diff options
| author | Joel Kitching <kitching@google.com> | 2019-12-12 14:45:29 +0800 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2020-02-11 02:04:10 +0000 |
| commit | 166840277a2d4806fa0d89980b3501090441d5ed (patch) | |
| tree | 66a0245aea8b0ae841143e13dfb69eb651d09522 /firmware | |
| parent | 9e39b7452393486d1a37ff9eee61906452f5d4f7 (diff) | |
| download | vboot-166840277a2d4806fa0d89980b3501090441d5ed.tar.gz | |
vboot: move vboot 2.1 functions and structs into host code
These structs and functions need to stick around for futility
to use, but they are no longer supported in firmware code.
Rename host/lib21/include/* files to end in 21 instead of 2.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I01e181e2f03553d60724fbdc826f5ada63777303
Cq-Depend: chromium:1969172
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1963621
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Diffstat (limited to 'firmware')
| -rw-r--r-- | firmware/README | 7 | ||||
| -rw-r--r-- | firmware/lib21/common.c | 303 | ||||
| -rw-r--r-- | firmware/lib21/include/vb21_common.h | 151 | ||||
| -rw-r--r-- | firmware/lib21/include/vb21_struct.h | 233 | ||||
| -rw-r--r-- | firmware/lib21/packed_key.c | 99 |
5 files changed, 0 insertions, 793 deletions
diff --git a/firmware/README b/firmware/README index 754edf1b..e5d5256b 100644 --- a/firmware/README +++ b/firmware/README @@ -34,10 +34,3 @@ lib20/ This was deployed slightly before it was ready. That's not a problem, thanks to the binary compatibility, but this directory will be abandoned Real Soon Now, except for the product support branches. - -lib21/ - - This is where the current development of the second-generation vboot API - is taking place. It uses the public (2lib/) API, but will NOT be binary - compatible with vboot1 structs. Because of the early release of the lib20 - stuff, we're actually calling this lib21. diff --git a/firmware/lib21/common.c b/firmware/lib21/common.c deleted file mode 100644 index 19f07bce..00000000 --- a/firmware/lib21/common.c +++ /dev/null @@ -1,303 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Signature validation functions - */ - -#include "2common.h" -#include "2rsa.h" -#include "2sha.h" -#include "2sysincludes.h" -#include "vb21_common.h" - -const char *vb21_common_desc(const void *buf) -{ - const struct vb21_struct_common *c = buf; - - return c->desc_size ? (const char *)c + c->fixed_size : ""; -} - -vb2_error_t vb21_verify_common_header(const void *parent, uint32_t parent_size) -{ - const struct vb21_struct_common *c = parent; - - /* Parent buffer size must be at least the claimed total size */ - if (parent_size < c->total_size) - return VB2_ERROR_COMMON_TOTAL_SIZE; - - /* - * And big enough for the fixed size, which itself must be at least as - * big as the common struct header. - */ - if (c->total_size < c->fixed_size || c->fixed_size < sizeof(*c)) - return VB2_ERROR_COMMON_FIXED_SIZE; - - /* Make sure sizes are all multiples of 32 bits */ - if (!vb2_aligned(c->total_size, sizeof(uint32_t))) - return VB2_ERROR_COMMON_TOTAL_UNALIGNED; - if (!vb2_aligned(c->fixed_size, sizeof(uint32_t))) - return VB2_ERROR_COMMON_FIXED_UNALIGNED; - if (!vb2_aligned(c->desc_size, sizeof(uint32_t))) - return VB2_ERROR_COMMON_DESC_UNALIGNED; - - /* Check description */ - if (c->desc_size > 0) { - /* Make sure description fits and doesn't wrap */ - if (c->fixed_size + c->desc_size < c->fixed_size) - return VB2_ERROR_COMMON_DESC_WRAPS; - if (c->fixed_size + c->desc_size > c->total_size) - return VB2_ERROR_COMMON_DESC_SIZE; - - /* Description must be null-terminated */ - if (vb21_common_desc(c)[c->desc_size - 1] != 0) - return VB2_ERROR_COMMON_DESC_TERMINATOR; - } - - return VB2_SUCCESS; -} - -vb2_error_t vb21_verify_common_member(const void *parent, uint32_t *min_offset, - uint32_t member_offset, - uint32_t member_size) -{ - const struct vb21_struct_common *c = parent; - uint32_t member_end = member_offset + member_size; - - /* Make sure member doesn't wrap */ - if (member_end < member_offset) - return VB2_ERROR_COMMON_MEMBER_WRAPS; - - /* Member offset and size must be 32-bit aligned */ - if (!vb2_aligned(member_offset, sizeof(uint32_t)) || - !vb2_aligned(member_size, sizeof(uint32_t))) - return VB2_ERROR_COMMON_MEMBER_UNALIGNED; - - /* Initialize minimum offset if necessary */ - if (!*min_offset) - *min_offset = c->fixed_size + c->desc_size; - - /* Member must be after minimum offset */ - if (member_offset < *min_offset) - return VB2_ERROR_COMMON_MEMBER_OVERLAP; - - /* Member must end before total size */ - if (member_end > c->total_size) - return VB2_ERROR_COMMON_MEMBER_SIZE; - - /* Update minimum offset for subsequent checks */ - *min_offset = member_end; - - return VB2_SUCCESS; -} - -vb2_error_t vb21_verify_common_subobject(const void *parent, - uint32_t *min_offset, - uint32_t member_offset) -{ - const struct vb21_struct_common *p = parent; - const struct vb21_struct_common *m = - (const struct vb21_struct_common *) - ((const uint8_t *)parent + member_offset); - vb2_error_t rv; - - /* - * Verify the parent has space at the member offset for the common - * header. - */ - rv = vb21_verify_common_member(parent, min_offset, member_offset, - sizeof(*m)); - if (rv) - return rv; - - /* - * Now it's safe to look at the member's header, and verify any - * additional data for the object past its common header fits in the - * parent. - */ - rv = vb21_verify_common_header(m, p->total_size - member_offset); - if (rv) - return rv; - - /* Advance the min offset to the end of the subobject */ - *min_offset = member_offset + m->total_size; - - return VB2_SUCCESS; -} - -uint32_t vb2_sig_size(enum vb2_signature_algorithm sig_alg, - enum vb2_hash_algorithm hash_alg) -{ - uint32_t digest_size = vb2_digest_size(hash_alg); - - /* Fail if we don't support the hash algorithm */ - if (!digest_size) - return 0; - - /* Handle unsigned hashes */ - if (sig_alg == VB2_SIG_NONE) - return digest_size; - - return vb2_rsa_sig_size(sig_alg); -} - -const struct vb2_id *vb2_hash_id(enum vb2_hash_algorithm hash_alg) -{ - switch(hash_alg) { -#ifdef VB2_SUPPORT_SHA1 - case VB2_HASH_SHA1: - { - static const struct vb2_id id = VB2_ID_NONE_SHA1; - return &id; - } -#endif -#ifdef VB2_SUPPORT_SHA256 - case VB2_HASH_SHA256: - { - static const struct vb2_id id = VB2_ID_NONE_SHA256; - return &id; - } -#endif -#ifdef VB2_SUPPORT_SHA512 - case VB2_HASH_SHA512: - { - static const struct vb2_id id = VB2_ID_NONE_SHA512; - return &id; - } -#endif - default: - return NULL; - } -} - -vb2_error_t vb21_verify_signature(const struct vb21_signature *sig, - uint32_t size) -{ - uint32_t min_offset = 0; - uint32_t expect_sig_size; - vb2_error_t rv; - - /* Check magic number */ - if (sig->c.magic != VB21_MAGIC_SIGNATURE) - return VB2_ERROR_SIG_MAGIC; - - /* Make sure common header is good */ - rv = vb21_verify_common_header(sig, size); - if (rv) - return rv; - - /* - * Check for compatible version. No need to check minor version, since - * that's compatible across readers matching the major version, and we - * haven't added any new fields. - */ - if (sig->c.struct_version_major != VB21_SIGNATURE_VERSION_MAJOR) - return VB2_ERROR_SIG_VERSION; - - /* Make