%.c=%.o} -${FUTIL_OBJS}: INCLUDES += -Ihost/lib21/include -Ifirmware/lib21/include +${FUTIL_OBJS}: INCLUDES += -Ihost/lib21/include ALL_OBJS += ${FUTIL_OBJS} @@ -729,8 +722,8 @@ TEST20_NAMES = \ tests/vb20_verify_fw TEST21_NAMES = \ - tests/vb21_common_tests \ - tests/vb21_common2_tests \ + tests/vb21_host_common2_tests \ + tests/vb21_host_common_tests \ tests/vb21_host_key_tests \ tests/vb21_host_misc_tests \ tests/vb21_host_sig_tests @@ -866,7 +859,7 @@ utillib: ${UTILLIB} # TODO: better way to make .a than duplicating this recipe each time? ${UTILLIB}: ${UTILLIB_OBJS} ${FWLIB_OBJS} ${FWLIB2X_OBJS} ${FWLIB20_OBJS} \ - ${FWLIB21_OBJS} ${TLCL_OBJS} + ${TLCL_OBJS} @${PRINTF} " RM $(subst ${BUILD}/,,$@)\n" ${Q}rm -f $@ @${PRINTF} " AR $(subst ${BUILD}/,,$@)\n" @@ -1231,8 +1224,8 @@ run2tests: install_for_test ${RUNTEST} ${BUILD_RUN}/tests/vb20_api_kernel_tests ${RUNTEST} ${BUILD_RUN}/tests/vb20_kernel_tests ${RUNTEST} ${BUILD_RUN}/tests/vb20_misc_tests - ${RUNTEST} ${BUILD_RUN}/tests/vb21_common_tests - ${RUNTEST} ${BUILD_RUN}/tests/vb21_common2_tests ${TEST_KEYS} + ${RUNTEST} ${BUILD_RUN}/tests/vb21_host_common_tests + ${RUNTEST} ${BUILD_RUN}/tests/vb21_host_common2_tests ${TEST_KEYS} ${RUNTEST} ${BUILD_RUN}/tests/vb21_host_key_tests ${TEST_KEYS} ${BUILD} ${RUNTEST} ${BUILD_RUN}/tests/vb21_host_misc_tests ${BUILD} ${RUNTEST} ${BUILD_RUN}/tests/vb21_host_sig_tests ${TEST_KEYS} @@ -1250,7 +1243,7 @@ runfutiltests: install_for_test runlongtests: install_for_test genkeys genfuzztestcases ${RUNTEST} ${BUILD_RUN}/tests/vb2_common2_tests ${TEST_KEYS} --all ${RUNTEST} ${BUILD_RUN}/tests/vb2_common3_tests ${TEST_KEYS} --all - ${RUNTEST} ${BUILD_RUN}/tests/vb21_common2_tests ${TEST_KEYS} --all + ${RUNTEST} ${BUILD_RUN}/tests/vb21_host_common2_tests ${TEST_KEYS} --all tests/run_preamble_tests.sh --all tests/run_vbutil_tests.sh --all diff --git a/firmware/README b/firmware/README index 754edf1b..e5d5256b 100644 --- a/firmware/README +++ b/firmware/README @@ -34,10 +34,3 @@ lib20/ This was deployed slightly before it was ready. That's not a problem, thanks to the binary compatibility, but this directory will be abandoned Real Soon Now, except for the product support branches. - -lib21/ - - This is where the current development of the second-generation vboot API - is taking place. It uses the public (2lib/) API, but will NOT be binary - compatible with vboot1 structs. Because of the early release of the lib20 - stuff, we're actually calling this lib21. diff --git a/firmware/lib21/packed_key.c b/firmware/lib21/packed_key.c deleted file mode 100644 index bb6eb042..00000000 --- a/firmware/lib21/packed_key.c +++ /dev/null @@ -1,99 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Key unpacking functions - */ - -#include "2common.h" -#include "2rsa.h" -#include "2sysincludes.h" -#include "vb21_common.h" - -vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key, - const uint8_t *key_data, uint32_t key_size) -{ - const uint32_t *buf32 = (const uint32_t *)key_data; - uint32_t expected_key_size = vb2_packed_key_size(key->sig_alg); - - /* Make sure buffer is the correct length */ - if (!expected_key_size || expected_key_size != key_size) { - VB2_DEBUG("Wrong key size for algorithm\n"); - return VB2_ERROR_UNPACK_KEY_SIZE; - } - - /* Check for alignment */ - if (!vb2_aligned(buf32, sizeof(uint32_t))) - return VB2_ERROR_UNPACK_KEY_ALIGN; - - key->arrsize = buf32[0]; - - /* Sanity check key array size */ - if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg)) - return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE; - - key->n0inv = buf32[1]; - - /* Arrays point inside the key data */ - key->n = buf32 + 2; - key->rr = buf32 + 2 + key->arrsize; - - return VB2_SUCCESS; -} - -vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf, - uint32_t size) -{ - const struct vb21_packed_key *pkey = - (const struct vb21_packed_key *)buf; - uint32_t sig_size; - uint32_t min_offset = 0; - vb2_error_t rv; - - /* Check magic number */ - if (pkey->c.magic != VB21_MAGIC_PACKED_KEY) - return VB2_ERROR_UNPACK_KEY_MAGIC; - - rv = vb21_verify_common_header(buf, size); - if (rv) - return rv; - - /* Make sure key data is inside */ - rv = vb21_verify_common_member(pkey, &min_offset, - pkey->key_offset, pkey->key_size); - if (rv) - return rv; - - /* - * Check for compatible version. No need to check minor version, since - * that's compatible across readers matching the major version, and we - * haven't added any new fields. - */ - if (pkey->c.struct_version_major != VB21_PACKED_KEY_VERSION_MAJOR) - return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION; - - /* Copy key algorithms */ - key->hash_alg = pkey->hash_alg; - if (!vb2_digest_size(key->hash_alg)) - return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM; - - key->sig_alg = pkey->sig_alg; - if (key->sig_alg != VB2_SIG_NONE) { - sig_size = vb2_rsa_sig_size(key->sig_alg); - if (!sig_size) - return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM; - rv = vb2_unpack_key_data( - key, - (const uint8_t *)pkey + pkey->key_offset, - pkey->key_size); - if (rv) - return rv; - } - - /* Key description */ - key->desc = vb21_common_desc(pkey); - key->version = pkey->key_version; - key->id = &pkey->id; - - return VB2_SUCCESS; -} diff --git a/futility/cmd_create.c b/futility/cmd_create.c index a3cb8b58..2f7a8d5f 100644 --- a/futility/cmd_create.c +++ b/futility/cmd_create.c @@ -16,12 +16,12 @@ #include "2sysincludes.h" #include "futility.h" #include "futility_options.h" -#include "host_key2.h" +#include "host_common21.h" #include "host_key.h" -#include "host_misc2.h" +#include "host_key21.h" +#include "host_misc21.h" #include "openssl_compat.h" #include "util_misc.h" -#include "vb21_common.h" #include "vb2_common.h" /* Command line options */ diff --git a/futility/cmd_show.c b/futility/cmd_show.c index 402b1330..f3b91631 100644 --- a/futility/cmd_show.c +++ b/futility/cmd_show.c @@ -28,7 +28,7 @@ #include "futility.h" #include "futility_options.h" #include "host_common.h" -#include "host_key2.h" +#include "host_key21.h" #include "util_misc.h" #include "vb1_helper.h" #include "vb2_common.h" diff --git a/futility/cmd_sign.c b/futility/cmd_sign.c index 117a6536..980e6d12 100644 --- a/futility/cmd_sign.c +++ b/futility/cmd_sign.c @@ -18,17 +18,17 @@ #include <unistd.h> #include "2common.h" -#include "file_type_bios.h" #include "file_type.h" +#include "file_type_bios.h" #include "fmap.h" #include "futility.h" #include "futility_options.h" #include "host_common.h" -#include "host_key2.h" +#include "host_common21.h" +#include "host_key21.h" #include "kernel_blob.h" #include "util_misc.h" #include "vb1_helper.h" -#include "vb21_common.h" #include "vb2_common.h" /* Options */ diff --git a/futility/cmd_vbutil_firmware.c b/futility/cmd_vbutil_firmware.c index d5a86863..7659ed25 100644 --- a/futility/cmd_vbutil_firmware.c +++ b/futility/cmd_vbutil_firmware.c @@ -18,7 +18,7 @@ #include "2sysincludes.h" #include "futility.h" #include "host_common.h" -#include "host_key2.h" +#include "host_key21.h" #include "kernel_blob.h" #include "util_misc.h" #include "vb1_helper.h" diff --git a/futility/cmd_vbutil_key.c b/futility/cmd_vbutil_key.c index b0b7675e..0d812540 100644 --- a/futility/cmd_vbutil_key.c +++ b/futility/cmd_vbutil_key.c @@ -14,7 +14,7 @@ #include "futility.h" #include "host_common.h" -#include "host_key2.h" +#include "host_key21.h" #include "util_misc.h" #include "vb1_helper.h" #include "vb2_common.h" diff --git a/futility/cmd_vbutil_keyblock.c b/futility/cmd_vbutil_keyblock.c index 2be7a850..977b4aa4 100644 --- a/futility/cmd_vbutil_keyblock.c +++ b/futility/cmd_vbutil_keyblock.c @@ -16,7 +16,7 @@ #include "2sysincludes.h" #include "futility.h" #include "host_common.h" -#include "host_key2.h" +#include "host_key21.h" #include "util_misc.h" #include "vb1_helper.h" #include "vb2_common.h" diff --git a/futility/file_type_rwsig.c b/futility/file_type_rwsig.c index bcccb2dd..a09782ce 100644 --- a/futility/file_type_rwsig.c +++ b/futility/file_type_rwsig.c @@ -23,11 +23,11 @@ #include "futility.h" #include "futility_options.h" #include "host_common.h" -#include "host_key2.h" +#include "host_common21.h" +#include "host_key21.h" #include "host_misc.h" -#include "host_signature2.h" +#include "host_signature21.h" #include "util_misc.h" -#include "vb21_common.h" #define SIGNATURE_RSVD_SIZE 1024 #define EC_RW_FILENAME "EC_RW.bin" diff --git a/futility/file_type_usbpd1.c b/futility/file_type_usbpd1.c index 42cb62cc..658b48c2 100644 --- a/futility/file_type_usbpd1.c +++ b/futility/file_type_usbpd1.c @@ -24,10 +24,10 @@ #include "futility.h" #include "futility_options.h" #include "host_common.h" -#include "host_key2.h" -#include "host_signature2.h" +#include "host_common21.h" +#include "host_key21.h" +#include "host_signature21.h" #include "util_misc.h" -#include "vb21_common.h" /* Return 1 if okay, 0 if not */ static int parse_size_opts(uint32_t len, diff --git a/futility/vb2_helper.c b/futility/vb2_helper.c index f5b7978e..fb0362ae 100644 --- a/futility/vb2_helper.c +++ b/futility/vb2_helper.c @@ -14,11 +14,11 @@ #include "futility.h" #include "futility_options.h" #include "host_common.h" -#include "host_key2.h" -#include "host_misc2.h" +#include "host_common21.h" +#include "host_key21.h" +#include "host_misc21.h" #include "openssl_compat.h" #include "util_misc.h" -#include "vb21_common.h" int vb2_lookup_hash_alg(const char *str, enum vb2_hash_algorithm *alg) { diff --git a/host/lib/host_common.c b/host/lib/host_common.c index 1833c62d..00f9100e 100644 --- a/host/lib/host_common.c +++ b/host/lib/host_common.c @@ -11,7 +11,7 @@ #include "2rsa.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_key2.h" +#include "host_key21.h" #include "utility.h" #include "vb2_common.h" diff --git a/host/lib/host_key2.c b/host/lib/host_key2.c index 5849cf76..6984c67f 100644 --- a/host/lib/host_key2.c +++ b/host/lib/host_key2.c @@ -16,7 +16,7 @@ #include "2sha.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_key2.h" +#include "host_key21.h" #include "host_key.h" #include "host_misc.h" #include "vb2_common.h" @@ -296,3 +296,34 @@ vb2_error_t vb2_packed_key_looks_ok(const struct vb2_packed_key *key, return VB2_SUCCESS; } + +vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key, + const uint8_t *key_data, uint32_t key_size) +{ + const uint32_t *buf32 = (const uint32_t *)key_data; + uint32_t expected_key_size = vb2_packed_key_size(key->sig_alg); + + /* Make sure buffer is the correct