diff options
author | Bill Richardson <wfrichar@chromium.org> | 2015-10-12 13:58:12 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2015-10-13 20:22:04 -0700 |
commit | 7ed261297f7b730e9f545ba59cbe2ed216850e19 (patch) | |
tree | 32de7b1658af2d9ee19158284ffcd2b8f7cd72b7 /futility/futility_options.h | |
parent | 12a55f255aaea2f12362e4f832a0bd48eb29f5dd (diff) | |
download | vboot-stabilize-smaug-7547.B.tar.gz |
futility: Support for signing RO+RW firmwarestabilize-smaug-7547.B
This adds the "rwsig" type, with initial support for RO+RW
firmware images that need to verify themselves instead of using
software sync. This uses our vb2 structs instead of raw binary
blobs. That will help us locate, identify, and verify the keys
and signatures in the signed firmware images.
BUG=chrome-os-partner:46254
BRANCH=smaug,ToT
TEST=make runtests
I also hacked up a test board with the EC-side signature
verification routines from a preliminary CL and tested this
signing scheme with that. It works.
Additional work is needed to make this seamless, but you can try
it out like so:
futility create ./tests/testkeys/key_rsa2048.pem foo
futility sign --type rwsig --prikey foo.vbprik2 --pubkey foo.vbpubk2 ec.bin
Change-Id: I876ab312a2b0b36411c5f739fe3252529728d034
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/305394
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'futility/futility_options.h')
-rw-r--r-- | futility/futility_options.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/futility/futility_options.h b/futility/futility_options.h index c8d0a8a6..e02ef2f6 100644 --- a/futility/futility_options.h +++ b/futility/futility_options.h @@ -16,6 +16,9 @@ #include "file_type.h" #include "2rsa.h" +struct vb2_private_key; +struct vb2_packed_key; + struct show_option_s { VbPublicKey *k; uint8_t *fv; @@ -58,6 +61,9 @@ struct sign_option_s { enum vb2_hash_algorithm hash_alg; uint32_t ro_size, rw_size; uint32_t ro_offset, rw_offset; + uint32_t pkey_offset, sig_offset; + struct vb2_private_key *prikey; + struct vb2_packed_key *pkey; }; extern struct sign_option_s sign_option; |