futility: cmd_show uses only vboot 2.0 APIs

This removes the remaining vboot 1.0 API calls from cmd_show. BUG=chromium:611535 BRANCH=none TEST=make runtests Change-Id: I03c4260aa034100efbbea1005367cd85dfff273d Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/350173 Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
author: Randall Spangler <rspangler@chromium.org> 2016-06-03 14:00:27 -0700
committer: chrome-bot <chrome-bot@chromium.org> 2016-08-03 17:47:13 -0700
commit: 158b29672a17c1d11e182f0285e0009dd39e5204 (patch)
tree: d15e4c2e873de2dede00a9cc5cc662b1a7a4c8a0 /futility
parent: 46b77fb2f04941c869c3a98cd17e9209c36b2917 (diff)
download: vboot-158b29672a17c1d11e182f0285e0009dd39e5204.tar.gz
3 files changed, 52 insertions, 62 deletions
diff --git a/futility/cmd_show.c b/futility/cmd_show.c
index b2781809..d3cfc7fd 100644
--- a/futility/cmd_show.c
+++ b/futility/cmd_show.c
@@ -30,11 +30,10 @@
 #include "futility.h"
 #include "futility_options.h"
 #include "host_common.h"
+#include "host_key2.h"
 #include "util_misc.h"
 #include "vb1_helper.h"
 #include "vb2_common.h"
-#include "vboot_common.h"
-#include "host_key2.h"
 
 /* Options */
 struct show_option_s show_option = {
@@ -43,7 +42,7 @@ struct show_option_s show_option = {
 };
 
 /* Shared work buffer */
-static uint8_t workbuf[VB2_WORKBUF_RECOMMENDED_SIZE];
+static uint8_t workbuf[VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE];
 static struct vb2_workbuf wb;
 
 void show_pubkey(const struct vb2_packed_key *pubkey, const char *sp)
@@ -102,30 +101,24 @@ int ft_show_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data)
 
 int ft_show_privkey(const char *name, uint8_t *buf, uint32_t len, void *data)
 {
-	VbPrivateKey key;
-	const unsigned char *start;
+	struct vb2_packed_private_key *pkey =
+		(struct vb2_packed_private_key *)buf;
+	struct vb2_private_key key;
+	const unsigned char *start = pkey->key_data;
 
-	key.algorithm = *(typeof(key.algorithm) *)buf;
-	start = buf + sizeof(key.algorithm);
-	if (len <= sizeof(key.algorithm)) {
+	if (len <= sizeof(*pkey)) {
 		printf("%s looks bogus\n", name);
 		return 1;
 	}
-	len -= sizeof(key.algorithm);
+	len -= sizeof(*pkey);
 	key.rsa_private_key = d2i_RSAPrivateKey(NULL, &start, len);
 
 	printf("Private Key file:      %s\n", name);
 	printf("  Vboot API:           1.0\n");
-	printf("  Algorithm:           %" PRIu64 " %s\n", key.algorithm,
-	       vb1_crypto_name(key.algorithm));
-	printf("  Key sha1sum:         ");
-	if (key.rsa_private_key) {
-		PrintPrivKeySha1Sum(&key);
-		RSA_free(key.rsa_private_key);
-	} else {
-		printf("<error>");
-	}
-	printf("\n");
+	printf("  Algorithm:           %u %s\n", pkey->algorithm,
+	       vb1_crypto_name(pkey->algorithm));
+	printf("  Key sha1sum:         %s\n",
+	       private_key_sha1_string(&key));
 
 	return 0;
 }
@@ -294,13 +287,7 @@ int ft_show_kernel_preamble(const char *name, uint8_t *buf, uint32_t len,
 {
 	struct vb2_keyblock *keyblock = (struct vb2_keyblock *)buf;
 	struct vb2_public_key *sign_key = show_option.k;
-	uint8_t *kernel_blob = 0;
-	uint64_t kernel_size = 0;
-	int good_sig = 0;
 	int retval = 0;
-	uint64_t vmlinuz_header_size = 0;
-	uint64_t vmlinuz_header_address = 0;
-	uint32_t flags = 0;
 