length */ + if (!expected_key_size || expected_key_size != key_size) { + VB2_DEBUG("Wrong key size for algorithm\n"); + return VB2_ERROR_UNPACK_KEY_SIZE; + } + + /* Check for alignment */ + if (!vb2_aligned(buf32, sizeof(uint32_t))) + return VB2_ERROR_UNPACK_KEY_ALIGN; + + key->arrsize = buf32[0]; + + /* Sanity check key array size */ + if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg)) + return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE; + + key->n0inv = buf32[1]; + + /* Arrays point inside the key data */ + key->n = buf32 + 2; + key->rr = buf32 + 2 + key->arrsize; + + return VB2_SUCCESS; +} diff --git a/host/lib/host_keyblock.c b/host/lib/host_keyblock.c index 522e87a9..a7dbedef 100644 --- a/host/lib/host_keyblock.c +++ b/host/lib/host_keyblock.c @@ -14,7 +14,7 @@ #include "2rsa.h" #include "2sha.h" #include "host_common.h" -#include "host_key2.h" +#include "host_key21.h" #include "host_keyblock.h" #include "host_key.h" #include "vb2_common.h" diff --git a/host/lib/host_signature.c b/host/lib/host_signature.c index 8cea9f4a..db536c6e 100644 --- a/host/lib/host_signature.c +++ b/host/lib/host_signature.c @@ -20,7 +20,7 @@ #include "2sha.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_signature2.h" +#include "host_signature21.h" #include "vb2_common.h" /* Invoke [external_signer] command with [pem_file] as an argument, contents of diff --git a/host/lib/host_signature2.c b/host/lib/host_signature2.c index 6bc900dd..f7caa71f 100644 --- a/host/lib/host_signature2.c +++ b/host/lib/host_signature2.c @@ -20,8 +20,8 @@ #include "2sha.h" #include "file_keys.h" #include "host_common.h" -#include "host_key2.h" -#include "host_signature2.h" +#include "host_key21.h" +#include "host_signature21.h" #include "vb2_common.h" struct vb2_signature *vb2_alloc_signature(uint32_t sig_size, diff --git a/host/lib/include/host_common.h b/host/lib/include/host_common.h index 7fde53ba..5fcc5c52 100644 --- a/host/lib/include/host_common.h +++ b/host/lib/include/host_common.h @@ -9,7 +9,7 @@ #define VBOOT_REFERENCE_HOST_COMMON_H_ #include "host_key.h" -#include "host_key2.h" +#include "host_key21.h" #include "host_keyblock.h" #include "host_misc.h" #include "host_signature.h" diff --git a/host/lib/include/host_key.h b/host/lib/include/host_key.h index 26792720..9b594c62 100644 --- a/host/lib/include/host_key.h +++ b/host/lib/include/host_key.h @@ -11,6 +11,7 @@ #include "2crypto.h" #include "2return_codes.h" +struct vb2_public_key; struct vb2_packed_key; struct vb2_private_key; @@ -146,4 +147,17 @@ struct vb2_packed_key *vb2_read_packed_keyb(const char *filename, vb2_error_t vb2_write_packed_key(const char *filename, const struct vb2_packed_key *key); +/** + * Unpack the RSA data fields for a public key + * + * This is called by vb21_unpack_key() to extract the arrays from a packed key. + * These elements of *key will point inside the key_data buffer. + * + * @param key Destination key for RSA data fields + * @param key_data Packed key data (from inside a packed key buffer) + * @param key_size Size of packed key data in bytes + */ +vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key, + const uint8_t *key_data, uint32_t key_size); + #endif /* VBOOT_REFERENCE_HOST_KEY_H_ */ diff --git a/host/lib/signature_digest.c b/host/lib/signature_digest.c index b480798d..f6be00a3 100644 --- a/host/lib/signature_digest.c +++ b/host/lib/signature_digest.c @@ -14,7 +14,7 @@ #include "2sha.