futility: Create signatures using vboot 2.0 APIsstabilize-8688.B

Refactor futility to use only vboot 2.0 APIs to create signatures. BUG=chromium:611535 BRANCH=none TEST=make runtests Change-Id: I176e7f424fa556d34d8fe691df5681f1e43210ce Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/356128 Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
author: Randall Spangler <rspangler@chromium.org> 2016-06-17 10:48:16 -0700
committer: chrome-bot <chrome-bot@chromium.org> 2016-08-03 19:40:41 -0700
commit: 814aaf09ceecddb16a01e1cbe0df4299b83b5699 (patch)
tree: 2d8cdeed4ee062c83dd6e84a341ff53cf343fd1c /futility
parent: 31f04ada58bc67680ec9d62a404365803c76ffc1 (diff)
download: vboot-814aaf09ceecddb16a01e1cbe0df4299b83b5699.tar.gz
6 files changed, 62 insertions, 37 deletions
diff --git a/futility/cmd_show.c b/futility/cmd_show.c
index d3cfc7fd..261197de 100644
--- a/futility/cmd_show.c
+++ b/futility/cmd_show.c
@@ -239,7 +239,7 @@ int ft_show_fw_preamble(const char *name, uint8_t *buf, uint32_t len,
 	printf("  Firmware body size:    %d\n", pre2->body_signature.data_size);
 	printf("  Preamble flags:        %d\n", flags);
 
-	if (flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
+	if (flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
 		printf("Preamble requests USE_RO_NORMAL;"
 		       " skipping body verification.\n");
 		goto done;
@@ -269,7 +269,7 @@ done:
 	/* Can't trust the BIOS unless everything is signed (in which case
 	 * we've already returned), but standalone files are okay. */
 	if (state || (sign_key && good_sig)) {
-		if (!(flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL))
+		if (!(flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL))
 			printf("Body verification succeeded.\n");
 		if (state)
 			state->area[state->c].is_valid = 1;
diff --git a/futility/cmd_sign.c b/futility/cmd_sign.c
index acaa2f1d..6d448404 100644
--- a/futility/cmd_sign.c
+++ b/futility/cmd_sign.c
@@ -27,6 +27,7 @@
 #include "kernel_blob.h"
 #include "util_misc.h"
 #include "vb1_helper.h"
+#include "vb2_struct.h"
 #include "vb21_common.h"
 #include "host_key2.h"
 #include "vboot_common.h"
@@ -80,6 +81,15 @@ int ft_sign_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data)
 					strerror(errno));
 				return 1;
 			}
+			sign_option.signprivate2 = vb2_read_private_key_pem(
+				sign_option.pem_signpriv,
+				sign_option.pem_algo);
+			if (!sign_option.signprivate2) {
+				fprintf(stderr,
+ 					"Unable to read PEM signing key: %s\n",
+					strerror(errno));
+				return 1;
+			}
 			vblock = KeyBlockCreate(data_key,
 						sign_option.signprivate,
 						sign_option.flags);
@@ -244,21 +254,22 @@ int ft_sign_kern_preamble(const char *name, uint8_t *buf, uint32_t len,
 int ft_sign_raw_firmware(const char *name, uint8_t *buf, uint32_t len,
 			 void *data)
 {
-	VbSignature *body_sig;
-	VbFirmwarePreambleHeader *preamble;
+	struct vb2_signature *body_sig;
+	struct vb2_fw_preamble *preamble;
 	int rv;
 
-	body_sig = CalculateSignature(buf, len, sign_option.signprivate);
+	body_sig = vb2_calculate_signature(buf, len, sign_option.signprivate2);
 	if (!body_sig) {
 		fprintf(stderr, "Error calculating body signature\n");
 		return 1;
 	}
 
