diff options
-rw-r--r-- | firmware/2lib/include/2api.h | 4 | ||||
-rw-r--r-- | firmware/2lib/include/2common.h | 6 | ||||
-rw-r--r-- | firmware/2lib/include/2crypto.h | 2 | ||||
-rw-r--r-- | firmware/2lib/include/2guid.h | 25 | ||||
-rw-r--r-- | firmware/2lib/include/2id.h | 28 | ||||
-rw-r--r-- | firmware/2lib/include/2return_codes.h | 13 | ||||
-rw-r--r-- | firmware/2lib/include/2rsa.h | 10 | ||||
-rw-r--r-- | firmware/lib21/api.c | 6 | ||||
-rw-r--r-- | firmware/lib21/common.c | 24 | ||||
-rw-r--r-- | firmware/lib21/include/vb2_struct.h | 30 | ||||
-rw-r--r-- | firmware/lib21/packed_key.c | 2 | ||||
-rw-r--r-- | futility/cmd_create.c | 29 | ||||
-rw-r--r-- | futility/vb2_helper.c | 14 | ||||
-rw-r--r-- | host/lib21/host_key.c | 26 | ||||
-rw-r--r-- | host/lib21/host_misc.c | 12 | ||||
-rw-r--r-- | host/lib21/host_signature.c | 2 | ||||
-rw-r--r-- | host/lib21/include/host_key2.h | 10 | ||||
-rw-r--r-- | host/lib21/include/host_misc2.h | 22 | ||||
-rw-r--r-- | tests/vb21_api_tests.c | 22 | ||||
-rw-r--r-- | tests/vb21_common_tests.c | 8 | ||||
-rw-r--r-- | tests/vb21_host_key_tests.c | 22 | ||||
-rw-r--r-- | tests/vb21_host_sig_tests.c | 8 |
22 files changed, 156 insertions, 169 deletions
diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index 69f4ddec..9d63e449 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -24,7 +24,7 @@ #include "2common.h" #include "2crypto.h" #include "2fw_hash_tags.h" -#include "2guid.h" +#include "2id.h" #include "2recovery_reasons.h" #include "2return_codes.h" @@ -325,7 +325,7 @@ int vb2api_init_hash(struct vb2_context *ctx, uint32_t tag, uint32_t *size); * Same, but for new-style structs. */ int vb2api_init_hash2(struct vb2_context *ctx, - const struct vb2_guid *guid, + const struct vb2_id *id, uint32_t *size); /** diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h index 69a238c1..4622ab13 100644 --- a/firmware/2lib/include/2common.h +++ b/firmware/2lib/include/2common.h @@ -171,13 +171,13 @@ uint32_t vb2_sig_size(enum vb2_signature_algorithm sig_alg, enum vb2_hash_algorithm hash_alg); /** - * Return a key guid for an unsigned hash algorithm. + * Return a key ID for an unsigned hash algorithm. * * @param hash_alg Hash algorithm to return key for - * @return A pointer to the key guid for that hash algorithm and + * @return A pointer to the key ID for that hash algorithm with * sig_alg=VB2_SIG_NONE, or NULL if error. */ -const struct vb2_guid *vb2_hash_guid(enum vb2_hash_algorithm hash_alg); +const struct vb2_id *vb2_hash_id(enum vb2_hash_algorithm hash_alg); /* Size of work buffer sufficient for vb2_verify_digest() worst case. */ #define VB2_VERIFY_DIGEST_WORKBUF_BYTES VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES diff --git a/firmware/2lib/include/2crypto.h b/firmware/2lib/include/2crypto.h index f58dc0a2..9cc877c7 100644 --- a/firmware/2lib/include/2crypto.h +++ b/firmware/2lib/include/2crypto.h @@ -35,7 +35,7 @@ enum vb2_signature_algorithm { /* * No signature algorithm. The digest is unsigned. See - * VB2_GUID_NONE_* for key GUIDs to use with this algorithm. + * VB2_ID_NONE_* for key IDs to use with this algorithm. */ VB2_SIG_NONE = 1, diff --git a/firmware/2lib/include/2guid.h b/firmware/2lib/include/2guid.h deleted file mode 100644 index a8fd346b..00000000 --- a/firmware/2lib/include/2guid.h +++ /dev/null @@ -1,25 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * GUID structure. Defined in appendix A of EFI standard. - */ - -#ifndef VBOOT_REFERENCE_VBOOT_2GUID_H_ -#define VBOOT_REFERENCE_VBOOT_2GUID_H_ -#include <stdint.h> - -#define NUM_GUID_BYTES 20 - -struct vb2_guid { - uint8_t raw[NUM_GUID_BYTES]; -} __attribute__((packed)); - -#define EXPECTED_GUID_SIZE NUM_GUID_BYTES - -/* GUIDs to use for "keys" with sig_alg==VB2_SIG_NONE */ -#define VB2_GUID_NONE_SHA1 {{0x00, 0x01,} } -#define VB2_GUID_NONE_SHA256 {{0x02, 0x56,} } -#define VB2_GUID_NONE_SHA512 {{0x05, 0x12,} } - -#endif /* VBOOT_REFERENCE_VBOOT_2GUID_H_ */ diff --git a/firmware/2lib/include/2id.h b/firmware/2lib/include/2id.h new file mode 100644 index 00000000..03f6d961 --- /dev/null +++ b/firmware/2lib/include/2id.h @@ -0,0 +1,28 @@ +/* Copyright 2015 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Key ID, used to quickly match keys with signatures. There's not a standard + * fingerprint for private keys, so we're using the sha1sum of the public key + * in our keyb format. Pretty much anything would work as long as it's + * resistant to collisions and easy to compare. + */ + +#ifndef VBOOT_REFERENCE_VBOOT_2ID_H_ +#define VBOOT_REFERENCE_VBOOT_2ID_H_ +#include <stdint.h> + +#define VB2_ID_NUM_BYTES 20 + +struct vb2_id { + uint8_t raw[VB2_ID_NUM_BYTES]; +} __attribute__((packed)); + +#define EXPECTED_ID_SIZE VB2_ID_NUM_BYTES + +/* IDs to use for "keys" with sig_alg==VB2_SIG_NONE */ +#define VB2_ID_NONE_SHA1 {{0x00, 0x01,}} +#define VB2_ID_NONE_SHA256 {{0x02, 0x56,}} +#define VB2_ID_NONE_SHA512 {{0x05, 0x12,}} + +#endif /* VBOOT_REFERENCE_VBOOT_2ID_H_ */ diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h index 90b7246d..20a7947c 100644 --- a/firmware/2lib/include/2return_codes.h +++ b/firmware/2lib/include/2return_codes.h @@ -273,8 +273,8 @@ enum vb2_return_code { /* Signature signed wrong amount of data */ VB2_ERROR_KEYBLOCK_SIGNED_SIZE, - /* No signature matching key GUID */ - VB2_ERROR_KEYBLOCK_SIG_GUID, + /* No signature matching key ID */ + VB2_ERROR_KEYBLOCK_SIG_ID, /********************************************************************** * Preamble verification errors (all in vb2_verify_preamble()) @@ -424,7 +424,7 @@ enum vb2_return_code { VB2_ERROR_API_PHASE1_RECOVERY, /* Bad tag in vb2api_check_hash() */ - VB2_ERROR_API_INIT_HASH_GUID, + VB2_ERROR_API_INIT_HASH_ID, /* Signature mismatch in vb2api_check_hash() */ VB2_ERROR_API_CHECK_HASH_SIG, @@ -490,11 +490,8 @@ enum vb2_return_code { /* Unable to write data in write_file() */ VB2_ERROR_WRITE_FILE_DATA, - /* Unable to convert string to struct vb_guid */ - VB2_ERROR_STR_TO_GUID, - - /* Unable to convert struct vb_guid to string */ - VB2_ERROR_GUID_TO_STR, + /* Unable to convert string to struct vb_id */ + VB2_ERROR_STR_TO_ID, /********************************************************************** * Errors generated by host library key functions diff --git a/firmware/2lib/include/2rsa.h b/firmware/2lib/include/2rsa.h index e4e6717c..7e63a6a0 100644 --- a/firmware/2lib/include/2rsa.h +++ b/firmware/2lib/include/2rsa.h @@ -17,11 +17,11 @@ struct vb2_public_key { uint32_t n0inv; /* -1 / n[0] mod 2^32 */ const uint32_t *n; /* Modulus as little endian array */ const uint32_t *rr; /* R^2 as little endian array */ - enum vb2_signature_algorithm