 	/* Check the hash... */
 	if (VB2_SUCCESS != vb2_verify_keyblock_hash(keyblock, len, &wb)) {
@@ -309,6 +296,7 @@ int ft_show_kernel_preamble(const char *name, uint8_t *buf, uint32_t len,
 	}
 
 	/* If we have a key, check the signature too */
+	int good_sig = 0;
 	if (sign_key && VB2_SUCCESS ==
 	    vb2_verify_keyblock(keyblock, len, sign_key, &wb))
 		good_sig = 1;
@@ -319,57 +307,56 @@ int ft_show_kernel_preamble(const char *name, uint8_t *buf, uint32_t len,
 	if (show_option.strict && (!sign_key || !good_sig))
 		retval = 1;
 
-	RSAPublicKey *rsa = PublicKeyToRSA((VbPublicKey *)&keyblock->data_key);
-	if (!rsa) {
+	struct vb2_public_key data_key;
+	if (VB2_SUCCESS !=
+	    vb2_unpack_key(&data_key, (const uint8_t *)&keyblock->data_key,
+			   keyblock->data_key.key_offset +
+			   keyblock->data_key.key_size)) {
 		fprintf(stderr, "Error parsing data key in %s\n", name);
 		return 1;
 	}
+
 	uint32_t more = keyblock->keyblock_size;
-	VbKernelPreambleHeader *preamble =
-		(VbKernelPreambleHeader *)(buf + more);
+	struct vb2_kernel_preamble *pre2 =
+		(struct vb2_kernel_preamble *)(buf + more);
 
-	if (VBOOT_SUCCESS != VerifyKernelPreamble(preamble,
-						    len - more, rsa)) {
+	if (VB2_SUCCESS != vb2_verify_kernel_preamble(pre2, len - more,
+						      &data_key, &wb)) {
 		printf("%s is invalid\n", name);
 		return 1;
 	}
 
 	printf("Kernel Preamble:\n");
-	printf("  Size:                  0x%" PRIx64 "\n",
-	       preamble->preamble_size);
-	printf("  Header version:        %" PRIu32 ".%" PRIu32 "\n",
-	       preamble->header_version_major,
-	       preamble->header_version_minor);
-	printf("  Kernel version:        %" PRIu64 "\n",
-	       preamble->kernel_version);
+	printf("  Size:                  0x%x\n", pre2->preamble_size);
+	printf("  Header version:        %u.%u\n",
+	       pre2->header_version_major,
+	       pre2->header_version_minor);
+	printf("  Kernel version:        %u\n", pre2->kernel_version);
 	printf("  Body load address:     0x%" PRIx64 "\n",
-	       preamble->body_load_address);
-	printf("  Body size:             0x%" PRIx64 "\n",
-	       preamble->body_signature.data_size);
+	       pre2->body_load_address);
+	printf("  Body size:             0x%x\n",
+	       pre2->body_signature.data_size);
 	printf("  Bootloader address:    0x%" PRIx64 "\n",
-	       preamble->bootloader_address);
-	printf("  Bootloader size:       0x%" PRIx64 "\n",
-	       preamble->bootloader_size);
-
-	if (VbGetKernelVmlinuzHeader(preamble,
-				     &vmlinuz_header_address,
-				     &vmlinuz_header_size)
-	    != VBOOT_SUCCESS) {
-		fprintf(stderr, "Unable to retrieve Vmlinuz Header!");
-		return 1;
-	}
+	       pre2->bootloader_address);
+	printf("  Bootloader size:       0x%x\n", pre2->bootloader_size);
+
+	uint64_t vmlinuz_header_address = 0;
+	uint32_t vmlinuz_header_size = 0;
+	vb2_kernel_get_vmlinuz_header(pre2,
+				      &vmlinuz_header_address,
+				      &vmlinuz_header_size);
 	if (vmlinuz_header_size) {
 		printf("  Vmlinuz_header address:    0x%" PRIx64 "\n",
 		       vmlinuz_header_address);
-		printf("  Vmlinuz header size:       0x%" PRIx64 "\n",
+		printf("  Vmlinuz header size:       0x%x\n",
 		       vmlinuz_header_size);
 	}
 
