diff options
author | Randall Spangler <rspangler@chromium.org> | 2016-06-17 10:48:16 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2016-08-03 19:40:41 -0700 |
commit | 814aaf09ceecddb16a01e1cbe0df4299b83b5699 (patch) | |
tree | 2d8cdeed4ee062c83dd6e84a341ff53cf343fd1c /futility | |
parent | 31f04ada58bc67680ec9d62a404365803c76ffc1 (diff) | |
download | vboot-814aaf09ceecddb16a01e1cbe0df4299b83b5699.tar.gz |
futility: Create signatures using vboot 2.0 APIsstabilize-8688.B
Refactor futility to use only vboot 2.0 APIs to create signatures.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: I176e7f424fa556d34d8fe691df5681f1e43210ce
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356128
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Diffstat (limited to 'futility')
-rw-r--r-- | futility/cmd_show.c | 4 | ||||
-rw-r--r-- | futility/cmd_sign.c | 43 | ||||
-rw-r--r-- | futility/cmd_vbutil_firmware.c | 21 | ||||
-rw-r--r-- | futility/file_type.inc | 2 | ||||
-rw-r--r-- | futility/file_type_bios.c | 26 | ||||
-rw-r--r-- | futility/futility_options.h | 3 |
6 files changed, 62 insertions, 37 deletions
diff --git a/futility/cmd_show.c b/futility/cmd_show.c index d3cfc7fd..261197de 100644 --- a/futility/cmd_show.c +++ b/futility/cmd_show.c @@ -239,7 +239,7 @@ int ft_show_fw_preamble(const char *name, uint8_t *buf, uint32_t len, printf(" Firmware body size: %d\n", pre2->body_signature.data_size); printf(" Preamble flags: %d\n", flags); - if (flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL) { + if (flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL) { printf("Preamble requests USE_RO_NORMAL;" " skipping body verification.\n"); goto done; @@ -269,7 +269,7 @@ done: /* Can't trust the BIOS unless everything is signed (in which case * we've already returned), but standalone files are okay. */ if (state || (sign_key && good_sig)) { - if (!(flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL)) + if (!(flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL)) printf("Body verification succeeded.\n"); if (state) state->area[state->c].is_valid = 1; diff --git a/futility/cmd_sign.c b/futility/cmd_sign.c index acaa2f1d..6d448404 100644 --- a/futility/cmd_sign.c +++ b/futility/cmd_sign.c @@ -27,6 +27,7 @@ #include "kernel_blob.h" #include "util_misc.h" #include "vb1_helper.h" +#include "vb2_struct.h" #include "vb21_common.h" #include "host_key2.h" #include "vboot_common.h" @@ -80,6 +81,15 @@ int ft_sign_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data) strerror(errno)); return 1; } + sign_option.signprivate2 = vb2_read_private_key_pem( + sign_option.pem_signpriv, + sign_option.pem_algo); + if (!sign_option.signprivate2) { + fprintf(stderr, + "Unable to read PEM signing key: %s\n", + strerror(errno)); + return 1; + } vblock = KeyBlockCreate(data_key, sign_option.signprivate, sign_option.flags); @@ -244,21 +254,22 @@ int ft_sign_kern_preamble(const char *name, uint8_t *buf, uint32_t len, int ft_sign_raw_firmware(const char *name, uint8_t *buf, uint32_t len, void *data) { - VbSignature *body_sig; - VbFirmwarePreambleHeader *preamble; + struct vb2_signature *body_sig; + struct vb2_fw_preamble *preamble; int rv; - body_sig = CalculateSignature(buf, len, sign_option.signprivate); + body_sig = vb2_calculate_signature(buf, len, sign_option.signprivate2); if (!body_sig) { fprintf(stderr, "Error calculating body signature\n"); return 1; } - preamble = CreateFirmwarePreamble(sign_option.version, - sign_option.kernel_subkey, - body_sig, - sign_option.signprivate, - sign_option.flags); + preamble = vb2_create_fw_preamble( + sign_option.version, + (struct vb2_packed_key *)sign_option.kernel_subkey, + body_sig, + sign_option.signprivate2, + sign_option.flags); if (!preamble) { fprintf(stderr, "Error creating firmware preamble.