diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-12-03 12:29:37 -0800 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-12-04 09:46:43 +0000 |
commit | 6f1b82ac14f341d9733d6e95d518b3ee352002ef (patch) | |
tree | 0d37f86365c8324416e42f1ce5cd3969de54a178 /firmware/2lib/2api.c | |
parent | fe2714923b986bc461b692d45c1b5eb1b469ddc4 (diff) | |
download | vboot-6f1b82ac14f341d9733d6e95d518b3ee352002ef.tar.gz |
vboot2: Move old struct handling to lib20/
This is part 4 of a series of changes to rearrange the vboot2 library
so that it's possible to start using the new-style data structs. This
change moves knowledge of the old vboot1 data structs into lib20; 2lib
now contains only code which is common to both vboot2.x libraries
(that is, code which is data structure version agnostic).
No functional changes; just rearranging code and tests.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky
CQ-DEPEND=CL:233051
Change-Id: I8f9e67157575e5be14952ef4809c3dfafd92596d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233021
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'firmware/2lib/2api.c')
-rw-r--r-- | firmware/2lib/2api.c | 158 |
1 files changed, 0 insertions, 158 deletions
diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c index a01c7f57..5d2775f0 100644 --- a/firmware/2lib/2api.c +++ b/firmware/2lib/2api.c @@ -100,94 +100,6 @@ int vb2api_fw_phase2(struct vb2_context *ctx) return VB2_SUCCESS; } -int vb2api_fw_phase3(struct vb2_context *ctx) -{ - int rv; - - /* Verify firmware keyblock */ - rv = vb2_load_fw_keyblock(ctx); - if (rv) { - vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv); - return rv; - } - - /* Verify firmware preamble */ - rv = vb2_load_fw_preamble(ctx); - if (rv) { - vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv); - return rv; - } - - return VB2_SUCCESS; -} - -int vb2api_init_hash(struct vb2_context *ctx, uint32_t tag, uint32_t *size) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - const struct vb2_fw_preamble *pre; - struct vb2_digest_context *dc; - struct vb2_public_key key; - struct vb2_workbuf wb; - int rv; - - vb2_workbuf_from_ctx(ctx, &wb); - - if (tag == VB2_HASH_TAG_INVALID) - return VB2_ERROR_API_INIT_HASH_TAG; - - /* Get preamble pointer */ - if (!sd->workbuf_preamble_size) - return VB2_ERROR_API_INIT_HASH_PREAMBLE; - pre = (const struct vb2_fw_preamble *) - (ctx->workbuf + sd->workbuf_preamble_offset); - - /* For now, we only support the firmware body tag */ - if (tag != VB2_HASH_TAG_FW_BODY) - return VB2_ERROR_API_INIT_HASH_TAG; - - /* Allocate workbuf space for the hash */ - if (sd->workbuf_hash_size) { - dc = (struct vb2_digest_context *) - (ctx->workbuf + sd->workbuf_hash_offset); - } else { - uint32_t dig_size = sizeof(*dc); - - dc = vb2_workbuf_alloc(&wb, dig_size); - if (!dc) - return VB2_ERROR_API_INIT_HASH_WORKBUF; - - sd->workbuf_hash_offset = vb2_offset_of(ctx->workbuf, dc); - sd->workbuf_hash_size = dig_size; - ctx->workbuf_used = sd->workbuf_hash_offset + dig_size; - } - - /* - * Unpack the firmware data key to see which hashing algorithm we - * should use. - * - * TODO: really, the firmware body should be hashed, and not signed, - * because the signature we're checking is already signed as part of - * the firmware preamble. But until we can change the signing scripts, - * we're stuck with a signature here instead of a hash. - */ - if (!sd->workbuf_data_key_size) - return VB2_ERROR_API_INIT_HASH_DATA_KEY; - - rv = vb2_unpack_key(&key, - ctx->workbuf + sd->workbuf_data_key_offset, - sd->workbuf_data_key_size); - if (rv) - return rv; - - sd->hash_tag = tag; - sd->hash_remaining_size = pre->body_signature.data_size; - - if (size) - *size = pre->body_signature.data_size; - - return vb2_digest_init(dc, key.hash_alg); -} - int vb2api_extend_hash(struct vb2_context *ctx, const void *buf, uint32_t size) @@ -208,73 +120,3 @@ int vb2api_extend_hash(struct vb2_context *ctx, return vb2_digest_extend(dc, buf, size); } - -int vb2api_check_hash(struct vb2_context *ctx) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - struct vb2_digest_context *dc = (struct vb2_digest_context *) - (ctx->workbuf + sd->workbuf_hash_offset); - struct vb2_workbuf wb; - - uint8_t *digest; - uint32_t digest_size = vb2_digest_size(dc->hash_alg); - - struct vb2_fw_preamble *pre; - struct vb2_public_key key; - int rv; - - vb2_workbuf_from_ctx(ctx, &wb); - - /* Get preamble pointer */ - if (!sd->workbuf_preamble_size) - return VB2_ERROR_API_CHECK_HASH_PREAMBLE; - pre = (struct vb2_fw_preamble *) - (ctx->workbuf + sd->workbuf_preamble_offset); - - /* Must have initialized hash digest work area */ - if (!sd->workbuf_hash_size) - return VB2_ERROR_API_CHECK_HASH_WORKBUF; - - /* Should have hashed the right amount of data */ - if (sd->hash_remaining_size) - return VB2_ERROR_API_CHECK_HASH_SIZE; - - /* Allocate the digest */ - digest = vb2_workbuf_alloc(&wb, digest_size); - if (!digest) - return VB2_ERROR_API_CHECK_HASH_WORKBUF_DIGEST; - - /* Finalize the digest */ - rv = vb2_digest_finalize(dc, digest, digest_size); - if (rv) - return rv; - - /* The code below is specific to the body signature */ - if (sd->hash_tag != VB2_HASH_TAG_FW_BODY) - return VB2_ERROR_API_CHECK_HASH_TAG; - - /* - * The body signature is currently a *signature* of the body data, not - * just its hash. So we need to verify the signature. - */ - - /* Unpack the data key */ - if (!sd->workbuf_data_key_size) - return VB2_ERROR_API_CHECK_HASH_DATA_KEY; - - rv = vb2_unpack_key(&key, - ctx->workbuf + sd->workbuf_data_key_offset, - sd->workbuf_data_key_size); - if (rv) - return rv; - - /* - * Check digest vs. signature. Note that this destroys the signature. - * That's ok, because we only check each signature once per boot. - */ - rv = vb2_verify_digest(&key, &pre->body_signature, digest, &wb); - if (rv) - vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv); - - return rv; -} |