diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-11-24 12:55:29 -0800 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-12-01 20:30:46 +0000 |
commit | 9328bbff521625e788396ef9c5b26b79e6d1a7cb (patch) | |
tree | 4f10606071aedebba7ac98fa0b91822e3a08682b /firmware/2lib | |
parent | fc73f087653ee67193a9f2b897433db2cd532f8c (diff) | |
download | vboot-9328bbff521625e788396ef9c5b26b79e6d1a7cb.tar.gz |
vboot2: Add host lib function to create a vb2-style keyblock
Also add vb2_common_desc() helper function to return the description
for an object starting with a common struct header.
And use the new host lib function to create the keyblock for verifying
the firmware lib.
Add tests for everything new.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I1fadb3e249e771a692cc69b23620c6ddd46a48ac
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231721
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'firmware/2lib')
-rw-r--r-- | firmware/2lib/2common2.c | 10 | ||||
-rw-r--r-- | firmware/2lib/2packed_key2.c | 6 | ||||
-rw-r--r-- | firmware/2lib/include/2common.h | 10 | ||||
-rw-r--r-- | firmware/2lib/include/2return_codes.h | 17 |
4 files changed, 36 insertions, 7 deletions
diff --git a/firmware/2lib/2common2.c b/firmware/2lib/2common2.c index 099f7c1f..a5ebc70c 100644 --- a/firmware/2lib/2common2.c +++ b/firmware/2lib/2common2.c @@ -10,6 +10,13 @@ #include "2rsa.h" #include "2sha.h" +const char *vb2_common_desc(const void *buf) +{ + const struct vb2_struct_common *c = buf; + + return c->desc_size ? (const char *)c + c->fixed_size : ""; +} + int vb2_verify_common_header(const void *parent, uint32_t parent_size) { const struct vb2_struct_common *c = parent; @@ -42,8 +49,7 @@ int vb2_verify_common_header(const void *parent, uint32_t parent_size) return VB2_ERROR_COMMON_DESC_SIZE; /* Description must be null-terminated */ - const uint8_t *desc = (const uint8_t *)c + c->fixed_size; - if (desc[c->desc_size - 1] != 0) + if (vb2_common_desc(c)[c->desc_size - 1] != 0) return VB2_ERROR_COMMON_DESC_TERMINATOR; } diff --git a/firmware/2lib/2packed_key2.c b/firmware/2lib/2packed_key2.c index a67664bb..4019213b 100644 --- a/firmware/2lib/2packed_key2.c +++ b/firmware/2lib/2packed_key2.c @@ -99,11 +99,7 @@ int vb2_unpack_key2(struct vb2_public_key *key, } /* Key description */ - if (pkey->c.desc_size) - key->desc = (const char *)&(pkey->c) + pkey->c.fixed_size; - else - key->desc = ""; - + key->desc = vb2_common_desc(pkey); key->version = pkey->key_version; key->guid = &pkey->guid; diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h index a0c82d3c..1ea3f9e2 100644 --- a/firmware/2lib/include/2common.h +++ b/firmware/2lib/include/2common.h @@ -184,6 +184,16 @@ int vb2_verify_member_inside(const void *parent, size_t parent_size, size_t member_data_size); /** + * Return the description of an object starting with a vb2_struct_common header. + * + * Does not sanity-check the buffer; merely returns the pointer. + * + * @param buf Pointer to common object + * @return A pointer to description or an empty string if none. + */ +const char *vb2_common_desc(const void *buf); + +/** * Verify the common struct header is fully contained in its parent data * * Also verifies the description is either zero-length or null-terminated. diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h index 8f5a5c51..7a59925a 100644 --- a/firmware/2lib/include/2return_codes.h +++ b/firmware/2lib/include/2return_codes.h @@ -600,6 +600,23 @@ enum vb2_return_code { VB2_SIGN_OBJECT_OVERFLOW, /********************************************************************** + * Errors generated by host library keyblock functions + */ + VB2_ERROR_HOST_KEYBLOCK = VB2_ERROR_HOST_BASE + 0x040000, + + /* Unable to determine signature sizes for vb2_create_keyblock() */ + VB2_KEYBLOCK_CREATE_SIG_SIZE, + + /* Unable to pack data key for vb2_create_keyblock() */ + VB2_KEYBLOCK_CREATE_DATA_KEY, + + /* Unable to allocate buffer in vb2_create_keyblock() */ + VB2_KEYBLOCK_CREATE_ALLOC, + + /* Unable to sign keyblock in vb2_create_keyblock() */ + VB2_KEYBLOCK_CREATE_SIGN, + + /********************************************************************** * Highest non-zero error generated inside vboot library. Note that * error codes passed through vboot when it calls external APIs may * still be outside this range. |