diff options
author | Bill Richardson <wfrichar@chromium.org> | 2012-05-03 08:40:44 -0700 |
---|---|---|
committer | Gerrit <chrome-bot@google.com> | 2012-05-04 12:16:45 -0700 |
commit | 2448d3b3bc8e80232e7943c16b41eaab19faa1a2 (patch) | |
tree | 602ed9451ec91f58fd60ab055ab9f531f50a921e /host | |
parent | f47291926afce3235421f73811a04324195f3e13 (diff) | |
download | vboot-2448d3b3bc8e80232e7943c16b41eaab19faa1a2.tar.gz |
Create vbutil_ec tool for signing EC firmware.
This just adds the vbutil_ec tool (and a simple test of the library
functions related to it).
BUG=chrome-os-partner:7459, chromium-os:27142
TEST=manual
make
make runtests
Change-Id: I2a2c4e7cfb8ac6ce2229c5de4252a5cc89321fa5
Reviewed-on: https://gerrit.chromium.org/gerrit/21868
Commit-Ready: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Diffstat (limited to 'host')
-rw-r--r-- | host/include/host_common.h | 12 | ||||
-rw-r--r-- | host/include/host_signature.h | 7 | ||||
-rw-r--r-- | host/lib/host_common.c | 48 | ||||
-rw-r--r-- | host/lib/host_signature.c | 26 |
4 files changed, 93 insertions, 0 deletions
diff --git a/host/include/host_common.h b/host/include/host_common.h index 5d206301..6fa8b3e3 100644 --- a/host/include/host_common.h +++ b/host/include/host_common.h @@ -22,6 +22,18 @@ #include "vboot_struct.h" +/* Creates an EC preamble, signed with [signing_key]. + * Caller owns the returned pointer, and must free it with Free(). + * + * Returns NULL if error. */ +VbECPreambleHeader* CreateECPreamble( + uint64_t firmware_version, + const VbSignature* body_signature, + const VbPrivateKey* signing_key, + uint32_t flags, + const char* name); + + /* Creates a firmware preamble, signed with [signing_key]. * Caller owns the returned pointer, and must free it with Free(). * diff --git a/host/include/host_signature.h b/host/include/host_signature.h index f08547c8..fb03c6c5 100644 --- a/host/include/host_signature.h +++ b/host/include/host_signature.h @@ -36,6 +36,13 @@ int SignatureCopy(VbSignature* dest, const VbSignature* src); VbSignature* CalculateChecksum(const uint8_t* data, uint64_t size); +/* Calculates a hash of the data using the algorithm from the specified key. + * Caller owns the returned pointer, and must free it with Free(). + * + * Returns NULL on error. */ +VbSignature* CalculateHash(const uint8_t* data, uint64_t size, + const VbPrivateKey* key); + /* Calculates a signature for the data using the specified key. * Caller owns the returned pointer, and must free it with Free(). * diff --git a/host/lib/host_common.c b/host/lib/host_common.c index cb513922..3aceddd6 100644 --- a/host/lib/host_common.c +++ b/host/lib/host_common.c @@ -6,6 +6,7 @@ */ /* TODO: change all 'return 0', 'return 1' into meaningful return codes */ +#include <string.h> #include "host_common.h" @@ -13,6 +14,53 @@ #include "utility.h" #include "vboot_common.h" +VbECPreambleHeader* CreateECPreamble( + uint64_t firmware_version, + const VbSignature* body_digest, + const VbPrivateKey* signing_key, + uint32_t flags, + const char* name) { + + VbECPreambleHeader* h; + uint64_t signed_size = (sizeof(VbECPreambleHeader) + body_digest->sig_size); + uint64_t block_size = signed_size + siglen_map[signing_key->algorithm]; + uint8_t* body_digest_dest; + uint8_t* block_sig_dest; + VbSignature *sigtmp; + + /* Allocate key block */ + h = (VbECPreambleHeader*)malloc(block_size); + if (!h) + return NULL; + Memset(h, 0, block_size); + body_digest_dest = (uint8_t*)(h + 1); + block_sig_dest = body_digest_dest + body_digest->sig_size; + + h->header_version_major = EC_PREAMBLE_HEADER_VERSION_MAJOR; + h->header_version_minor = EC_PREAMBLE_HEADER_VERSION_MINOR; + h->preamble_size = block_size; + h->firmware_version = firmware_version; + h->flags = flags; + if (name) + strncpy(h->name, name, sizeof(h->name)); + + /* Copy body hash */ + SignatureInit(&h->body_digest, body_digest_dest, + body_digest->sig_size, 0); + SignatureCopy(&h->body_digest, body_digest); + + /* Set up signature struct so we can calculate the signature */ + SignatureInit(&h->preamble_signature, block_sig_dest, + siglen_map[signing_key->algorithm], signed_size); + + /* Calculate signature */ + sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key); + SignatureCopy(&h->preamble_signature, sigtmp); + free(sigtmp); + + /* Return the header */ + return h; +} VbFirmwarePreambleHeader* CreateFirmwarePreamble( uint64_t firmware_version, diff --git a/host/lib/host_signature.c b/host/lib/host_signature.c index 4dbac49a..0ebbca68 100644 --- a/host/lib/host_signature.c +++ b/host/lib/host_signature.c @@ -78,6 +78,32 @@ VbSignature* CalculateChecksum(const uint8_t* data, uint64_t size) { return sig; } +VbSignature* CalculateHash(const uint8_t* data, uint64_t size, + const VbPrivateKey* key) { + uint8_t* digest = NULL; + int digest_size = hash_size_map[key->algorithm]; + VbSignature* sig = NULL; + + /* Calculate the digest */ + digest = DigestBuf(data, size, key->algorithm); + if (!digest) + return NULL; + + /* Allocate output signature */ + sig = SignatureAlloc(digest_size, size); + if (!sig) { + free(digest); + return NULL; + } + + /* The digest itself is the signature data */ + Memcpy(GetSignatureData(sig), digest, digest_size); + free(digest); + + /* Return the signature */ + return sig; +} + VbSignature* CalculateSignature(const uint8_t* data, uint64_t size, const VbPrivateKey* key) { |