diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-12-02 15:55:56 -0800 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-12-04 04:02:13 +0000 |
commit | 108d991c678f80c99967bd07035de7418c81a072 (patch) | |
tree | 2183720db7886371be5d05f53c47bf26a8527c62 /firmware | |
parent | 7aef90c14d9dc770b4e16876faf8bf6b9942ff2e (diff) | |
download | vboot-108d991c678f80c99967bd07035de7418c81a072.tar.gz |
vboot2: Move knowledge of vboot 2.1 data structures inside lib21/
Code which compiles against fwlib2 no longer knows or cares about the
new data structures. This should shrink fwlib2 a bit. This is part 3
of 4 changes which split vboot 2.0 struct handling (old vboot1
structs) from vboot 2.1 struct handling (new style structs).
No functional changes; just shuffling around code.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky.
Change-Id: Ibccd7d1974e07f38b90c19c924ef3b1ffcb77d62
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233020
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'firmware')
-rw-r--r-- | firmware/2lib/include/2common.h | 39 | ||||
-rw-r--r-- | firmware/2lib/include/2struct.h | 390 | ||||
-rw-r--r-- | firmware/lib21/api.c | 1 | ||||
-rw-r--r-- | firmware/lib21/common.c | 1 | ||||
-rw-r--r-- | firmware/lib21/include/vb2_common.h | 91 | ||||
-rw-r--r-- | firmware/lib21/include/vb2_struct.h | 336 | ||||
-rw-r--r-- | firmware/lib21/misc.c | 1 | ||||
-rw-r--r-- | firmware/lib21/packed_key.c | 1 |
8 files changed, 462 insertions, 398 deletions
diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h index 1ea3f9e2..672bd00c 100644 --- a/firmware/2lib/include/2common.h +++ b/firmware/2lib/include/2common.h @@ -331,15 +331,6 @@ uint32_t vb2_sig_size(enum vb2_signature_algorithm sig_alg, */ const struct vb2_guid *vb2_hash_guid(enum vb2_hash_algorithm hash_alg); -/** - * Verify the integrity of a signature struct - * @param sig Signature struct - * @param size Size of buffer containing signature struct - * @return VB2_SUCCESS, or non-zero if error. - */ -int vb2_verify_signature2(const struct vb2_signature2 *sig, - uint32_t size); - /* * Size of work buffer sufficient for vb2_verify_digest() or * vb2_verify_digest2() worst case. @@ -360,20 +351,6 @@ int vb2_verify_digest(const struct vb2_public_key *key, const uint8_t *digest, const struct vb2_workbuf *wb); -/** - * Verify a signature against an expected hash digest. - * - * @param key Key to use in signature verification - * @param sig Signature to verify (may be destroyed in process) - * @param digest Digest of signed data - * @param wb Work buffer - * @return VB2_SUCCESS, or non-zero if error. - */ -int vb2_verify_digest2(const struct vb2_public_key *key, - struct vb2_signature2 *sig, - const uint8_t *digest, - const struct vb2_workbuf *wb); - /* * Size of work buffer sufficient for vb2_verify_data() or vb2_verify_data2() * worst case. @@ -400,12 +377,6 @@ int vb2_verify_data(const uint8_t *data, const struct vb2_public_key *key, const struct vb2_workbuf *wb); -int vb2_verify_data2(const void *data, - uint32_t size, - struct vb2_signature2 *sig, - const struct vb2_public_key *key, - const struct vb2_workbuf *wb); - /* * Size of work buffer sufficient for vb2_verify_keyblock() or * vb2_verify_keyblock2() worst case. @@ -429,11 +400,6 @@ int vb2_verify_keyblock(struct vb2_keyblock *block, const struct vb2_public_key *key, const struct vb2_workbuf *wb); -int vb2_verify_keyblock2(struct vb2_keyblock2 *block, - uint32_t size, - const struct vb2_public_key *key, - const struct vb2_workbuf *wb); - /* * Size of work buffer sufficient for vb2_verify_fw_preamble() or * vb2_verify_fw_preamble2() worst case. @@ -456,9 +422,4 @@ int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble, const struct vb2_public_key *key, const struct vb2_workbuf *wb); -int vb2_verify_fw_preamble2(struct vb2_fw_preamble2 *preamble, - uint32_t size, - const