diff options
| -rw-r--r-- | firmware/2lib/include/2return_codes.h | 3 | ||||
| -rw-r--r-- | firmware/lib21/packed_key.c | 11 | ||||
| -rw-r--r-- | tests/vb2_common2_tests.c | 7 |
3 files changed, 6 insertions, 15 deletions
diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h index 3d1c611a..f41d784e 100644 --- a/firmware/2lib/include/2return_codes.h +++ b/firmware/2lib/include/2return_codes.h @@ -226,6 +226,9 @@ enum vb2_return_code { /* Key algorithm doesn't match signature algorithm */ VB2_ERROR_VDATA_ALGORITHM_MISMATCH, + /* Bad magic number in vb2_unpack_key2() */ + VB2_ERROR_UNPACK_KEY_MAGIC, + /********************************************************************** * Keyblock verification errors (all in vb2_verify_keyblock()) */ diff --git a/firmware/lib21/packed_key.c b/firmware/lib21/packed_key.c index 4019213b..d872d446 100644 --- a/firmware/lib21/packed_key.c +++ b/firmware/lib21/packed_key.c @@ -51,16 +51,9 @@ int vb2_unpack_key2(struct vb2_public_key *key, uint32_t min_offset = 0; int rv; - /* - * Check magic number. - * - * If it doesn't match, pass through to the old packed key format. - * - * TODO: remove passthru when signing scripts have switched over to - * use the new format. - */ + /* Check magic number */ if (pkey->c.magic != VB2_MAGIC_PACKED_KEY2) - return vb2_unpack_key(key, buf, size); + return VB2_ERROR_UNPACK_KEY_MAGIC; rv = vb2_verify_common_header(buf, size); if (rv) diff --git a/tests/vb2_common2_tests.c b/tests/vb2_common2_tests.c index 519d7f93..88dbf23e 100644 --- a/tests/vb2_common2_tests.c +++ b/tests/vb2_common2_tests.c @@ -87,11 +87,6 @@ static void test_unpack_key2(const struct vb2_packed_key *key1, /* Make a copy of the key for testing */ key2 = (struct vb2_packed_key2 *)malloc(size); - /* Should be able to handle a vboot1-style key binary as well */ - TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key1, - key1->key_offset + key1->key_size), - "vb2_unpack_key2() passthru"); - memcpy(key2, key, size); TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), "vb2_unpack_key2() ok"); @@ -117,7 +112,7 @@ static void test_unpack_key2(const struct vb2_packed_key *key1, memcpy(key2, key, size); key2->c.magic++; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), - VB2_ERROR_INSIDE_DATA_OUTSIDE, + VB2_ERROR_UNPACK_KEY_MAGIC, "vb2_unpack_key2() bad magic"); memcpy(key2, key, size); |