sure header is big enough for signature */ - if (sig->c.fixed_size < sizeof(*sig)) - return VB2_ERROR_SIG_HEADER_SIZE; - - /* Make sure signature data is inside */ - rv = vb21_verify_common_member(sig, &min_offset, - sig->sig_offset, sig->sig_size); - if (rv) - return rv; - - /* Make sure signature size is correct for the algorithm */ - expect_sig_size = vb2_sig_size(sig->sig_alg, sig->hash_alg); - if (!expect_sig_size) - return VB2_ERROR_SIG_ALGORITHM; - if (sig->sig_size != expect_sig_size) - return VB2_ERROR_SIG_SIZE; - - return VB2_SUCCESS; -} - -/** - * Return the signature data for a signature - */ -static uint8_t *vb21_signature_data(struct vb21_signature *sig) -{ - return (uint8_t *)sig + sig->sig_offset; -} - -vb2_error_t vb21_verify_digest(const struct vb2_public_key *key, - struct vb21_signature *sig, - const uint8_t *digest, - const struct vb2_workbuf *wb) -{ - uint32_t key_sig_size = vb2_sig_size(key->sig_alg, key->hash_alg); - - /* If we can't figure out the signature size, key algorithm was bad */ - if (!key_sig_size) - return VB2_ERROR_VDATA_ALGORITHM; - - /* Make sure the signature and key algorithms match */ - if (key->sig_alg != sig->sig_alg || key->hash_alg != sig->hash_alg) - return VB2_ERROR_VDATA_ALGORITHM_MISMATCH; - - if (sig->sig_size != key_sig_size) - return VB2_ERROR_VDATA_SIG_SIZE; - - if (key->sig_alg == VB2_SIG_NONE) { - /* Bare hash */ - if (vb2_safe_memcmp(vb21_signature_data(sig), - digest, key_sig_size)) - return VB2_ERROR_VDATA_VERIFY_DIGEST; - - return VB2_SUCCESS; - } else { - /* RSA-signed digest */ - return vb2_rsa_verify_digest(key, - vb21_signature_data(sig), - digest, wb); - } -} - -vb2_error_t vb21_verify_data(const void *data, uint32_t size, - struct vb21_signature *sig, - const struct vb2_public_key *key, - const struct vb2_workbuf *wb) -{ - struct vb2_workbuf wblocal = *wb; - struct vb2_digest_context *dc; - uint8_t *digest; - uint32_t digest_size; - vb2_error_t rv; - - if (sig->data_size != size) { - VB2_DEBUG("Wrong amount of data signed.\n"); - return VB2_ERROR_VDATA_SIZE; - } - - /* Digest goes at start of work buffer */ - digest_size = vb2_digest_size(key->hash_alg); - if (!digest_size) - return VB2_ERROR_VDATA_DIGEST_SIZE; - - digest = vb2_workbuf_alloc(&wblocal, digest_size); - if (!digest) - return VB2_ERROR_VDATA_WORKBUF_DIGEST; - - /* Hashing requires temp space for the context */ - dc = vb2_workbuf_alloc(&wblocal, sizeof(*dc)); - if (!dc) - return VB2_ERROR_VDATA_WORKBUF_HASHING; - - rv = vb2_digest_init(dc, key->hash_alg); - if (rv) - return rv; - - rv = vb2_digest_extend(dc, data, size); - if (rv) - return rv; - - rv = vb2_digest_finalize(dc, digest, digest_size); - if (rv) - return rv; - - vb2_workbuf_free(&wblocal, sizeof(*dc)); - - return vb21_verify_digest(key, sig, digest, &wblocal); -} diff --git a/firmware/lib21/include/vb21_common.h b/firmware/lib21/include/vb21_common.h deleted file mode 100644 index 442ccb07..00000000 --- a/firmware/lib21/include/vb21_common.h +++ /dev/null @@ -1,151 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Common functions between firmware and kernel verified boot. - */ - -#ifndef VBOOT_REFERENCE_VB21_COMMON_H_ -#define VBOOT_REFERENCE_VB21_COMMON_H_ - -#include "2common.h" -#include "2return_codes.h" -#include "2struct.h" -#include "vb21_struct.h" - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - -/** - * Return the description of an object starting with a vb21_struct_common - * header. - * - * Does not sanity-check the buffer; merely returns the pointer. - * - * @param buf Pointer to common object - * @return A pointer to