Clean up of key block functions

No substantial new code, just making the old code consistent.

Review URL: http://codereview.chromium.org/2729021

2 files changed, 106 insertions, 52 deletions

diff --git a/host/lib/host_common.c b/host/lib/host_common.c
index 03efd2a4..3d0a23db 100644
--- a/host/lib/host_common.c
+++ b/host/lib/host_common.c
@@ -14,58 +14,6 @@
 #include "vboot_common.h"
 
 
-VbKeyBlockHeader* CreateKeyBlock(const VbPublicKey* data_key,
-                                 const VbPrivateKey* signing_key,
-                                 uint64_t flags) {
-
-  VbKeyBlockHeader* h;
-  uint64_t signed_size = sizeof(VbKeyBlockHeader) + data_key->key_size;
-  uint64_t block_size = (signed_size + SHA512_DIGEST_SIZE +
-                         siglen_map[signing_key->algorithm]);
-  uint8_t* data_key_dest;
-  uint8_t* block_sig_dest;
-  uint8_t* block_chk_dest;
-  VbSignature *sigtmp;
-
-  /* Allocate key block */
-  h = (VbKeyBlockHeader*)Malloc(block_size);
-  if (!h)
-    return NULL;
-  data_key_dest = (uint8_t*)(h + 1);
-  block_chk_dest = data_key_dest + data_key->key_size;
-  block_sig_dest = block_chk_dest + SHA512_DIGEST_SIZE;
-
-  Memcpy(h->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE);
-  h->header_version_major = KEY_BLOCK_HEADER_VERSION_MAJOR;
-  h->header_version_minor = KEY_BLOCK_HEADER_VERSION_MINOR;
-  h->key_block_size = block_size;
-  h->key_block_flags = flags;
-
-  /* Copy data key */
-  PublicKeyInit(&h->data_key, data_key_dest, data_key->key_size);
-  PublicKeyCopy(&h->data_key, data_key);
-
-  /* Set up signature structs so we can calculate the signatures */
-  SignatureInit(&h->key_block_checksum, block_chk_dest,
-                SHA512_DIGEST_SIZE, signed_size);
-  SignatureInit(&h->key_block_signature, block_sig_dest,
-                siglen_map[signing_key->algorithm], signed_size);
-
-  /* Calculate checksum */
-  sigtmp = CalculateChecksum((uint8_t*)h, signed_size);
-  SignatureCopy(&h->key_block_checksum, sigtmp);
-  Free(sigtmp);
-
-  /* Calculate signature */
-  sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key);
-  SignatureCopy(&h->key_block_signature, sigtmp);
-  Free(sigtmp);
-
-  /* Return the header */
-  return h;
-}
-
-
 VbFirmwarePreambleHeader* CreateFirmwarePreamble(
     uint64_t firmware_version,
     const VbPublicKey* kernel_subkey,
diff --git a/host/lib/host_keyblock.c b/host/lib/host_keyblock.c
new file mode 100644
index 00000000..af59059f
--- /dev/null
+++ b/host/lib/host_keyblock.c
@@ -0,0 +1,106 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Host functions for verified boot.
+ */
+
+/* TODO: change all 'return 0', 'return 1' into meaningful return codes */
+
+#include "host_keyblock.h"
+
+#include "cryptolib.h"
+#include "host_common.h"
+#include "utility.h"
+#include "vboot_common.h"
+
+
+VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key,
+                                 const VbPrivateKey* signing_key,
+                                 uint64_t flags) {
+
+  VbKeyBlockHeader* h;
+  uint64_t signed_size = sizeof(VbKeyBlockHeader) + data_key->key_size;
+  uint64_t block_size = (signed_size + SHA512_DIGEST_SIZE +
+                         siglen_map[signing_key->algorithm]);
+  uint8_t* data_key_dest;
+  uint8_t* block_sig_dest;
+  uint8_t* block_chk_dest;
+  VbSignature *sigtmp;
+
+  /* Allocate key block */
+  h = (VbKeyBlockHeader*)Malloc(block_size);
+  if (!h)
+    return NULL;
+  data_key_dest = (uint8_t*)(h + 1);
+  block_chk_dest = data_key_dest + data_key->key_size;
+  block_sig_dest = block_chk_dest + SHA512_DIGEST_SIZE;
+
+  Memcpy(h->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE);
+  h->header_version_major = KEY_BLOCK_HEADER_VERSION_MAJOR;
+  h->header_version_minor = KEY_BLOCK_HEADER_VERSION_MINOR;
+  h->key_block_size = block_size;
+  h->key_block_flags = flags;
+
+  /* Copy data key */
+  PublicKeyInit(&h->data_key, data_key_dest, data_key->key_size);
+  PublicKeyCopy(&h->data_key, data_key);
+
+  /* Set up signature structs so we can calculate the signatures */
+  SignatureInit(&h->key_block_checksum, block_chk_dest,
+                SHA512_DIGEST_SIZE, signed_size);
+  SignatureInit(&h->key_block_signature, block_sig_dest,
+                siglen_map[signing_key->algorithm], signed_size);
+
+  /* Calculate checksum */
+  sigtmp = CalculateChecksum((uint8_t*)h, signed_size);
+  SignatureCopy(&h->key_block_checksum, sigtmp);
+  Free(sigtmp);
+
+  /* Calculate signature */
+  sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key);
+  SignatureCopy(&h->key_block_signature, sigtmp);
+  Free(sigtmp);
+
+  /* Return the header */
+  return h;
+}
+
+
+/* Read a key block from a .keyblock file.  Caller owns the returned
+ * pointer, and must free it with Free().
+ *
+ * Returns NULL if error. */
+VbKeyBlockHeader* KeyBlockRead(const char* filename) {
+
+  VbKeyBlockHeader* block;
+  uint64_t file_size;
+
+  block = (VbKeyBlockHeader*)ReadFile(filename, &file_size);
+  if (!block) {
+    debug("Error reading key block file: %s\n", filename);
+    return NULL;
+  }
+
+  /* Verify the hash of the key block, since we can do that without
+   * the public signing key. */
+  if (0 != KeyBlockVerify(block, file_size, NULL)) {
+    debug("Invalid key block file: filename\n", filename);
+    Free(block);
+    return NULL;
+  }
+
+  return block;
+}
+
+
+/* Write a key block to a file in .keyblock format. */
+int KeyBlockWrite(const char* filename, const VbKeyBlockHeader* key_block) {
+
+  if (0 != WriteFile(filename, key_block, key_block->key_block_size)) {
+    debug("KeyBlockWrite() error writing key block\n");
+    return 1;
+  }
+
+  return 0;
+}