diff options
| author | Randall Spangler <rspangler@chromium.org> | 2013-01-24 10:59:12 -0800 |
|---|---|---|
| committer | ChromeBot <chrome-bot@google.com> | 2013-01-24 16:46:49 -0800 |
| commit | 0f872495cab2bcd8fc74f478bdbfd4293a67b47c (patch) | |
| tree | 4e19fab0d328b8f11fe26d258a911b2d60b1dbbc /firmware | |
| parent | 91db23243f53d677e7e522352bb5942dc2b3cb2b (diff) | |
| download | vboot-0f872495cab2bcd8fc74f478bdbfd4293a67b47c.tar.gz | |
Remove unused vbutil_ec
EC verification is done via software sync; the EC doesn't do vboot on
its own.
BUG=chromium-os:38139
BRANCH=none
TEST=manual
make runtests
emerge-link vboot_reference chromeos-u-boot chromeos-bootimage
Change-Id: I6e5c0db8fc54b474f044d37c2603a9c116747a85
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/41953
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'firmware')
| -rw-r--r-- | firmware/lib/include/vboot_common.h | 13 | ||||
| -rw-r--r-- | firmware/lib/vboot_common.c | 79 |
2 files changed, 0 insertions, 92 deletions
diff --git a/firmware/lib/include/vboot_common.h b/firmware/lib/include/vboot_common.h index 76706bf6..fe886ce4 100644 --- a/firmware/lib/include/vboot_common.h +++ b/firmware/lib/include/vboot_common.h @@ -87,11 +87,6 @@ int VerifyData(const uint8_t* data, uint64_t size, const VbSignature* sig, int VerifyDigest(const uint8_t* digest, const VbSignature *sig, const RSAPublicKey* key); -/* Uses [key] algorithm to hash [data], then compares that to the expected - * [hash]. Returns 0 if they're equal, non-zero if error. */ -int EqualData(const uint8_t* data, uint64_t size, const VbSignature *hash, - const RSAPublicKey* key); - /* Checks the sanity of a key block of size [size] bytes, using public * key [key]. If hash_only is non-zero, uses only the block checksum * to verify the key block. Header fields are also checked for @@ -100,14 +95,6 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size, const VbPublicKey *key, int hash_only); -/* Checks the sanity of an EC preamble of size [size] bytes, - * using public key [key]. - * - * Returns VBOOT_SUCCESS if successful. */ -int VerifyECPreamble(const VbECPreambleHeader* preamble, - uint64_t size, const RSAPublicKey* key); - - /* Checks the sanity of a firmware preamble of size [size] bytes, * using public key [key]. * diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index 7878701f..bf79b81f 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -173,28 +173,6 @@ int VerifyDigest(const uint8_t* digest, const VbSignature *sig, } -int EqualData(const uint8_t* data, uint64_t size, const VbSignature *hash, - const RSAPublicKey* key) { - uint8_t* digest = NULL; - int rv; - - if (hash->sig_size != hash_size_map[key->algorithm]) { - VBDEBUG(("Wrong hash size for algorithm.\n")); - return 1; - } - if (hash->data_size > size) { - VBDEBUG(("Data buffer smaller than length of signed data.\n")); - return 1; - } - - digest = DigestBuf(data, hash->data_size, key->algorithm); - - rv = SafeMemcmp(digest, GetSignatureDataC(hash), hash->sig_size); - VbExFree(digest); - return rv; -} - - int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size, const VbPublicKey *key, int hash_only) { @@ -313,63 +291,6 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size, return VBOOT_SUCCESS; } - -int VerifyECPreamble(const VbECPreambleHeader* preamble, - uint64_t size, const RSAPublicKey* key) { - - const VbSignature* sig = &preamble->preamble_signature; - - /* Sanity checks before attempting signature of data */ - if(size < EXPECTED_VB_EC_PREAMBLE_HEADER1_0_SIZE) { - VBDEBUG(("Not enough data for EC preamble header.\n")); - return VBOOT_PREAMBLE_INVALID; - } - if (preamble->header_version_major != - EC_PREAMBLE_HEADER_VERSION_MAJOR) { - VBDEBUG(("Incompatible EC preamble header version (%d, not %d).\n", - preamble->header_version_major, - EC_PREAMBLE_HEADER_VERSION_MAJOR)); - return VBOOT_PREAMBLE_INVALID; - } - if (size < preamble->preamble_size) { - VBDEBUG(("Not enough data for EC preamble.\n")); - return VBOOT_PREAMBLE_INVALID; - } - - /* Check signature */ - if (VerifySignatureInside(preamble, preamble->preamble_size, sig)) { - VBDEBUG(("EC preamble signature off end of preamble\n")); - return VBOOT_PREAMBLE_INVALID; - } - - /* Make sure advertised signature data sizes are sane. */ - if (preamble->preamble_size < sig->data_size) { - VBDEBUG(("EC signature calculated past end of the block\n")); - return VBOOT_PREAMBLE_INVALID; - } - - if (VerifyData((const uint8_t*)preamble, size, sig, key)) { - VBDEBUG(("EC preamble signature validation failed\n")); - return VBOOT_PREAMBLE_SIGNATURE; - } - - /* Verify we signed enough data */ - if (sig->data_size < sizeof(VbFirmwarePreambleHeader)) { - VBDEBUG(("Didn't sign enough data\n")); - return VBOOT_PREAMBLE_INVALID; - } - - /* Verify body digest is inside the signed data */ - if (VerifySignatureInside(preamble, sig->data_size, - &preamble->body_digest)) { - VBDEBUG(("EC body digest off end of preamble\n")); - return VBOOT_PREAMBLE_INVALID; - } - - /* Success */ - return VBOOT_SUCCESS; -} - int VerifyFirmwarePreamble(const VbFirmwarePreambleHeader* preamble, uint64_t size, const RSAPublicKey* key) { |