\n"); free(body_sig); @@ -290,7 +301,7 @@ static const char usage_pubkey[] = "\n" " --pem_signpriv FILE.pem Signing key in PEM format...\n" " --pem_algo NUM AND the algorithm to use (0 - %d)\n" "\n" - " If a signing key is not given, the keyblock will not be signed (duh)." + " If a signing key is not given, the keyblock will not be signed." "\n\n" "And these, too:\n\n" " -f|--flags NUM Flags specifying use conditions\n" @@ -363,7 +374,7 @@ static const char usage_new_kpart[] = "\n" "Required PARAMS:\n" " -s|--signprivate FILE.vbprivk" " The private key to sign the kernel blob\n" - " -b|--keyblock FILE.keyblock The keyblock containing the public\n" + " -b|--keyblock FILE.keyblock Keyblock containing the public\n" " key to verify the kernel blob\n" " -v|--version NUM The kernel version number\n" " --bootloader FILE Bootloader stub\n" @@ -398,7 +409,7 @@ static const char usage_old_kpart[] = "\n" " in place if no OUTFILE given)\n" "\n" "Optional PARAMS:\n" - " -b|--keyblock FILE.keyblock The keyblock containing the public\n" + " -b|--keyblock FILE.keyblock Keyblock containing the public\n" " key to verify the kernel blob\n" " -v|--version NUM The kernel version number\n" " --config FILE The kernel commandline file\n" @@ -651,6 +662,11 @@ static int do_sign(int argc, char *argv[]) fprintf(stderr, "Error reading %s\n", optarg); errorcnt++; } + sign_option.signprivate2 = vb2_read_private_key(optarg); + if (!sign_option.signprivate2) { + fprintf(stderr, "Error reading %s\n", optarg); + errorcnt++; + } break; case 'b': sign_option.keyblock = KeyBlockRead(optarg); @@ -667,7 +683,8 @@ static int do_sign(int argc, char *argv[]) } break; case 'S': - sign_option.devsignprivate = PrivateKeyRead(optarg); + sign_option.devsignprivate = + vb2_read_private_key(optarg); if (!sign_option.devsignprivate) { fprintf(stderr, "Error reading %s\n", optarg); errorcnt++; @@ -1037,6 +1054,8 @@ done: if (sign_option.signprivate) free(sign_option.signprivate); + if (sign_option.signprivate2) + free(sign_option.signprivate2); if (sign_option.keyblock) free(sign_option.keyblock); if (sign_option.kernel_subkey) diff --git a/futility/cmd_vbutil_firmware.c b/futility/cmd_vbutil_firmware.c index 66a05c19..b187d270 100644 --- a/futility/cmd_vbutil_firmware.c +++ b/futility/cmd_vbutil_firmware.c @@ -92,8 +92,6 @@ static int Vblock(const char *outfile, const char *keyblock_file, VbPrivateKey *signing_key; VbPublicKey *kernel_subkey; - VbSignature *body_sig; - VbFirmwarePreambleHeader *preamble; VbKeyBlockHeader *key_block; uint64_t key_block_size; uint8_t *fv_data; @@ -127,6 +125,12 @@ static int Vblock(const char *outfile, const char *keyblock_file, VbExError("Error reading signing key.\n"); return 1; } + struct vb2_private_key *signing_key2 = + vb2_read_private_key(signprivate); + if (!signing_key2) { + VbExError("Error reading signing key.\n"); + return 1; + } kernel_subkey = PublicKeyRead(kernelkey_file); if (!kernel_subkey) { @@ -142,7 +146,8 @@ static int Vblock(const char *outfile, const char *keyblock_file, VbExError("Empty firmware volume file\n"); return 1; } - body_sig = CalculateSignature(fv_data, fv_size, signing_key); + struct vb2_signature *body_sig = + vb2_calculate_signature(fv_data, fv_size, signing_key2); if (!body_sig) { VbExError("Error calculating body signature\n"); return 1; @@ -150,10 +155,10 @@ static int Vblock(const char *outfile, const char *keyblock_file, free(fv_data); /* Create preamble */ - preamble = CreateFirmwarePreamble(version, - kernel_subkey, - body_sig, - signing_key, preamble_flags); + struct vb2_fw_preamble *preamble = + vb2_create_fw_preamble(version, + (struct vb2_packed_key *)kernel_subkey, + body_sig, signing_key2, preamble_flags); if (!preamble) { VbExError("Error creating preamble.