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_signature2.h" +#include "host_signature21.h" #include "signature_digest.h" uint8_t* PrependDigestInfo(enum vb2_hash_algorithm hash_alg, uint8_t* digest) diff --git a/host/lib/util_misc.c b/host/lib/util_misc.c index 8b9388a4..c99947f0 100644 --- a/host/lib/util_misc.c +++ b/host/lib/util_misc.c @@ -17,7 +17,7 @@ #include "2sha.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_key2.h" +#include "host_key21.h" #include "openssl_compat.h" #include "util_misc.h" #include "vb2_common.h" diff --git a/firmware/lib21/common.c b/host/lib21/host_common.c index 19f07bce..245b1885 100644 --- a/firmware/lib21/common.c +++ b/host/lib21/host_common.c @@ -9,7 +9,7 @@ #include "2rsa.h" #include "2sha.h" #include "2sysincludes.h" -#include "vb21_common.h" +#include "host_common21.h" const char *vb21_common_desc(const void *buf) { diff --git a/host/lib21/host_key.c b/host/lib21/host_key.c index 34e5a633..6e3a2765 100644 --- a/host/lib21/host_key.c +++ b/host/lib21/host_key.c @@ -14,10 +14,10 @@ #include "2sha.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_key2.h" +#include "host_common21.h" +#include "host_key21.h" #include "host_misc.h" #include "openssl_compat.h" -#include "vb21_common.h" const struct vb2_text_vs_enum vb2_text_vs_sig[] = { {"RSA1024", VB2_SIG_RSA1024}, @@ -651,3 +651,60 @@ vb2_error_t vb21_public_key_write(const struct vb2_public_key *key, free(pkey); return ret; } + +vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf, + uint32_t size) +{ + const struct vb21_packed_key *pkey = + (const struct vb21_packed_key *)buf; + uint32_t sig_size; + uint32_t min_offset = 0; + vb2_error_t rv; + + /* Check magic number */ + if (pkey->c.magic != VB21_MAGIC_PACKED_KEY) + return VB2_ERROR_UNPACK_KEY_MAGIC; + + rv = vb21_verify_common_header(buf, size); + if (rv) + return rv; + + /* Make sure key data is inside */ + rv = vb21_verify_common_member(pkey, &min_offset, + pkey->key_offset, pkey->key_size); + if (rv) + return rv; + + /* + * Check for compatible version. No need to check minor version, since + * that's compatible across readers matching the major version, and we + * haven't added any new fields. + */ + if (pkey->c.struct_version_major != VB21_PACKED_KEY_VERSION_MAJOR) + return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION; + + /* Copy key algorithms */ + key->hash_alg = pkey->hash_alg; + if (!vb2_digest_size(key->hash_alg)) + return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM; + + key->sig_alg = pkey->sig_alg; + if (key->sig_alg != VB2_SIG_NONE) { + sig_size = vb2_rsa_sig_size(key->sig_alg); + if (!sig_size) + return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM; + rv = vb2_unpack_key_data( + key, + (const uint8_t *)pkey + pkey->key_offset, + pkey->key_size); + if (rv) + return rv; + } + + /* Key description */ + key->desc = vb21_common_desc(pkey); + key->version = pkey->key_version; + key->id = &pkey->id; + + return VB2_SUCCESS; +} diff --git a/host/lib21/host_misc.c b/host/lib21/host_misc.c index 71a77c5d..ebc4eac5 100644 --- a/host/lib21/host_misc.c +++ b/host/lib21/host_misc.c @@ -14,8 +14,8 @@ #include "2sha.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_misc2.h" -#include "vb21_common.h" +#include "host_common21.h" +#include "host_misc21.h" vb2_error_t vb2_read_file(const char *filename, uint8_t **data_ptr, uint32_t *size_ptr) diff --git a/host/lib21/host_signature.c b/host/lib21/host_signature.c index e4dead01..77ee448a 100644 --- a/host/lib21/host_signature.c +++ b/host/lib21/host_signature.c @@ -12,10 +12,10 @@ #include "2sha.