struct vb2_public_key *key, - const struct vb2_workbuf *wb); - #endif /* VBOOT_REFERENCE_VBOOT_2COMMON_H_ */ diff --git a/firmware/2lib/include/2struct.h b/firmware/2lib/include/2struct.h index e4aaf607..b2b35f24 100644 --- a/firmware/2lib/include/2struct.h +++ b/firmware/2lib/include/2struct.h @@ -12,6 +12,37 @@ #include "2guid.h" +/* Algorithm types for signatures */ +enum vb2_signature_algorithm { + /* Invalid or unsupported signature type */ + VB2_SIG_INVALID = 0, + + /* + * No signature algorithm. The digest is unsigned. See + * VB2_GUID_NONE_* above for key GUIDs to use with this algorithm. + */ + VB2_SIG_NONE = 1, + + /* RSA algorithms of the given length in bits (1024-8192) */ + VB2_SIG_RSA1024 = 2, /* Warning! This is likely to be deprecated! */ + VB2_SIG_RSA2048 = 3, + VB2_SIG_RSA4096 = 4, + VB2_SIG_RSA8192 = 5, +}; + +/* Algorithm types for hash digests */ +enum vb2_hash_algorithm { + /* Invalid or unsupported digest type */ + VB2_HASH_INVALID = 0, + + /* SHA-1. Warning: This is likely to be deprecated soon! */ + VB2_HASH_SHA1 = 1, + + /* SHA-256 and SHA-512 */ + VB2_HASH_SHA256 = 2, + VB2_HASH_SHA512 = 3, +}; + /****************************************************************************/ /* * Vboot1-compatible data structures @@ -190,365 +221,6 @@ struct vb2_fw_preamble { #define EXPECTED_VB2_FW_PREAMBLE_SIZE 108 /****************************************************************************/ -/* - * Vboot2 data structures - * - * - * Offsets should be padded to 32-bit boundaries, since some architectures - * have trouble with accessing unaligned integers. - */ - -/* - * Magic numbers used by vb2_struct_common.magic. - * - * All valid numbers should be listed here to avoid accidental overlap. - * Numbers start at a large value, so that previous parsers (which stored - * things like lengths and offsets at that field) will detect and reject new - * structs as invalid. - */ -enum vb2_struct_common_magic { - /* "Vb2B" = vb2_keyblock2.c.magic */ - VB2_MAGIC_KEYBLOCK2 = 0x42326256, - - /* "Vb2F" = vb2_fw_preamble.c.magic */ - VB2_MAGIC_FW_PREAMBLE2 = 0x46326256, - - /* "Vb2I" = vb2_packed_private_key2.c.magic */ - VB2_MAGIC_PACKED_PRIVATE_KEY2 = 0x49326256, - - /* "Vb2K" = vb2_kernel_preamble.c.magic */ - VB2_MAGIC_KERNEL_PREAMBLE2 = 0x4b326256, - - /* "Vb2P" = vb2_packed_key2.c.magic */ - VB2_MAGIC_PACKED_KEY2 = 0x50326256, - - /* "Vb2S" = vb2_signature.c.magic */ - VB2_MAGIC_SIGNATURE2 = 0x53326256, -}; - - -/* - * Generic struct header for all vboot2 structs. This makes it easy to - * automatically parse and identify vboot structs (e.g., in futility). This - * must be the first member of the parent vboot2 struct. - */ -struct vb2_struct_common { - /* Magic number; see vb2_struct_common_magic for expected values */ - uint32_t magic; - - /* - * Parent struct version; see each struct for the expected value. - * - * How to handle struct version mismatches, if the parser is version - * A.b and the data is version C.d: - * 1) If A.b == C.d, we're good. - * 2) If A != C, the data cannot be parsed at all. - * 3) If b < d, C.d is a newer version of data which is backwards- - * compatible to old parsers. We're good. - * 4) If b > d, C.d is an older version of data. The parser should - * use default values for fields added after version d. We're - * good. - * - * Struct versions start at 3.0, since the highest version of the old - * structures was 2.1. This way, there is no possibility of collision - * for old code which depends on the version number. - */ - uint16_t struct_version_major; - uint16_t struct_version_minor; - - /* - * Size of the parent structure and all its data, including the - * description and any necessary padding. That is, all data must lie - * in a contiguous region of <total_size> bytes starting at the first - * byte of this header. - */ - uint32_t total_size; - - /* - * Size of