vboot2: use common header size fields

Add functions for verifying object integrity using common header size
fields.  Convert vb2_packed_key2 to use the the new functions.  This
isn't much prettier for packed keys; the benefit is more obvious for
keyblocks (coming next).

BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests

Change-Id: I0c09533368abb7ced3b5ac622a15e62832413b7f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/226874
Reviewed-by: Bill Richardson <wfrichar@chromium.org>

1 files changed, 55 insertions, 5 deletions

diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h
index aca6b715..a65c334f 100644
--- a/firmware/2lib/include/2return_codes.h
+++ b/firmware/2lib/include/2return_codes.h
@@ -132,7 +132,7 @@ enum vb2_return_code {
 	VB2_ERROR_INSIDE_DATA_OUTSIDE,
 
 	/* Unsupported signature algorithm in vb2_unpack_key() */
-	VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
+	VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,                      /* 0x150008 */
 
 	/* Bad key size in vb2_unpack_key() */
 	VB2_ERROR_UNPACK_KEY_SIZE,
@@ -156,7 +156,7 @@ enum vb2_return_code {
 	VB2_ERROR_VDATA_WORKBUF_DIGEST,
 
 	/* Not enough work buffer for hash temp data in vb2_verify_data() */
-	VB2_ERROR_VDATA_WORKBUF_HASHING,
+	VB2_ERROR_VDATA_WORKBUF_HASHING,                         /* 0x150010 */
 
 	/*
 	 * Bad digest size in vb2_verify_data() - probably because algorithm
@@ -167,15 +167,59 @@ enum vb2_return_code {
 	/* Unsupported hash algorithm in vb2_unpack_key() */
 	VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
 
-	/* Common struct description is not null-terminated */
-	VB2_ERROR_DESC_TERMINATOR,
-
 	/* Member data overlaps member header */
 	VB2_ERROR_INSIDE_DATA_OVERLAP,
 
 	/* Unsupported packed key struct version */
 	VB2_ERROR_UNPACK_KEY_STRUCT_VERSION,
 
+	/*
+	 * Buffer too small for total, fixed size, or description reported in
+	 * common header, or member data checked via
+	 * vb2_verify_common_member().
+	 */
+	VB2_ERROR_COMMON_TOTAL_SIZE,
+	VB2_ERROR_COMMON_FIXED_SIZE,
+	VB2_ERROR_COMMON_DESC_SIZE,
+	VB2_ERROR_COMMON_MEMBER_SIZE,                            /* 0x150018 */
+
+	/*
+	 * Total, fixed, description, or member offset/size not a multiple of
+	 * 32 bits.
+	 */
+	VB2_ERROR_COMMON_TOTAL_UNALIGNED,
+	VB2_ERROR_COMMON_FIXED_UNALIGNED,
+	VB2_ERROR_COMMON_DESC_UNALIGNED,
+	VB2_ERROR_COMMON_MEMBER_UNALIGNED,
+
+	/* Common struct description or member data wraps address space */
+	VB2_ERROR_COMMON_DESC_WRAPS,
+	VB2_ERROR_COMMON_MEMBER_WRAPS,
+
+	/* Common struct description is not null-terminated */
+	VB2_ERROR_COMMON_DESC_TERMINATOR,
+
+	/* Member data overlaps previous data */
+	VB2_ERROR_COMMON_MEMBER_OVERLAP,                         /* 0x150020 */
+
+	/* Signature bad magic number */
+	VB2_ERROR_SIG_MAGIC,
+
+	/* Signature incompatible version */
+	VB2_ERROR_SIG_VERSION,
+
+	/* Signature header doesn't fit */
+	VB2_ERROR_SIG_HEADER_SIZE,
+
+	/* Wrong amount of data signed */
+	VB2_ERROR_VDATA_SIZE,
+
+	/* Digest mismatch */
+	VB2_ERROR_VDATA_VERIFY_DIGEST,
+
+	/* Key algorithm doesn't match signature algorithm */
+	VB2_ERROR_VDATA_ALGORITHM_MISMATCH,
+
         /**********************************************************************
 	 * Keyblock verification errors (all in vb2_verify_keyblock())
 	 */
@@ -211,6 +255,12 @@ enum vb2_return_code {
 	/* Data key outside signed part of keyblock */
 	VB2_ERROR_KEYBLOCK_DATA_KEY_UNSIGNED,
 
+	/* Signature signed wrong amount of data */
+	VB2_ERROR_KEYBLOCK_SIGNED_SIZE,
+
+	/* No signature matching key GUID */
+	VB2_ERROR_KEYBLOCK_SIG_GUID,
+
         /**********************************************************************
 	 * Preamble verification errors (all in vb2_verify_preamble())
 	 */