diff options
author | Vincent Palatin <vpalatin@chromium.org> | 2015-10-15 17:54:34 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2015-10-17 09:53:07 -0700 |
commit | 27c90708e63f5f042aa52de6bc1b89c282ca8c4a (patch) | |
tree | 356818f84486955e3591c4ab974ce70639c5097a /futility/cmd_create.c | |
parent | 4d47243c9088ef295892fbc25b9c3622e43ad639 (diff) | |
download | vboot-stabilize-smaug-7566.B.tar.gz |
futility: add support for .pem with public keystabilize-smaug-7566.B
Add support for PEM file containing a RSA Public key in futility "show"
and "create" commands.
When "futility create" is given a PEM file with only a RSA public key,
generate the proper .vbpubk2 rather than failing.
BRANCH=smaug
BUG=none
TEST=make runtests
and run manually
futility show tests/testkeys/key_rsa4096.pub.pem
futility show tests/testkeys/key_rsa4096.pem
Change-Id: I707ceca54c80ba21f53869ad86c86fa23b31e665
Reviewed-on: https://chromium-review.googlesource.com/306683
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'futility/cmd_create.c')
-rw-r--r-- | futility/cmd_create.c | 52 |
1 files changed, 33 insertions, 19 deletions
diff --git a/futility/cmd_create.c b/futility/cmd_create.c index 6da59a7f..143ea9ae 100644 --- a/futility/cmd_create.c +++ b/futility/cmd_create.c @@ -169,6 +169,7 @@ static int vb2_make_keypair() uint32_t keyb_size; enum vb2_signature_algorithm sig_alg; uint8_t *pubkey_buf = 0; + int has_priv = 0; FILE *fp; int ret = 1; @@ -180,12 +181,21 @@ static int vb2_make_keypair() } rsa_key = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); - fclose(fp); if (!rsa_key) { + /* Check if the PEM contains only a public key */ + fseek(fp, 0, SEEK_SET); + rsa_key = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL); + } + fclose(fp); + if (!rsa_key) { fprintf(stderr, "Unable to read RSA key from %s\n", infile); goto done; } + /* Public keys doesn't have the private exponent */ + has_priv = !!rsa_key->d; + if (!has_priv) + fprintf(stderr, "%s has a public key only.\n", infile); sig_alg = vb2_rsa_sig_alg(rsa_key); if (sig_alg == VB2_SIG_INVALID) { @@ -193,19 +203,21 @@ static int vb2_make_keypair() goto done; } - /* Create the private key */ - privkey = calloc(1, sizeof(*privkey)); - if (!privkey) { - fprintf(stderr, "Unable to allocate the private key\n"); - goto done; - } + if (has_priv) { + /* Create the private key */ + privkey = calloc(1, sizeof(*privkey)); + if (!privkey) { + fprintf(stderr, "Unable to allocate the private key\n"); + goto done; + } - privkey->rsa_private_key = rsa_key; - privkey->sig_alg = sig_alg; - privkey->hash_alg = opt_hash_alg; - if (opt_desc && vb2_private_key_set_desc(privkey, opt_desc)) { - fprintf(stderr, "Unable to set the private key description\n"); - goto done; + privkey->rsa_private_key = rsa_key; + privkey->sig_alg = sig_alg; + privkey->hash_alg = opt_hash_alg; + if (opt_desc && vb2_private_key_set_desc(privkey, opt_desc)) { + fprintf(stderr, "Unable to set the private key description\n"); + goto done; + } } /* Create the public key */ @@ -248,16 +260,18 @@ static int vb2_make_keypair() free(digest); } - privkey->id = opt_id; memcpy((struct vb2_id *)pubkey->id, &opt_id, sizeof(opt_id)); /* Write them out */ - strcpy(outext, ".vbprik2"); - if (vb2_private_key_write(privkey, outfile)) { - fprintf(stderr, "unable to write private key\n"); - goto done; + if (has_priv) { + privkey->id = opt_id; + strcpy(outext, ".vbprik2"); + if (vb2_private_key_write(privkey, outfile)) { + fprintf(stderr, "unable to write private key\n"); + goto done; + } + fprintf(stderr, "wrote %s\n", outfile); } - fprintf(stderr, "wrote %s\n", outfile); strcpy(outext, ".vbpubk2"); if (vb2_public_key_write(pubkey, outfile)) { |