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_key2.h" +#include "host_common21.h" +#include "host_key21.h" #include "host_misc.h" -#include "host_signature2.h" -#include "vb21_common.h" +#include "host_signature21.h" vb2_error_t vb2_digest_info(enum vb2_hash_algorithm hash_alg, const uint8_t **buf_ptr, uint32_t *size_ptr) diff --git a/firmware/lib21/include/vb21_common.h b/host/lib21/include/host_common21.h index 442ccb07..fa8086b8 100644 --- a/firmware/lib21/include/vb21_common.h +++ b/host/lib21/include/host_common21.h @@ -11,7 +11,7 @@ #include "2common.h" #include "2return_codes.h" #include "2struct.h" -#include "vb21_struct.h" +#include "host_struct21.h" #ifdef __cplusplus extern "C" { @@ -79,33 +79,6 @@ vb2_error_t vb21_verify_common_subobject(const void *parent, uint32_t member_offset); /** - * Unpack a key for use in verification - * - * The elements of the unpacked key will point into the source buffer, so don't - * free the source buffer until you're done with the key. - * - * @param key Destintion for unpacked key - * @param buf Source buffer containing packed key - * @param size Size of buffer in bytes - * @return VB2_SUCCESS, or non-zero error code if error. - */ -vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf, - uint32_t size); - -/** - * Unpack the RSA data fields for a public key - * - * This is called by vb21_unpack_key() to extract the arrays from a packed key. - * These elements of *key will point inside the key_data buffer. - * - * @param key Destination key for RSA data fields - * @param key_data Packed key data (from inside a packed key buffer) - * @param key_size Size of packed key data in bytes - */ -vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key, - const uint8_t *key_data, uint32_t key_size); - -/** * Verify the integrity of a signature struct * @param sig Signature struct * @param size Size of buffer containing signature struct diff --git a/host/lib21/include/host_key2.h b/host/lib21/include/host_key21.h index d8a90f5f..219e98ab 100644 --- a/host/lib21/include/host_key2.h +++ b/host/lib21/include/host_key21.h @@ -267,4 +267,18 @@ enum vb2_signature_algorithm vb2_rsa_sig_alg(struct rsa_st *rsa); vb2_error_t vb21_public_key_write(const struct vb2_public_key *key, const char *filename); +/** + * Unpack a key for use in verification + * + * The elements of the unpacked key will point into the source buffer, so don't + * free the source buffer until you're done with the key. + * + * @param key Destintion for unpacked key + * @param buf Source buffer containing packed key + * @param size Size of buffer in bytes + * @return VB2_SUCCESS, or non-zero error code if error. + */ +vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf, + uint32_t size); + #endif /* VBOOT_REFERENCE_HOST_KEY2_H_ */ diff --git a/host/lib21/include/host_misc2.h b/host/lib21/include/host_misc21.h index 795ebb23..795ebb23 100644 --- a/host/lib21/include/host_misc2.h +++ b/host/lib21/include/host_misc21.h diff --git a/host/lib21/include/host_signature2.h b/host/lib21/include/host_signature21.h index 0b1784af..0b1784af 100644 --- a/host/lib21/include/host_signature2.h +++ b/host/lib21/include/host_signature21.h diff --git a/firmware/lib21/include/vb21_struct.h b/host/lib21/include/host_struct21.h index 6f91e36c..6f91e36c 100644 --- a/firmware/lib21/include/vb21_struct.h +++ b/host/lib21/include/host_struct21.h diff --git a/tests/vb21_common2_tests.c b/tests/vb21_host_common2_tests.c index b98b1ac8..b2ceb95f 100644 --- a/tests/vb21_common2_tests.c +++ b/tests/vb21_host_common2_tests.c @@ -13,11 +13,11 @@ #include "2rsa.