-	preamble = CreateFirmwarePreamble(sign_option.version,
-					  sign_option.kernel_subkey,
-					  body_sig,
-					  sign_option.signprivate,
-					  sign_option.flags);
+	preamble = vb2_create_fw_preamble(
+			sign_option.version,
+			(struct vb2_packed_key *)sign_option.kernel_subkey,
+			body_sig,
+			sign_option.signprivate2,
+			sign_option.flags);
 	if (!preamble) {
 		fprintf(stderr, "Error creating firmware preamble.\n");
 		free(body_sig);
@@ -290,7 +301,7 @@ static const char usage_pubkey[] = "\n"
 	"    --pem_signpriv   FILE.pem      Signing key in PEM format...\n"
 	"    --pem_algo       NUM           AND the algorithm to use (0 - %d)\n"
 	"\n"
-	"  If a signing key is not given, the keyblock will not be signed (duh)."
+	"  If a signing key is not given, the keyblock will not be signed."
 	"\n\n"
 	"And these, too:\n\n"
 	"  -f|--flags       NUM             Flags specifying use conditions\n"
@@ -363,7 +374,7 @@ static const char usage_new_kpart[] = "\n"
 	"Required PARAMS:\n"
 	"  -s|--signprivate FILE.vbprivk"
 	"    The private key to sign the kernel blob\n"
-	"  -b|--keyblock    FILE.keyblock   The keyblock containing the public\n"
+	"  -b|--keyblock    FILE.keyblock   Keyblock containing the public\n"
 	"                                     key to verify the kernel blob\n"
 	"  -v|--version     NUM             The kernel version number\n"
 	"  --bootloader     FILE            Bootloader stub\n"
@@ -398,7 +409,7 @@ static const char usage_old_kpart[] = "\n"
 	"                                     in place if no OUTFILE given)\n"
 	"\n"
 	"Optional PARAMS:\n"
-	"  -b|--keyblock    FILE.keyblock   The keyblock containing the public\n"
+	"  -b|--keyblock    FILE.keyblock   Keyblock containing the public\n"
 	"                                     key to verify the kernel blob\n"
 	"  -v|--version     NUM             The kernel version number\n"
 	"  --config         FILE            The kernel commandline file\n"
@@ -651,6 +662,11 @@ static int do_sign(int argc, char *argv[])
 				fprintf(stderr, "Error reading %s\n", optarg);
 				errorcnt++;
 			}
+			sign_option.signprivate2 = vb2_read_private_key(optarg);
+			if (!sign_option.signprivate2) {
+				fprintf(stderr, "Error reading %s\n", optarg);
+				errorcnt++;
+			}
 			break;
 		case 'b':
 			sign_option.keyblock = KeyBlockRead(optarg);
@@ -667,7 +683,8 @@ static int do_sign(int argc, char *argv[])
 			}
 			break;
 		case 'S':
-			sign_option.devsignprivate = PrivateKeyRead(optarg);
+			sign_option.devsignprivate =
+				vb2_read_private_key(optarg);
 			if (!sign_option.devsignprivate) {
 				fprintf(stderr, "Error reading %s\n", optarg);
 				errorcnt++;
@@ -1037,6 +1054,8 @@ done:
 
 	if (sign_option.signprivate)
 		free(sign_option.signprivate);
+	if (sign_option.signprivate2)
+		free(sign_option.signprivate2);
 	if (sign_option.keyblock)
 		free(sign_option.keyblock);
 	if (sign_option.kernel_subkey)
diff --git a/futility/cmd_vbutil_firmware.c b/futility/cmd_vbutil_firmware.c
index 66a05c19..b187d270 100644
--- a/futility/cmd_vbutil_firmware.c
+++ b/futility/cmd_vbutil_firmware.c
@@ -92,8 +92,6 @@ static int Vblock(const char *outfile, const char *keyblock_file,
 
 	VbPrivateKey *signing_key;
 	VbPublicKey *kernel_subkey;
-	VbSignature *body_sig;
-	VbFirmwarePreambleHeader *preamble;
 	VbKeyBlockHeader *key_block;
 	uint64_t key_block_size;
 	uint8_t *fv_data;
@@ -127,6 +125,12 @@ static int Vblock(const char *outfile, const char *keyblock_file,
 		VbExError("Error reading signing key.\n");
 		return 1;
 	}
+	struct vb2_private_key *signing_key2 =
+		vb2_read_private_key(signprivate);
+	if (!signing_key2) {
+		VbExError("Error reading signing key.\n");
+		return 1;
+	}
 
 	kernel_subkey = PublicKeyRead(kernelkey_file);
 	if (!kernel_subkey) {
@@ -142,7 +146,8 @@ static int Vblock(const char *outfile, const char *keyblock_file,
 		VbExError("Empty firmware volume file\n");
 		return 1;
 	}
-	body_sig = CalculateSignature(fv_data, fv_size, signing_key);
+	struct vb2_signature *body_sig =
+		vb2_calculate_signature(fv_data, fv_size, signing_key2);
 	if (!body_sig) {
 		VbExError("Error calculating body signature\n");
 		return 1;
@@ -150,10 +155,10 @@ static int Vblock(const char *outfile, const char *keyblock_file,
 	free(fv_data);
 
 	/* Create preamble */
-	preamble = CreateFirmwarePreamble(version,
-					  kernel_subkey,
-					  body_sig,
-					  signing_key, preamble_flags);
+	struct vb2_fw_preamble *preamble =
+		vb2_create_fw_preamble(version,
+				       (struct vb2_packed_key *)kernel_subkey,
+				       body_sig, signing_key2, preamble_flags);
 	if (!preamble) {
 		VbExError("Error creating preamble.\n");
 		return 1;
@@ -284,7 +289,7 @@ static int Verify(const char *infile, const char *signpubkey,
 	/* TODO: verify body size same as signature size */
 
