diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-10-23 17:38:18 -0700 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-10-29 22:23:49 +0000 |
commit | d274a2e9536907d0474d988f32f602cd64ed1ae6 (patch) | |
tree | 2119babccda38dc38f6d7bb35c23e53ad9077b29 /firmware/2lib/include | |
parent | f6cfb974ce465cf977490fe26db9c8735da97571 (diff) | |
download | vboot-d274a2e9536907d0474d988f32f602cd64ed1ae6.tar.gz |
vboot2: Add vb2_unpack_key2() and unit testsfactory-rambi-6420.B
This unpacks new-style packed keys.
For now, it can also handle old-style packed keys by passing them to
the old unpacking function. Once we've switched over to new-style
keys in the signing scripts, we'll remove the old format to save code
size.
Also added is a test library which converts from old to new struct
formats. That should eventually get absorbed into futility, and the
test keys directory should have both old and new format packed keys in
it.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I0fe31f124781d1ea1efedab65dcd6130bfca18dd
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/225490
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'firmware/2lib/include')
-rw-r--r-- | firmware/2lib/include/2common.h | 17 | ||||
-rw-r--r-- | firmware/2lib/include/2return_codes.h | 3 | ||||
-rw-r--r-- | firmware/2lib/include/2rsa.h | 3 |
3 files changed, 22 insertions, 1 deletions
diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h index 8a00dd71..5ab145cf 100644 --- a/firmware/2lib/include/2common.h +++ b/firmware/2lib/include/2common.h @@ -103,7 +103,7 @@ void *vb2_workbuf_realloc(struct vb2_workbuf *wb, void vb2_workbuf_free(struct vb2_workbuf *wb, uint32_t size); /* Check if a pointer is aligned on an align-byte boundary */ -#define vb_aligned(ptr, align) (!(((uintptr_t)(ptr)) & ((align) - 1))) +#define vb2_aligned(ptr, align) (!(((uintptr_t)(ptr)) & ((align) - 1))) /** * Safer memcmp() for use in crypto. @@ -233,6 +233,21 @@ int vb2_unpack_key(struct vb2_public_key *key, const uint8_t *buf, uint32_t size); +/** + * Unpack a key for use in verification + * + * The elements of the unpacked key will point into the source buffer, so don't + * free the source buffer until you're done with the key. + * + * @param key Destintion for unpacked key + * @param buf Source buffer containing packed key + * @param size Size of buffer in bytes + * @return VB2_SUCCESS, or non-zero error code if error. + */ +int vb2_unpack_key2(struct vb2_public_key *key, + const uint8_t *buf, + uint32_t size); + /* Size of work buffer sufficient for vb2_rsa_verify_digest() worst case */ #define VB2_VERIFY_DIGEST_WORKBUF_BYTES VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h index 333c29c1..e75f4222 100644 --- a/firmware/2lib/include/2return_codes.h +++ b/firmware/2lib/include/2return_codes.h @@ -176,6 +176,9 @@ enum vb2_return_code { /* Member data overlaps member header */ VB2_ERROR_INSIDE_DATA_OVERLAP, + /* Unsupported packed key struct version */ + VB2_ERROR_UNPACK_KEY_STRUCT_VERSION, + /********************************************************************** * Keyblock verification errors (all in vb2_verify_keyblock()) */ diff --git a/firmware/2lib/include/2rsa.h b/firmware/2lib/include/2rsa.h index 8e21cd4d..3d591a5a 100644 --- a/firmware/2lib/include/2rsa.h +++ b/firmware/2lib/include/2rsa.h @@ -19,6 +19,9 @@ struct vb2_public_key { const uint32_t *rr; /* R^2 as little endian array */ enum vb2_signature_algorithm sig_alg; /* Signature algorithm */ enum vb2_hash_algorithm hash_alg; /* Hash algorithm */ + const char *desc; /* Description */ + uint32_t version; /* Key version */ + const struct vb2_guid *guid; /* Key GUID */ }; /** |