the fixed portion of the parent structure. If a description - * is present, it must start at this offset. - */ - uint32_t fixed_size; - - /* - * The object may contain an ASCII description following the fixed - * portion of the structure. If it is present, it must be - * null-terminated, and padded with 0 (null) bytes to a multiple of 32 - * bits. - * - * Size of ASCII description in bytes, counting null terminator and - * padding (if any). Set 0 if no description is present. If non-zero, - * there must be a null terminator (0) at offset (fixed_size + - * desc_size - 1). - */ - uint32_t desc_size; -} __attribute__((packed)); - -#define EXPECTED_VB2_STRUCT_COMMON_SIZE 20 - -/* Algorithm types for signatures */ -enum vb2_signature_algorithm { - /* Invalid or unsupported signature type */ - VB2_SIG_INVALID = 0, - - /* - * No signature algorithm. The digest is unsigned. See - * VB2_GUID_NONE_* above for key GUIDs to use with this algorithm. - */ - VB2_SIG_NONE = 1, - - /* RSA algorithms of the given length in bits (1024-8192) */ - VB2_SIG_RSA1024 = 2, /* Warning! This is likely to be deprecated! */ - VB2_SIG_RSA2048 = 3, - VB2_SIG_RSA4096 = 4, - VB2_SIG_RSA8192 = 5, -}; - -/* Algorithm types for hash digests */ -enum vb2_hash_algorithm { - /* Invalid or unsupported digest type */ - VB2_HASH_INVALID = 0, - - /* SHA-1. Warning: This is likely to be deprecated soon! */ - VB2_HASH_SHA1 = 1, - - /* SHA-256 and SHA-512 */ - VB2_HASH_SHA256 = 2, - VB2_HASH_SHA512 = 3, -}; - -/* Current version of vb2_packed_key2 struct */ -#define VB2_PACKED_KEY2_VERSION_MAJOR 3 -#define VB2_PACKED_KEY2_VERSION_MINOR 0 - -/* - * Packed public key data, version 2 - * - * The key data must be arranged like this: - * 1) vb2_packed_key2 header struct h - * 2) Key description (pointed to by h.c.fixed_size) - * 3) Key data key (pointed to by h.key_offset) - */ -struct vb2_packed_key2 { - /* Common header fields */ - struct vb2_struct_common c; - - /* Offset of key data from start of this struct */ - uint32_t key_offset; - - /* Size of key data in bytes (NOT strength of key in bits) */ - uint32_t key_size; - - /* Signature algorithm used by the key (enum vb2_signature_algorithm) */ - uint16_t sig_alg; - - /* - * Hash digest algorithm used with the key (enum vb2_hash_algorithm). - * This is explicitly specified as part of the key to prevent use of a - * strong key with a weak hash. - */ - uint16_t hash_alg; - - /* Key version */ - uint32_t key_version; - - /* Key GUID */ - struct vb2_guid guid; -} __attribute__((packed)); - -#define EXPECTED_VB2_PACKED_KEY2_SIZE \ - (EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 16) - -/* Current version of vb2_packed_private_key2 struct */ -#define VB2_PACKED_PRIVATE_KEY2_VERSION_MAJOR 3 -#define VB2_PACKED_PRIVATE_KEY2_VERSION_MINOR 0 - -/* - * Packed private key data, version 2 - * - * The key data must be arranged like this: - * 1) vb2_packed_private_key2 header struct h - * 2) Key description (pointed to by h.c.fixed_size) - * 3) Key data key (pointed to by h.key_offset) - */ -struct vb2_packed_private_key2 { - /* Common header fields */ - struct vb2_struct_common c; - - /* Offset of key data from start of this struct */ - uint32_t key_offset; - - /* Size of key data in bytes (NOT strength of key in bits) */ - uint32_t key_size; - - /* Signature algorithm used by the key (enum vb2_signature_algorithm) */ - uint16_t sig_alg; - - /* - * Hash digest algorithm used with the key (enum vb2_hash_algorithm). - * This is explicitly specified as part of the key to prevent use of a - * strong key with a weak hash. - */ - uint16_t hash_alg; - - /* Key GUID */ - struct vb2_guid guid; -} __attribute__((packed)); - -#define EXPECTED_VB2_PACKED_PRIVATE_KEY2_SIZE \ - (EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 12) - -/* Current version of vb2_signature2 struct */ -#define VB2_SIGNATURE2_VERSION_MAJOR 