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_key2.h" -#include "host_signature2.h" +#include "host_common21.h" +#include "host_key21.h" +#include "host_signature21.h" #include "test_common.h" #include "util_misc.h" -#include "vb21_common.h" static const uint8_t test_data[] = "This is some test data to sign."; static const uint32_t test_size = sizeof(test_data); diff --git a/tests/vb21_common_tests.c b/tests/vb21_host_common_tests.c index 543ebb24..3ab5dbc3 100644 --- a/tests/vb21_common_tests.c +++ b/tests/vb21_host_common_tests.c @@ -8,10 +8,10 @@ #include "2common.h" #include "2rsa.h" #include "2sysincludes.h" -#include "host_key2.h" -#include "host_signature2.h" +#include "host_common21.h" +#include "host_key21.h" +#include "host_signature21.h" #include "test_common.h" -#include "vb21_common.h" static const uint8_t test_data[] = "This is some test data to sign."; diff --git a/tests/vb21_host_key_tests.c b/tests/vb21_host_key_tests.c index 0be763fc..e8eef9b3 100644 --- a/tests/vb21_host_key_tests.c +++ b/tests/vb21_host_key_tests.c @@ -12,9 +12,9 @@ #include "2rsa.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_key2.h" +#include "host_common21.h" +#include "host_key21.h" #include "test_common.h" -#include "vb21_common.h" /* Test only the algorithms we use */ struct alg_combo { diff --git a/tests/vb21_host_misc_tests.c b/tests/vb21_host_misc_tests.c index 8a556e99..f437803c 100644 --- a/tests/vb21_host_misc_tests.c +++ b/tests/vb21_host_misc_tests.c @@ -11,9 +11,9 @@ #include "2common.h" #include "2sysincludes.h" #include "host_common.h" +#include "host_common21.h" #include "host_misc.h" #include "test_common.h" -#include "vb21_common.h" static void misc_tests(void) { diff --git a/tests/vb21_host_sig_tests.c b/tests/vb21_host_sig_tests.c index b116c5ce..f337eaa4 100644 --- a/tests/vb21_host_sig_tests.c +++ b/tests/vb21_host_sig_tests.c @@ -12,10 +12,10 @@ #include "2rsa.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_key2.h" -#include "host_signature2.h" +#include "host_common21.h" +#include "host_key21.h" +#include "host_signature21.h" #include "test_common.h" -#include "vb21_common.h" /* Test only the algorithms we use */ struct alg_combo { diff --git a/tests/vb2_common2_tests.c b/tests/vb2_common2_tests.c index 4f68f9b8..e8c96f78 100644 --- a/tests/vb2_common2_tests.c +++ b/tests/vb2_common2_tests.c @@ -13,7 +13,7 @@ #include "2sysincludes.h" #include "file_keys.h" #include "host_common.h" -#include "host_key2.h" +#include "host_key21.h" #include "test_common.h" #include "vb2_common.h" diff --git a/utility/pad_digest_utility.c b/utility/pad_digest_utility.c index 718f7356..6f91cf37 100644 --- a/utility/pad_digest_utility.c +++ b/utility/pad_digest_utility.c @@ -12,7 +12,7 @@ #include "2sha.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_signature2.h" +#include "host_signature21.h" #include "signature_digest.h" static void usage(char* argv[]) { diff --git a/utility/signature_digest_utility.c b/utility/signature_digest_utility.c index 9a39317a..9f5138fd 100644 --- a/utility/signature_digest_utility.c +++ b/utility/signature_digest_utility.c @@ -14,7 +14,7 @@ #include "2common.h" #include "2sysincludes.h" #include "host_common.h" -#include "host_signature2.h" +#include "host_signature21.h" #include "signature_digest.h" int main(int argc, char* argv[]) |