description or an empty string if none. - */ -const char *vb21_common_desc(const void *buf); - -/** - * Verify the common struct header is fully contained in its parent data - * - * Also verifies the description is either zero-length or null-terminated. - * - * @param parent Parent data - * @param parent_size Parent size in bytes - * @return VB2_SUCCESS, or non-zero if error. - */ -vb2_error_t vb21_verify_common_header(const void *parent, uint32_t parent_size); - -/** - * Verify a member is within the data for a parent object - * - * @param parent Parent data (starts with struct vb21_struct_common) - * @param min_offset Pointer to minimum offset where member can be located. - * If this offset is 0 on input, uses the size of the - * fixed header (and description, if any). This will be - * updated on return to the end of the passed member. On - * error, the value of min_offset is undefined. - * @param member_offset Offset of member data from start of parent, in bytes - * @param member_size Size of member data, in bytes - * @return VB2_SUCCESS, or non-zero if error. - */ -vb2_error_t vb21_verify_common_member(const void *parent, uint32_t *min_offset, - uint32_t member_offset, - uint32_t member_size); - -/** - * Verify a member which starts with a common header is within the parent - * - * This does not verify the contents of the member or its header, only that the - * member's claimed total size fits within the parent's claimed total size at - * the specified offset. - * - * @param parent Parent data (starts with struct vb21_struct_common) - * @param min_offset Pointer to minimum offset where member can be located. - * If this offset is 0 on input, uses the size of the - * fixed header (and description, if any). This will be - * updated on return to the end of the passed member. On - * error, the value of min_offset is undefined. - * @param member_offset Offset of member data from start of parent, in bytes. - * This should be the start of the common header of the - * member. - * @return VB2_SUCCESS, or non-zero if error. - */ -vb2_error_t vb21_verify_common_subobject(const void *parent, - uint32_t *min_offset, - uint32_t member_offset); - -/** - * Unpack a key for use in verification - * - * The elements of the unpacked key will point into the source buffer, so don't - * free the source buffer until you're done with the key. - * - * @param key Destintion for unpacked key - * @param buf Source buffer containing packed key - * @param size Size of buffer in bytes - * @return VB2_SUCCESS, or non-zero error code if error. - */ -vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf, - uint32_t size); - -/** - * Unpack the RSA data fields for a public key - * - * This is called by vb21_unpack_key() to extract the arrays from a packed key. - * These elements of *key will point inside the key_data buffer. - * - * @param key Destination key for RSA data fields - * @param key_data Packed key data (from inside a packed key buffer) - * @param key_size Size of packed key data in bytes - */ -vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key, - const uint8_t *key_data, uint32_t key_size); - -/** - * Verify the integrity of a signature struct - * @param sig Signature struct - * @param size Size of buffer containing signature struct - * @return VB2_SUCCESS, or non-zero if error. - */ -vb2_error_t vb21_verify_signature(const struct vb21_signature *sig, - uint32_t size); - -/** - * Verify a signature against an expected hash digest. - * - * @param key Key to use in signature verification - * @param sig Signature to verify (may be destroyed in