3 -#define VB2_SIGNATURE2_VERSION_MINOR 0 - -/* - * Signature data, version 2 - * - * The signature data must be arranged like this: - * 1) vb2_signature2 header struct h - * 2) Signature description (pointed to by h.c.fixed_size) - * 3) Signature data (pointed to by h.sig_offset) - */ -struct vb2_signature2 { - /* Common header fields */ - struct vb2_struct_common c; - - /* Offset of signature data from start of this struct */ - uint32_t sig_offset; - - /* Size of signature data in bytes */ - uint32_t sig_size; - - /* Size of the data block which was signed in bytes */ - uint32_t data_size; - - /* Signature algorithm used (enum vb2_signature_algorithm) */ - uint16_t sig_alg; - - /* Hash digest algorithm used (enum vb2_hash_algorithm) */ - uint16_t hash_alg; - - /* - * GUID for the signature. - * - * If this is a keyblock signature entry, this is the GUID of the key - * used to generate this signature. This allows the firmware to - * quickly determine which signature block (if any) goes with the key - * being used by the firmware. - * - * If this is a preamble hash entry, this is the GUID of the data type - * being hashed. There is no key GUID, because sig_alg=VB2_ALG_NONE. - */ - struct vb2_guid guid; -} __attribute__((packed)); - -#define EXPECTED_VB2_SIGNATURE2_SIZE \ - (EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 16) - - -/* Current version of vb2_keyblock2 struct */ -#define VB2_KEYBLOCK2_VERSION_MAJOR 3 -#define VB2_KEYBLOCK2_VERSION_MINOR 0 - -/* - * Key block. This contains a signed, versioned key for use in the next stage - * of verified boot. - * - * The key block data must be arranged like this: - * 1) vb2_keyblock2 header struct h - * 2) Keyblock description (pointed to by h.c.fixed_size) - * 3) Data key (pointed to by h.data_key_offset) - * 4) Signatures (first signature pointed to by h.sig_offset) - * - * The signatures from 4) must cover all the data from 1), 2), 3). That is, - * signatures must sign all data up to sig_offset. - */ -struct vb2_keyblock2 { - /* Common header fields */ - struct vb2_struct_common c; - - /* Flags (VB2_KEY_BLOCK_FLAG_*) */ - uint32_t flags; - - /* - * Offset of key (struct vb2_packed_key2) to use in next stage of - * verification, from start of the keyblock. - */ - uint32_t key_offset; - - /* Number of keyblock signatures which follow */ - uint32_t sig_count; - - /* - * Offset of the first signature (struct vb2_signature2) from the start - * of the keyblock. - * - * Signatures sign the contents of this struct and the data pointed to - * by data_key_offset, but not themselves or other signatures. - * - * For the firmware, there may be only one signature. - * - * Kernels often have at least two signatures - one using the kernel - * subkey from the RW firmware (for signed kernels) and one which is - * simply a SHA-512 hash (for unsigned developer kernels). - * - * The GUID for each signature indicates which key was used to generate - * the signature. - */ - uint32_t sig_offset; -} __attribute__((packed)); - -#define EXPECTED_VB2_KEYBLOCK2_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 16) - - -/* Current version of vb2_fw_preamble2 struct */ -#define VB2_FW_PREAMBLE2_VERSION_MAJOR 3 -#define VB2_FW_PREAMBLE2_VERSION_MINOR 0 - -/* - * Firmware preamble - * - * The preamble data must be arranged like this: - * 1) vb2_fw_preamble2 header struct h - * 2) Preamble description (pointed to by h.c.fixed_size) - * 3) Hashes (pointed to by h.hash_offset) - * 4) Signature (pointed to by h.sig_offset) - * - * The signature 4) must cover all the data from 1), 2), 3). - */ -struct vb2_fw_preamble2 { - /* Common header fields */ - struct vb2_struct_common c; - - /* Flags; see VB2_FIRMWARE_PREAMBLE_* */ - uint32_t flags; - - /* Firmware version */ - uint32_t firmware_version; - - /* Offset of signature (struct vb2_signature2) for this preamble */ - uint32_t sig_offset; - - /* - * The preamble contains a list of hashes (struct vb2_signature2) for - * the various firmware components. These have sig_alg=VB2_SIG_NONE, - * and the GUID for each hash identifies the component being hashed. - * The calling firmware is responsible for knowing where to find those - * components, which may be on a different storage device than this - * preamble. - */ - - /* Number of hash entries */ - uint32_t hash_count; - - /* Offset of first hash entry from start of preamble */ - uint32_t hash_offset; -} __attribute__((packed)); - -#define EXPECTED_VB2_FW_PREAMBLE2_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 20) - -/****************************************************************************/ /* Flags for vb2_shared_data.flags */ enum vb2_shared_data_flags { diff --git a/firmware/lib21/api.c b/firmware/lib21/api.c index 0df2cf69..99bc4433 100644 --- a/firmware/lib21/api.c +++ b/firmware/lib21/api.c @@ -14,6 +14,7 @@ #include "2secdata.h" #include "2sha.h" #include "2rsa.h" +#include "vb2_common.h" int vb2api_fw_phase3_2(struct vb2_context *ctx) { diff --git a/firmware/lib21/common.c b/firmware/lib21/common.c index a5ebc70c..cf1ec417 100644 --- a/firmware/lib21/common.c +++ b/firmware/lib21/common.c @@ -9,6 +9,7 @@ #include "2common.h" #include "2rsa.h" #include "2sha.h" +#include "vb2_common.h" const char *vb2_common_desc(const void *buf) { diff --git a/firmware/lib21/include/vb2_common.h b/firmware/lib21/include/vb2_common.h new file mode 100644 index 00000000..5abac4c0 --- /dev/null +++ b/firmware/lib21/include/vb2_common.h @@ -0,0 +1,91 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Common functions between firmware and kernel verified boot. + */ + +#ifndef VBOOT_REFERENCE_VB2_COMMON_H_ +#define VBOOT_REFERENCE_VB2_COMMON_H_ + +#include "2api.h" +#include "2common.h" +#include "2return_codes.h" +#include "2sha.h" +#include "2struct.h" +#include "vb2_struct.h" + +/** + * Verify the integrity of a signature struct + * @param sig Signature struct + * @param size Size of buffer containing signature struct + * @return VB2_SUCCESS, or non-zero if error. + */ +int vb2_verify_signature2(const struct vb2_signature2 *sig, + uint32_t size); + +/** + * Verify a signature against an expected hash digest. + * + * @param key Key to use in signature verification + * @param sig Signature to verify (may be destroyed in process) + * @param digest Digest of signed data + * @param wb Work buffer + * @return VB2_SUCCESS, or non-zero if error. + */ +int vb2_verify_digest2(const struct vb2_public_key *key, + struct vb2_signature2 *sig, + const uint8_t *digest, + const struct vb2_workbuf *wb); + +/** + * Verify data matches signature. + * + * @param data Data to verify + * @param size Size of data buffer. Note that amount of data to + * actually validate is contained in sig->data_size. + * @param sig Signature of data (destroyed in process) + * @param key Key to use to validate signature + * @param wb Work buffer + * @return VB2_SUCCESS, or non-zero error code if error. + */ +int vb2_verify_data2(const void *data, + uint32_t size, + struct vb2_signature2 *sig, + const struct vb2_public_key *key, + const struct vb2_workbuf *wb); + +/** + * Check the sanity of a key block using a public key. + * + * Header fields are also checked for sanity. Does not verify key index or key + * block flags. Signature inside block is destroyed during check. + * + * @param block Key block to verify + * @param size Size of key block buffer + * @param key Key to use to verify block + * @param wb Work buffer + * @return VB2_SUCCESS, or non-zero error code if error. + */ +int vb2_verify_keyblock2(struct vb2_keyblock2 *block, + uint32_t size, + const struct vb2_public_key *key, + const struct vb2_workbuf *wb); + +/** + * Check the sanity of a firmware preamble using a public key. + * + * The