diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-10-31 11:19:14 -0700 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-11-05 06:05:16 +0000 |
commit | c0ce70b468cc469556d0f43c63a6d63ec8280c99 (patch) | |
tree | df3fe9fd4aee85563ce8710d34b33c118fe0420d /firmware/2lib | |
parent | 3c6ec76e32ceea9d62ca4f7bca537fdcd4b5f387 (diff) | |
download | vboot-c0ce70b468cc469556d0f43c63a6d63ec8280c99.tar.gz |
vboot2: add support for new vb2_signature2 struct
And assocated unit tests.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I37fccafd8ccee5c0d55e3746c1611a8dff73145a
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/226939
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Diffstat (limited to 'firmware/2lib')
-rw-r--r-- | firmware/2lib/2common2.c | 60 | ||||
-rw-r--r-- | firmware/2lib/include/2common.h | 19 | ||||
-rw-r--r-- | firmware/2lib/include/2return_codes.h | 6 |
3 files changed, 85 insertions, 0 deletions
diff --git a/firmware/2lib/2common2.c b/firmware/2lib/2common2.c index b65ea8fd..f35d575e 100644 --- a/firmware/2lib/2common2.c +++ b/firmware/2lib/2common2.c @@ -118,3 +118,63 @@ int vb2_verify_common_subobject(const void *parent, return VB2_SUCCESS; } + +uint32_t vb2_sig_size(enum vb2_signature_algorithm sig_alg, + enum vb2_hash_algorithm hash_alg) +{ + uint32_t digest_size = vb2_digest_size(hash_alg); + + /* Fail if we don't support the hash algorithm */ + if (!digest_size) + return 0; + + /* Handle unsigned hashes */ + if (sig_alg == VB2_SIG_NONE) + return digest_size; + + return vb2_rsa_sig_size(sig_alg); +} + +int vb2_verify_signature2(const struct vb2_signature2 *sig, + uint32_t size) +{ + uint32_t min_offset = 0; + uint32_t expect_sig_size; + int rv; + + /* Check magic number */ + if (sig->c.magic != VB2_MAGIC_SIGNATURE2) + return VB2_ERROR_SIG_MAGIC; + + /* Make sure common header is good */ + rv = vb2_verify_common_header(sig, size); + if (rv) + return rv; + + /* + * Check for compatible version. No need to check minor version, since + * that's compatible across readers matching the major version, and we + * haven't added any new fields. + */ + if (sig->c.struct_version_major != VB2_SIGNATURE2_VERSION_MAJOR) + return VB2_ERROR_SIG_VERSION; + + /* Make sure header is big enough for signature */ + if (sig->c.fixed_size < sizeof(*sig)) + return VB2_ERROR_SIG_HEADER_SIZE; + + /* Make sure signature data is inside */ + rv = vb2_verify_common_member(sig, &min_offset, + sig->sig_offset, sig->sig_size); + if (rv) + return rv; + + /* Make sure signature size is correct for the algorithm */ + expect_sig_size = vb2_sig_size(sig->sig_alg, sig->hash_alg); + if (!expect_sig_size) + return VB2_ERROR_SIG_ALGORITHM; + if (sig->sig_size != expect_sig_size) + return VB2_ERROR_SIG_SIZE; + + return VB2_SUCCESS; +} diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h index f92fe9e4..1c57d3fa 100644 --- a/firmware/2lib/include/2common.h +++ b/firmware/2lib/include/2common.h @@ -281,6 +281,25 @@ int vb2_unpack_key2(struct vb2_public_key *key, const uint8_t *buf, uint32_t size); +/** + * Return expected signature size for a signature/hash algorithm pair + * + * @param sig_alg Signature algorithm + * @param hash_alg Hash algorithm + * @return The signature size, or zero if error / unsupported algorithm. + */ +uint32_t vb2_sig_size(enum vb2_signature_algorithm sig_alg, + enum vb2_hash_algorithm hash_alg); + +/** + * Verify the integrity of a signature struct + * @param sig Signature struct + * @param size Size of buffer containing signature struct + * @return VB2_SUCCESS, or non-zero if error. + */ +int vb2_verify_signature2(const struct vb2_signature2 *sig, + uint32_t size); + /* Size of work buffer sufficient for vb2_rsa_verify_digest() worst case */ #define VB2_VERIFY_DIGEST_WORKBUF_BYTES VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h index a65c334f..054655ee 100644 --- a/firmware/2lib/include/2return_codes.h +++ b/firmware/2lib/include/2return_codes.h @@ -211,6 +211,12 @@ enum vb2_return_code { /* Signature header doesn't fit */ VB2_ERROR_SIG_HEADER_SIZE, + /* Signature unsupported algorithm */ + VB2_ERROR_SIG_ALGORITHM, + + /* Signature bad size for algorithm */ + VB2_ERROR_SIG_SIZE, + /* Wrong amount of data signed */ VB2_ERROR_VDATA_SIZE, |