process) - * @param digest Digest of signed data - * @param wb Work buffer - * @return VB2_SUCCESS, or non-zero if error. - */ -vb2_error_t vb21_verify_digest(const struct vb2_public_key *key, - struct vb21_signature *sig, - const uint8_t *digest, - const struct vb2_workbuf *wb); - -/** - * Verify data matches signature. - * - * @param data Data to verify - * @param size Size of data buffer. Note that amount of data to - * actually validate is contained in sig->data_size. - * @param sig Signature of data (destroyed in process) - * @param key Key to use to validate signature - * @param wb Work buffer - * @return VB2_SUCCESS, or non-zero error code if error. - */ -vb2_error_t vb21_verify_data(const void *data, uint32_t size, - struct vb21_signature *sig, - const struct vb2_public_key *key, - const struct vb2_workbuf *wb); - -#ifdef __cplusplus -} -#endif /* __cplusplus */ - -#endif /* VBOOT_REFERENCE_VB21_COMMON_H_ */ diff --git a/firmware/lib21/include/vb21_struct.h b/firmware/lib21/include/vb21_struct.h deleted file mode 100644 index 6f91e36c..00000000 --- a/firmware/lib21/include/vb21_struct.h +++ /dev/null @@ -1,233 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Vboot 2.1 data structures - * - * Offsets should be padded to 32-bit boundaries, since some architectures - * have trouble with accessing unaligned integers. - */ - -#ifndef VBOOT_REFERENCE_VB21_STRUCT_H_ -#define VBOOT_REFERENCE_VB21_STRUCT_H_ - -#include "2id.h" -#include "2sysincludes.h" - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - -/* - * Magic numbers used by vb21_struct_common.magic. - * - * All valid numbers should be listed here to avoid accidental overlap. - * Numbers start at a large value, so that previous parsers (which stored - * things like lengths and offsets at that field) will detect and reject new - * structs as invalid. - */ -enum vb21_struct_common_magic { - /* "Vb2I" = vb21_packed_private_key.c.magic */ - VB21_MAGIC_PACKED_PRIVATE_KEY = 0x49326256, - - /* "Vb2P" = vb21_packed_key.c.magic */ - VB21_MAGIC_PACKED_KEY = 0x50326256, - - /* "Vb2S" = vb21_signature.c.magic */ - VB21_MAGIC_SIGNATURE = 0x53326256, -}; - - -/* - * Generic struct header for all vboot2.1 structs. This makes it easy to - * automatically parse and identify vboot structs (e.g., in futility). This - * must be the first member of the parent vboot2.1 struct. - */ -struct vb21_struct_common { - /* Magic number; see vb21_struct_common_magic for expected values */ - uint32_t magic; - - /* - * Parent struct version; see each struct for the expected value. - * - * How to handle struct version mismatches, if the parser is version - * A.b and the data is version C.d: - * 1) If A.b == C.d, we're good. - * 2) If A != C, the data cannot be parsed at all. - * 3) If b < d, C.d is a newer version of data which is backwards- - * compatible to old parsers. We're good. - * 4) If b > d, C.d is an older version of data. The parser should - * use default values for fields added after version d. We're - * good. - * - * Struct versions start at 3.0, since the highest version of the old - * structures was 2.1. This way, there is no possibility of collision - * for old code which depends on the version number. - */ - uint16_t struct_version_major; - uint16_t struct_version_minor; - - /* - * Size of the parent structure and all its data, including the - * description and any necessary padding. That is, all data must lie - * in a contiguous region of <total_size> bytes starting at the first - * byte of this header. - */ - uint32_t total_size; - - /* - * Size of the fixed portion of the parent structure. If