signature in the preamble is destroyed during the check. + * + * @param preamble Preamble to verify + * @param size Size of preamble buffer + * @param key Key to use to verify preamble + * @param wb Work buffer + * @return VB2_SUCCESS, or non-zero error code if error. + */ +int vb2_verify_fw_preamble2(struct vb2_fw_preamble2 *preamble, + uint32_t size, + const struct vb2_public_key *key, + const struct vb2_workbuf *wb); + +#endif /* VBOOT_REFERENCE_VB2_COMMON_H_ */ diff --git a/firmware/lib21/include/vb2_struct.h b/firmware/lib21/include/vb2_struct.h new file mode 100644 index 00000000..4bf4da74 --- /dev/null +++ b/firmware/lib21/include/vb2_struct.h @@ -0,0 +1,336 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Vboot 2.1 data structures + * + * Offsets should be padded to 32-bit boundaries, since some architectures + * have trouble with accessing unaligned integers. + */ + +#ifndef VBOOT_REFERENCE_VB2_STRUCT_H_ +#define VBOOT_REFERENCE_VB2_STRUCT_H_ +#include <stdint.h> + +#include "2guid.h" + +/* + * Magic numbers used by vb2_struct_common.magic. + * + * All valid numbers should be listed here to avoid accidental overlap. + * Numbers start at a large value, so that previous parsers (which stored + * things like lengths and offsets at that field) will detect and reject new + * structs as invalid. + */ +enum vb2_struct_common_magic { + /* "Vb2B" = vb2_keyblock2.c.magic */ + VB2_MAGIC_KEYBLOCK2 = 0x42326256, + + /* "Vb2F" = vb2_fw_preamble.c.magic */ + VB2_MAGIC_FW_PREAMBLE2 = 0x46326256, + + /* "Vb2I" = vb2_packed_private_key2.c.magic */ + VB2_MAGIC_PACKED_PRIVATE_KEY2 = 0x49326256, + + /* "Vb2K" = vb2_kernel_preamble.c.magic */ + VB2_MAGIC_KERNEL_PREAMBLE2 = 0x4b326256, + + /* "Vb2P" = vb2_packed_key2.c.magic */ + VB2_MAGIC_PACKED_KEY2 = 0x50326256, + + /* "Vb2S" = vb2_signature.c.magic */ + VB2_MAGIC_SIGNATURE2 = 0x53326256, +}; + + +/* + * Generic struct header for all vboot2 structs. This makes it easy to + * automatically parse and identify vboot structs (e.g., in futility). This + * must be the first member of the parent vboot2 struct. + */ +struct vb2_struct_common { + /* Magic number; see vb2_struct_common_magic for expected values */ + uint32_t magic; + + /* + * Parent struct version; see each struct for the expected value. + * + * How to handle struct version mismatches, if the parser is version + * A.b and the data is version C.d: + * 1) If A.b == C.d, we're good. + * 2) If A != C, the data cannot be parsed at all. + * 3) If b < d, C.d is a newer version of data which is backwards- + * compatible to old parsers. We're good. + * 4) If b > d, C.d is an older version of data. The parser should + * use default values for fields added after version d. We're + * good. + * + * Struct versions start at 3.0, since the highest version of the old + * structures was 2.1. This way, there is no possibility of collision + * for old code which depends on the version number. + */ + uint16_t struct_version_major; + uint16_t struct_version_minor; + + /* + * Size of the parent structure and all its data, including the + * description and any necessary padding. That is, all data must lie + * in a contiguous region of <total_size> bytes starting at the first + * byte of this header. + */ + uint32_t total_size; + + /* + * Size of the fixed portion of the parent structure. If a description + * is present, it must start at this offset. + */ + uint32_t fixed_size; + + /* + * The object may contain an ASCII description following the fixed + * portion of the structure. If it is present, it must be + * null-terminated, and padded with 0 (null) bytes to a multiple of 32 + * bits. + * + * Size of ASCII description in bytes, counting null terminator and + * padding (if any). Set 0 if no description is present. If non-zero, + * there must be a null terminator (0) at offset (fixed_size + + * desc_size - 1). + */ + uint32_t desc_size; +} __attribute__((packed)); + +#define EXPECTED_VB2_STRUCT_COMMON_SIZE 20 + +/* Current version of vb2_packed_key2 struct */ +#define VB2_PACKED_KEY2_VERSION_MAJOR 3 +#define VB2_PACKED_KEY2_VERSION_MINOR 0 + +/* + * Packed public key data, version 2 + * + * The key data must be arranged like this: + * 1) vb2_packed_key2 header struct h + * 2) Key description (pointed to by h.c.fixed_size) + * 3) Key data key (pointed to by h.key_offset) + */ +struct vb2_packed_key2 { + /* Common header fields */ + struct vb2_struct_common c; + + /* Offset of key data from start of this struct */ + uint32_t key_offset; + + /* Size of key data in bytes (NOT strength of key in bits) */ + uint32_t key_size; + + /* Signature algorithm used by the key (enum vb2_signature_algorithm) */ + uint16_t sig_alg; + + /* + * Hash digest algorithm used with the key (enum vb2_hash_algorithm). + * This is explicitly specified as part of the key to prevent use of a + * strong key with a weak hash. + */ + uint16_t hash_alg; + + /* Key version */ + uint32_t key_version; + + /* Key GUID */ + struct vb2_guid guid; +} __attribute__((packed)); + +#define EXPECTED_VB2_PACKED_KEY2_SIZE \ + (EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 16) + +/* Current version of vb2_packed_private_key2 struct */ +#define VB2_PACKED_PRIVATE_KEY2_VERSION_MAJOR 3 +#define VB2_PACKED_PRIVATE_KEY2_VERSION_MINOR 0 + +/* + * Packed private key data, version 2 + * + * The key data must be arranged like this: + * 1) vb2_packed_private_key2 header struct h + * 2) Key description (pointed to by h.c.fixed_size) + * 3) Key data key (pointed to by h.key_offset) + */ +struct vb2_packed_private_key2 { + /* Common header fields */ + struct vb2_struct_common c; + + /* Offset of key data from start of this struct */ + uint32_t key_offset; + + /* Size of key data in bytes (NOT strength of key in bits) */ + uint32_t key_size; + + /* Signature algorithm used by the key (enum vb2_signature_algorithm) */ + uint16_t sig_alg; + + /* + * Hash digest algorithm used with the key (enum vb2_hash_algorithm). + * This is explicitly specified as part of the key to prevent use of a + * strong key with a weak hash. + */ + uint16_t hash_alg; + + /* Key GUID */ + struct vb2_guid guid; +} __attribute__((packed)); + +#define EXPECTED_VB2_PACKED_PRIVATE_KEY2_SIZE \ + (EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 12) + +/* Current version of vb2_signature2 struct */ +#define VB2_SIGNATURE2_VERSION_MAJOR 3 +#define VB2_SIGNATURE2_VERSION_MINOR 0 + +/* + * Signature data, version 2 + * + * The signature data must be arranged like this: + * 1) vb2_signature2 header struct h + * 2) Signature description (pointed to by h.c.fixed_size) + * 3) Signature data (pointed to by h.sig_offset) + */ +struct vb2_signature2 { + /* Common header fields */ + struct vb2_struct_common c; + + /* Offset of signature data from start of this struct */ + uint32_t sig_offset; + + /* Size of signature data in bytes */ + uint32_t sig_size; + + /* Size of the data block which was signed in bytes */ + uint32_t data_size; + + /* Signature algorithm used (enum vb2_signature_algorithm) */ + uint16_t sig_alg; + + /* Hash digest algorithm used (enum vb2_hash_algorithm) */ + uint16_t hash_alg; + + /* + * GUID for the signature. + * + * If this is a keyblock signature entry, this is the GUID of the key + * used to generate this signature. This allows the firmware to + * quickly determine which signature block (if any) goes with the key + * being used by the firmware. + * + * If this is a preamble hash entry, this is the GUID of the data type + * being hashed. There is no key GUID, because sig_alg=VB2_ALG_NONE. + */ + struct vb2_guid guid; +} __attribute__((packed)); + +#define EXPECTED_VB2_SIGNATURE2_SIZE \ + (EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 16) + + +/* Current version of