\n"); return 1; @@ -284,7 +289,7 @@ static int Verify(const char *infile, const char *signpubkey, /* TODO: verify body size same as signature size */ /* Verify body */ - if (flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL) { + if (flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL) { printf("Preamble requests USE_RO_NORMAL;" " skipping body verification.\n"); } else if (VB2_SUCCESS == diff --git a/futility/file_type.inc b/futility/file_type.inc index fe76759e..f5a941d9 100644 --- a/futility/file_type.inc +++ b/futility/file_type.inc @@ -27,7 +27,7 @@ FILE_TYPE(GBB, "gbb", "GBB", R_(ft_recognize_gbb), S_(ft_show_gbb), NONE) -FILE_TYPE(FW_PREAMBLE, "fw_pre", "VbFirmwarePreamble (VBLOCK_A/B)", +FILE_TYPE(FW_PREAMBLE, "fw_pre", "firmware preamble (VBLOCK_A/B)", R_(ft_recognize_vblock1), S_(ft_show_fw_preamble), NONE) diff --git a/futility/file_type_bios.c b/futility/file_type_bios.c index 037a007b..dc518289 100644 --- a/futility/file_type_bios.c +++ b/futility/file_type_bios.c @@ -285,8 +285,8 @@ static int fmap_sign_fw_preamble(const char *name, uint8_t *buf, uint32_t len, goto whatever; } uint32_t more = key_block->key_block_size; - VbFirmwarePreambleHeader *preamble = - (VbFirmwarePreambleHeader *)(buf + more); + struct vb2_fw_preamble *preamble = + (struct vb2_fw_preamble *)(buf + more); uint32_t fw_size = preamble->body_signature.data_size; struct bios_area_s *fw_body_area = 0; @@ -322,23 +322,23 @@ whatever: static int write_new_preamble(struct bios_area_s *vblock, struct bios_area_s *fw_body, - VbPrivateKey *signkey, + struct vb2_private_key *signkey, VbKeyBlockHeader *keyblock) { - VbSignature *body_sig; - VbFirmwarePreambleHeader *preamble; + struct vb2_signature *body_sig; + struct vb2_fw_preamble *preamble; - body_sig = CalculateSignature(fw_body->buf, fw_body->len, signkey); + body_sig = vb2_calculate_signature(fw_body->buf, fw_body->len, signkey); if (!body_sig) { fprintf(stderr, "Error calculating body signature\n"); return 1; } - preamble = CreateFirmwarePreamble(sign_option.version, - sign_option.kernel_subkey, - body_sig, - signkey, - sign_option.flags); + preamble = vb2_create_fw_preamble(sign_option.version, + (struct vb2_packed_key *)sign_option.kernel_subkey, + body_sig, + signkey, + sign_option.flags); if (!preamble) { fprintf(stderr, "Error creating firmware preamble.\n"); free(body_sig); @@ -420,13 +420,13 @@ static int sign_bios_at_end(struct bios_state_s *state) sign_option.devkeyblock); } else { retval |= write_new_preamble(vblock_a, fw_a, - sign_option.signprivate, + sign_option.signprivate2, sign_option.keyblock); } /* FW B is always normal keys */ retval |= write_new_preamble(vblock_b, fw_b, - sign_option.signprivate, + sign_option.signprivate2, sign_option.keyblock); diff --git a/futility/futility_options.h b/futility/futility_options.h index 92d9a950..456ee342 100644 --- a/futility/futility_options.h +++ b/futility/futility_options.h @@ -34,9 +34,10 @@ extern struct show_option_s show_option; struct sign_option_s { VbPrivateKey *signprivate; + struct vb2_private_key *signprivate2; VbKeyBlockHeader *keyblock; VbPublicKey *kernel_subkey; - VbPrivateKey *devsignprivate; + struct vb2_private_key *devsignprivate; VbKeyBlockHeader *devkeyblock; uint32_t version; int version_specified; |