a description - * is present, it must start at this offset. - */ - uint32_t fixed_size; - - /* - * The object may contain an ASCII description following the fixed - * portion of the structure. If it is present, it must be - * null-terminated, and padded with 0 (null) bytes to a multiple of 32 - * bits. - * - * Size of ASCII description in bytes, counting null terminator and - * padding (if any). Set 0 if no description is present. If non-zero, - * there must be a null terminator (0) at offset (fixed_size + - * desc_size - 1). - */ - uint32_t desc_size; -} __attribute__((packed)); - -#define EXPECTED_VB21_STRUCT_COMMON_SIZE 20 - -/* Current version of vb21_packed_key struct */ -#define VB21_PACKED_KEY_VERSION_MAJOR 3 -#define VB21_PACKED_KEY_VERSION_MINOR 0 - -/* - * Packed public key data - * - * The key data must be arranged like this: - * 1) vb21_packed_key header struct h - * 2) Key description (pointed to by h.c.fixed_size) - * 3) Key data key (pointed to by h.key_offset) - */ -struct vb21_packed_key { - /* Common header fields */ - struct vb21_struct_common c; - - /* Offset of key data from start of this struct */ - uint32_t key_offset; - - /* Size of key data in bytes (NOT strength of key in bits) */ - uint32_t key_size; - - /* Signature algorithm used by the key (enum vb2_signature_algorithm) */ - uint16_t sig_alg; - - /* - * Hash digest algorithm used with the key (enum vb2_hash_algorithm). - * This is explicitly specified as part of the key to prevent use of a - * strong key with a weak hash. - */ - uint16_t hash_alg; - - /* Key version */ - uint32_t key_version; - - /* Key ID */ - struct vb2_id id; -} __attribute__((packed)); - -#define EXPECTED_VB21_PACKED_KEY_SIZE \ - (EXPECTED_VB21_STRUCT_COMMON_SIZE + 16 + EXPECTED_ID_SIZE) - -/* Current version of vb21_packed_private_key struct */ -#define VB21_PACKED_PRIVATE_KEY_VERSION_MAJOR 3 -#define VB21_PACKED_PRIVATE_KEY_VERSION_MINOR 0 - -/* - * Packed private key data - * - * The key data must be arranged like this: - * 1) vb21_packed_private_key header struct h - * 2) Key description (pointed to by h.c.fixed_size) - * 3) Key data key (pointed to by h.key_offset) - */ -struct vb21_packed_private_key { - /* Common header fields */ - struct vb21_struct_common c; - - /* Offset of key data from start of this struct */ - uint32_t key_offset; - - /* Size of key data in bytes (NOT strength of key in bits) */ - uint32_t key_size; - - /* Signature algorithm used by the key (enum vb2_signature_algorithm) */ - uint16_t sig_alg; - - /* - * Hash digest algorithm used with the key (enum vb2_hash_algorithm). - * This is explicitly specified as part of the key to prevent use of a - * strong key with a weak hash. - */ - uint16_t hash_alg; - - /* Key ID */ - struct vb2_id id; -} __attribute__((packed)); - -#define EXPECTED_VB21_PACKED_PRIVATE_KEY_SIZE \ - (EXPECTED_VB21_STRUCT_COMMON_SIZE + 12 + EXPECTED_ID_SIZE) - -/* Current version of vb21_signature struct */ -#define VB21_SIGNATURE_VERSION_MAJOR 3 -#define VB21_SIGNATURE_VERSION_MINOR 0 - -/* - * Signature data - * - * The signature data must be arranged like this: - * 1) vb21_signature header struct h - * 2) Signature description (pointed to by h.c.fixed_size) - * 3) Signature data (pointed to by h.sig_offset) - */ -struct vb21_signature { - /* Common header fields */ - struct vb21_struct_common c; - - /* Offset of signature data from start of this struct */ - uint32_t sig_offset; - - /* Size of signature data in bytes */ - uint32_t sig_size; - - /* Size of the data block which was signed in bytes */ - uint32_t data_size; - - /* Signature