vb2_keyblock2 struct */ +#define VB2_KEYBLOCK2_VERSION_MAJOR 3 +#define VB2_KEYBLOCK2_VERSION_MINOR 0 + +/* + * Key block. This contains a signed, versioned key for use in the next stage + * of verified boot. + * + * The key block data must be arranged like this: + * 1) vb2_keyblock2 header struct h + * 2) Keyblock description (pointed to by h.c.fixed_size) + * 3) Data key (pointed to by h.data_key_offset) + * 4) Signatures (first signature pointed to by h.sig_offset) + * + * The signatures from 4) must cover all the data from 1), 2), 3). That is, + * signatures must sign all data up to sig_offset. + */ +struct vb2_keyblock2 { + /* Common header fields */ + struct vb2_struct_common c; + + /* Flags (VB2_KEY_BLOCK_FLAG_*) */ + uint32_t flags; + + /* + * Offset of key (struct vb2_packed_key2) to use in next stage of + * verification, from start of the keyblock. + */ + uint32_t key_offset; + + /* Number of keyblock signatures which follow */ + uint32_t sig_count; + + /* + * Offset of the first signature (struct vb2_signature2) from the start + * of the keyblock. + * + * Signatures sign the contents of this struct and the data pointed to + * by data_key_offset, but not themselves or other signatures. + * + * For the firmware, there may be only one signature. + * + * Kernels often have at least two signatures - one using the kernel + * subkey from the RW firmware (for signed kernels) and one which is + * simply a SHA-512 hash (for unsigned developer kernels). + * + * The GUID for each signature indicates which key was used to generate + * the signature. + */ + uint32_t sig_offset; +} __attribute__((packed)); + +#define EXPECTED_VB2_KEYBLOCK2_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 16) + + +/* Current version of vb2_fw_preamble2 struct */ +#define VB2_FW_PREAMBLE2_VERSION_MAJOR 3 +#define VB2_FW_PREAMBLE2_VERSION_MINOR 0 + +/* + * Firmware preamble + * + * The preamble data must be arranged like this: + * 1) vb2_fw_preamble2 header struct h + * 2) Preamble description (pointed to by h.c.fixed_size) + * 3) Hashes (pointed to by h.hash_offset) + * 4) Signature (pointed to by h.sig_offset) + * + * The signature 4) must cover all the data from 1), 2), 3). + */ +struct vb2_fw_preamble2 { + /* Common header fields */ + struct vb2_struct_common c; + + /* Flags; see VB2_FIRMWARE_PREAMBLE_* */ + uint32_t flags; + + /* Firmware version */ + uint32_t firmware_version; + + /* Offset of signature (struct vb2_signature2) for this preamble */ + uint32_t sig_offset; + + /* + * The preamble contains a list of hashes (struct vb2_signature2) for + * the various firmware components. These have sig_alg=VB2_SIG_NONE, + * and the GUID for each hash identifies the component being hashed. + * The calling firmware is responsible for knowing where to find those + * components, which may be on a different storage device than this + * preamble. + */ + + /* Number of hash entries */ + uint32_t hash_count; + + /* Offset of first hash entry from start of preamble */ + uint32_t hash_offset; +} __attribute__((packed)); + +#define EXPECTED_VB2_FW_PREAMBLE2_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 20) + +#endif /* VBOOT_REFERENCE_VB2_STRUCT_H_ */ diff --git a/firmware/lib21/misc.c b/firmware/lib21/misc.c index dbdf95c0..16648a74 100644 --- a/firmware/lib21/misc.c +++ b/firmware/lib21/misc.c @@ -13,6 +13,7 @@ #include "2secdata.h" #include "2sha.h" #include "2rsa.h" +#include "vb2_common.h" /** * Read an object with a common struct header from a verified boot resource. diff --git a/firmware/lib21/packed_key.c b/firmware/lib21/packed_key.c index d872d446..3974b5f8 100644 --- a/firmware/lib21/packed_key.c +++ b/firmware/lib21/packed_key.c @@ -8,6 +8,7 @@ #include "2sysincludes.h" #include "2common.h" #include "2rsa.h" +#include "vb2_common.h" int vb2_unpack_key2_data(struct vb2_public_key *key, const uint8_t *key_data, |