 	/* Verify body */
-	if (flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
+	if (flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
 		printf("Preamble requests USE_RO_NORMAL;"
 		       " skipping body verification.\n");
 	} else if (VB2_SUCCESS ==
diff --git a/futility/file_type.inc b/futility/file_type.inc
index fe76759e..f5a941d9 100644
--- a/futility/file_type.inc
+++ b/futility/file_type.inc
@@ -27,7 +27,7 @@ FILE_TYPE(GBB,              "gbb",           "GBB",
 	  R_(ft_recognize_gbb),
 	  S_(ft_show_gbb),
 	  NONE)
-FILE_TYPE(FW_PREAMBLE,      "fw_pre",        "VbFirmwarePreamble (VBLOCK_A/B)",
+FILE_TYPE(FW_PREAMBLE,      "fw_pre",        "firmware preamble (VBLOCK_A/B)",
 	  R_(ft_recognize_vblock1),
 	  S_(ft_show_fw_preamble),
 	  NONE)
diff --git a/futility/file_type_bios.c b/futility/file_type_bios.c
index 037a007b..dc518289 100644
--- a/futility/file_type_bios.c
+++ b/futility/file_type_bios.c
@@ -285,8 +285,8 @@ static int fmap_sign_fw_preamble(const char *name, uint8_t *buf, uint32_t len,
 		goto whatever;
 	}
 	uint32_t more = key_block->key_block_size;
-	VbFirmwarePreambleHeader *preamble =
-		(VbFirmwarePreambleHeader *)(buf + more);
+	struct vb2_fw_preamble *preamble =
+		(struct vb2_fw_preamble *)(buf + more);
 	uint32_t fw_size = preamble->body_signature.data_size;
 	struct bios_area_s *fw_body_area = 0;
 
@@ -322,23 +322,23 @@ whatever:
 
 static int write_new_preamble(struct bios_area_s *vblock,
 			      struct bios_area_s *fw_body,
-			      VbPrivateKey *signkey,
+			      struct vb2_private_key *signkey,
 			      VbKeyBlockHeader *keyblock)
 {
-	VbSignature *body_sig;
-	VbFirmwarePreambleHeader *preamble;
+	struct vb2_signature *body_sig;
+	struct vb2_fw_preamble *preamble;
 
-	body_sig = CalculateSignature(fw_body->buf, fw_body->len, signkey);
+	body_sig = vb2_calculate_signature(fw_body->buf, fw_body->len, signkey);
 	if (!body_sig) {
 		fprintf(stderr, "Error calculating body signature\n");
 		return 1;
 	}
 
-	preamble = CreateFirmwarePreamble(sign_option.version,
-					  sign_option.kernel_subkey,
-					  body_sig,
-					  signkey,
-					  sign_option.flags);
+	preamble = vb2_create_fw_preamble(sign_option.version,
+			(struct vb2_packed_key *)sign_option.kernel_subkey,
+			body_sig,
+			signkey,
+			sign_option.flags);
 	if (!preamble) {
 		fprintf(stderr, "Error creating firmware preamble.\n");
 		free(body_sig);
@@ -420,13 +420,13 @@ static int sign_bios_at_end(struct bios_state_s *state)
 					     sign_option.devkeyblock);
 	} else {
 		retval |= write_new_preamble(vblock_a, fw_a,
-					     sign_option.signprivate,
+					     sign_option.signprivate2,
 					     sign_option.keyblock);
 	}
 
 	/* FW B is always normal keys */
 	retval |= write_new_preamble(vblock_b, fw_b,
-				     sign_option.signprivate,
+				     sign_option.signprivate2,
 				     sign_option.keyblock);
 
 
diff --git a/futility/futility_options.h b/futility/futility_options.h
index 92d9a950..456ee342 100644
--- a/futility/futility_options.h
+++ b/futility/futility_options.h
@@ -34,9 +34,10 @@ extern struct show_option_s show_option;
 
 struct sign_option_s {
 	VbPrivateKey *signprivate;
+	struct vb2_private_key *signprivate2;
 	VbKeyBlockHeader *keyblock;
 	VbPublicKey *kernel_subkey;
-	VbPrivateKey *devsignprivate;
+	struct vb2_private_key *devsignprivate;
 	VbKeyBlockHeader *devkeyblock;
 	uint32_t version;
 	int version_specified;
author	Randall Spangler <rspangler@chromium.org>	2016-06-17 10:48:16 -0700
committer	chrome-bot <chrome-bot@chromium.org>	2016-08-03 19:40:41 -0700
commit	814aaf09ceecddb16a01e1cbe0df4299b83b5699 (patch)
tree	2d8cdeed4ee062c83dd6e84a341ff53cf343fd1c /futility
parent	31f04ada58bc67680ec9d62a404365803c76ffc1 (diff)
download	vboot-814aaf09ceecddb16a01e1cbe0df4299b83b5699.tar.gz