algorithm used (enum vb2_signature_algorithm) */ - uint16_t sig_alg; - - /* Hash digest algorithm used (enum vb2_hash_algorithm) */ - uint16_t hash_alg; - - /* - * ID for the signature. - * - * If this is a keyblock signature entry, this is the ID of the key - * used to generate this signature. This allows the firmware to - * quickly determine which signature block (if any) goes with the key - * being used by the firmware. - * - * If this is a preamble hash entry, this is the ID of the data type - * being hashed. There is no key ID, because sig_alg=VB2_ALG_NONE. - */ - struct vb2_id id; -} __attribute__((packed)); - -#define EXPECTED_VB21_SIGNATURE_SIZE \ - (EXPECTED_VB21_STRUCT_COMMON_SIZE + 16 + EXPECTED_ID_SIZE) - -#ifdef __cplusplus -} -#endif /* __cplusplus */ - -#endif /* VBOOT_REFERENCE_VB21_STRUCT_H_ */ diff --git a/firmware/lib21/packed_key.c b/firmware/lib21/packed_key.c deleted file mode 100644 index bb6eb042..00000000 --- a/firmware/lib21/packed_key.c +++ /dev/null @@ -1,99 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Key unpacking functions - */ - -#include "2common.h" -#include "2rsa.h" -#include "2sysincludes.h" -#include "vb21_common.h" - -vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key, - const uint8_t *key_data, uint32_t key_size) -{ - const uint32_t *buf32 = (const uint32_t *)key_data; - uint32_t expected_key_size = vb2_packed_key_size(key->sig_alg); - - /* Make sure buffer is the correct length */ - if (!expected_key_size || expected_key_size != key_size) { - VB2_DEBUG("Wrong key size for algorithm\n"); - return VB2_ERROR_UNPACK_KEY_SIZE; - } - - /* Check for alignment */ - if (!vb2_aligned(buf32, sizeof(uint32_t))) - return VB2_ERROR_UNPACK_KEY_ALIGN; - - key->arrsize = buf32[0]; - - /* Sanity check key array size */ - if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg)) - return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE; - - key->n0inv = buf32[1]; - - /* Arrays point inside the key data */ - key->n = buf32 + 2; - key->rr = buf32 + 2 + key->arrsize; - - return VB2_SUCCESS; -} - -vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf, - uint32_t size) -{ - const struct vb21_packed_key *pkey = - (const struct vb21_packed_key *)buf; - uint32_t sig_size; - uint32_t min_offset = 0; - vb2_error_t rv; - - /* Check magic number */ - if (pkey->c.magic != VB21_MAGIC_PACKED_KEY) - return VB2_ERROR_UNPACK_KEY_MAGIC; - - rv = vb21_verify_common_header(buf, size); - if (rv) - return rv; - - /* Make sure key data is inside */ - rv = vb21_verify_common_member(pkey, &min_offset, - pkey->key_offset, pkey->key_size); - if (rv) - return rv; - - /* - * Check for compatible version. No need to check minor version, since - * that's compatible across readers matching the major version, and we - * haven't added any new fields. - */ - if (pkey->c.struct_version_major != VB21_PACKED_KEY_VERSION_MAJOR) - return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION; - - /* Copy key algorithms */ - key->hash_alg = pkey->hash_alg; - if (!vb2_digest_size(key->hash_alg)) - return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM; - - key->sig_alg = pkey->sig_alg; - if (key->sig_alg != VB2_SIG_NONE) { - sig_size = vb2_rsa_sig_size(key->sig_alg); - if (!sig_size) - return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM; - rv = vb2_unpack_key_data( - key, - (const uint8_t *)pkey + pkey->key_offset, - pkey->key_size); - if (rv) - return rv; - } - - /* Key description */ - key->desc = vb21_common_desc(pkey); - key->version = pkey->key_version; - key->id = &pkey->id; - - return VB2_SUCCESS; -} |