diff options
author | Nicolas Boichat <drinkcat@google.com> | 2017-03-02 22:35:32 +0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-03-16 11:25:46 -0700 |
commit | e0a3f85a46b50bfc0197a75e800eec0ae893e466 (patch) | |
tree | c5d477820349d3c5323fbcab27fecae340f94aef /host | |
parent | 50d1282e856953616d3d3e7be31aa0f9fefd0f9a (diff) | |
download | vboot-e0a3f85a46b50bfc0197a75e800eec0ae893e466.tar.gz |
host_keyblock: Fix vb2_create_keyblock_external
939cc3a "futility: Use only vboot 2.0 APIs for keyblocks" introduced
2 subtle bugs, and we could still pass unit tests. Until we start
adding more signing algorithms and sig_data_size != 0.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: Ief95e5ab773185b59276cf06d1efaa29f1212466
Reviewed-on: https://chromium-review.googlesource.com/448399
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'host')
-rw-r--r-- | host/lib/host_keyblock.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/host/lib/host_keyblock.c b/host/lib/host_keyblock.c index fad17df4..c315aad3 100644 --- a/host/lib/host_keyblock.c +++ b/host/lib/host_keyblock.c @@ -95,7 +95,7 @@ struct vb2_keyblock *vb2_create_keyblock_external( return NULL; uint32_t signed_size = sizeof(struct vb2_keyblock) + data_key->key_size; - uint32_t sig_data_size = vb2_rsa_sig_size(algorithm); + uint32_t sig_data_size = vb2_rsa_sig_size(vb2_crypto_to_signature(algorithm)); uint32_t block_size = signed_size + VB2_SHA512_DIGEST_SIZE + sig_data_size; @@ -135,6 +135,7 @@ struct vb2_keyblock *vb2_create_keyblock_external( vb2_external_signature((uint8_t*)h, signed_size, signing_key_pem_file, algorithm, external_signer); + vb2_copy_signature(&h->keyblock_signature, sigtmp); free(sigtmp); /* Return the header */ |