-	if (VbKernelHasFlags(preamble) == VBOOT_SUCCESS)
-		flags = preamble->flags;
-	printf("  Flags:                 0x%" PRIx32 "\n", flags);
+	printf("  Flags:                 0x%x\n", vb2_kernel_get_flags(pre2));
 
 	/* Verify kernel body */
+	uint8_t *kernel_blob = 0;
+	uint64_t kernel_size = 0;
 	if (show_option.fv) {
 		/* It's in a separate file, which we've already read in */
 		kernel_blob = show_option.fv;
@@ -386,15 +373,16 @@ int ft_show_kernel_preamble(const char *name, uint8_t *buf, uint32_t len,
 		return 1;
 	}
 
-	if (0 != VerifyData(kernel_blob, kernel_size,
-			    &preamble->body_signature, rsa)) {
+	if (VB2_SUCCESS !=
+	    vb2_verify_data(kernel_blob, kernel_size, &pre2->body_signature,
+			    &data_key, &wb)) {
 		fprintf(stderr, "Error verifying kernel body.\n");
 		return 1;
 	}
 
 	printf("Body verification succeeded.\n");
 
-	printf("Config:\n%s\n", kernel_blob + KernelCmdLineOffset(preamble));
+	printf("Config:\n%s\n", kernel_blob + kernel_cmd_line_offset(pre2));
 
 	return retval;
 }
diff --git a/futility/vb1_helper.c b/futility/vb1_helper.c
index c4cdda21..13c5f5e6 100644
--- a/futility/vb1_helper.c
+++ b/futility/vb1_helper.c
@@ -130,7 +130,7 @@ static unsigned int find_cmdline_start(uint8_t *buf_ptr, unsigned int max_len)
 }
 
 /* Offset of kernel command line string from the start of the kernel blob */
-uint64_t KernelCmdLineOffset(VbKernelPreambleHeader *preamble)
+uint64_t kernel_cmd_line_offset(const struct vb2_kernel_preamble *preamble)
 {
 	return preamble->bootloader_address - preamble->body_load_address -
 	    CROS_CONFIG_SIZE - CROS_PARAMS_SIZE;
@@ -628,7 +628,8 @@ int VerifyKernelBlob(uint8_t *kernel_blob,
 	}
 	printf("Body verification succeeded.\n");
 
-	printf("Config:\n%s\n", kernel_blob + KernelCmdLineOffset(g_preamble));
+	printf("Config:\n%s\n", kernel_blob + kernel_cmd_line_offset(
+		     (struct vb2_kernel_preamble *)g_preamble));
 
 	rv = 0;
 done:
diff --git a/futility/vb1_helper.h b/futility/vb1_helper.h
index fbe36184..8f3b5000 100644
--- a/futility/vb1_helper.h
+++ b/futility/vb1_helper.h
@@ -6,6 +6,7 @@
 #ifndef VBOOT_REFERENCE_FUTILITY_VB1_HELPER_H_
 #define VBOOT_REFERENCE_FUTILITY_VB1_HELPER_H_
 
+struct vb2_kernel_preamble;
 struct vb2_packed_key;
 
 /**
@@ -54,6 +55,6 @@ int VerifyKernelBlob(uint8_t *kernel_blob,
 		     const char *keyblock_outfile,
 		     uint64_t min_version);
 
-uint64_t KernelCmdLineOffset(VbKernelPreambleHeader *preamble);
+uint64_t kernel_cmd_line_offset(const struct vb2_kernel_preamble *preamble);
 
 #endif	/* VBOOT_REFERENCE_FUTILITY_VB1_HELPER_H_ */
author	Randall Spangler <rspangler@chromium.org>	2016-06-03 14:00:27 -0700
committer	chrome-bot <chrome-bot@chromium.org>	2016-08-03 17:47:13 -0700
commit	158b29672a17c1d11e182f0285e0009dd39e5204 (patch)
tree	d15e4c2e873de2dede00a9cc5cc662b1a7a4c8a0 /futility
parent	46b77fb2f04941c869c3a98cd17e9209c36b2917 (diff)
download	vboot-158b29672a17c1d11e182f0285e0009dd39e5204.tar.gz