futility: Revised support for RO+RW firmware

The "rwsig" type is used for independent device firmware (not
Chromebook BIOS) that need to verify themselves instead of using
software sync.

The expected use case is that a RO firmware contains a
vb2_public_key struct along with an FMAP or other pointers to a
slot for RW firmware. The RW firmware slot reserves room for a
vb2_signature struct.

This CL changes the args and behavior of the rwsig type, so that
the RW firmware can be [re]signed independently of the rest of
the image.

BUG=chrome-os-partner:46254
BRANCH=smaug,ToT
TEST=make runtests, manual

Create a keypair:

  futility create --desc "Key One" tests/testkeys/key_rsa2048.pem foo

Sign a RW binary and build a complete image out of the parts:

  futility sign --type rwsig --prikey foo.vbprik2 rw.bin sig.bin

  dd if=/dev/zero bs=65536 count=1 of=image.bin
  dd if=rw.bin of=image.bin conv=notrunc
  dd if=sig.bin bs=$((65536 - 1024)) seek=1 of=image.bin conv=notrunc

Verify both the separate parts and the combined image:

  futility show --type rwsig --pubkey foo.vbpubk2 rw.bin sig.bin
  futility show --type rwsig --pubkey foo.vbpubk2 image.bin

Re-sign the combined image with a different keypair:

  futility create --desc "Key Two" tests/testkeys/key_rsa1024.pem bar

  futility sign --type rwsig --prikey bar.vbprik2 image.bin

Now the first key no longer verifies:

  futility show --type rwsig --pubkey foo.vbpubk2 image.bin

But the second key does:

  futility show --type rwsig --pubkey bar.vbpubk2 image.bin

Change-Id: Ifdddab08f218f506eb1dce28851b153d70140a7b
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/305980
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>

0 files changed, 0 insertions, 0 deletions