sig_alg; /* Signature algorithm */ - enum vb2_hash_algorithm hash_alg; /* Hash algorithm */ - const char *desc; /* Description */ - uint32_t version; /* Key version */ - const struct vb2_guid *guid; /* Key GUID */ + enum vb2_signature_algorithm sig_alg; /* Signature algorithm */ + enum vb2_hash_algorithm hash_alg; /* Hash algorithm */ + const char *desc; /* Description */ + uint32_t version; /* Key version */ + const struct vb2_id *id; /* Key ID */ }; /** diff --git a/firmware/lib21/api.c b/firmware/lib21/api.c index c905a62a..978014a7 100644 --- a/firmware/lib21/api.c +++ b/firmware/lib21/api.c @@ -38,7 +38,7 @@ int vb2api_fw_phase3(struct vb2_context *ctx) } int vb2api_init_hash2(struct vb2_context *ctx, - const struct vb2_guid *guid, + const struct vb2_id *id, uint32_t *size) { struct vb2_shared_data *sd = vb2_get_sd(ctx); @@ -63,13 +63,13 @@ int vb2api_init_hash2(struct vb2_context *ctx, sig = (const struct vb2_signature *) ((uint8_t *)pre + hash_offset); - if (!memcmp(guid, &sig->guid, sizeof(*guid))) + if (!memcmp(id, &sig->id, sizeof(*id))) break; hash_offset += sig->c.total_size; } if (i >= pre->hash_count) - return VB2_ERROR_API_INIT_HASH_GUID; /* No match */ + return VB2_ERROR_API_INIT_HASH_ID; /* No match */ /* Allocate workbuf space for the hash */ if (sd->workbuf_hash_size) { diff --git a/firmware/lib21/common.c b/firmware/lib21/common.c index 7a06c8c3..c683ce3d 100644 --- a/firmware/lib21/common.c +++ b/firmware/lib21/common.c @@ -142,30 +142,28 @@ uint32_t vb2_sig_size(enum vb2_signature_algorithm sig_alg, return vb2_rsa_sig_size(sig_alg); } -const struct vb2_guid *vb2_hash_guid(enum vb2_hash_algorithm hash_alg) +const struct vb2_id *vb2_hash_id(enum vb2_hash_algorithm hash_alg) { switch(hash_alg) { #ifdef VB2_SUPPORT_SHA1 case VB2_HASH_SHA1: { - static const struct vb2_guid guid = VB2_GUID_NONE_SHA1; - return &guid; + static const struct vb2_id id = VB2_ID_NONE_SHA1; + return &id; } #endif #ifdef VB2_SUPPORT_SHA256 case VB2_HASH_SHA256: { - static const struct vb2_guid guid = - VB2_GUID_NONE_SHA256; - return &guid; + static const struct vb2_id id = VB2_ID_NONE_SHA256; + return &id; } #endif #ifdef VB2_SUPPORT_SHA512 case VB2_HASH_SHA512: { - static const struct vb2_guid guid = - VB2_GUID_NONE_SHA512; - return &guid; + static const struct vb2_id id = VB2_ID_NONE_SHA512; + return &id; } #endif default: @@ -358,8 +356,8 @@ int vb2_verify_keyblock(struct vb2_keyblock *block, if (rv) return rv; - /* Skip signature if it doesn't match the key GUID */ - if (memcmp(&sig->guid, key->guid, NUM_GUID_BYTES)) + /* Skip signature if it doesn't match the key ID */ + if (memcmp(&sig->id, key->id, VB2_ID_NUM_BYTES)) continue; /* Make sure we signed the right amount of data */ @@ -369,8 +367,8 @@ int vb2_verify_keyblock(struct vb2_keyblock *block, return vb2_verify_data(block, block->sig_offset, sig, key, wb); } - /* If we're still here, no signature matched the key GUID */ - return VB2_ERROR_KEYBLOCK_SIG_GUID; + /* If we're still here, no signature matched the key ID */ + return VB2_ERROR_KEYBLOCK_SIG_ID; } int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble, diff --git a/firmware/lib21/include/vb2_struct.h b/firmware/lib21/include/vb2_struct.h index 5bccfab7..b24f0b18 100644 --- a/firmware/lib21/include/vb2_struct.h +++ b/firmware/lib21/include/vb2_struct.h @@ -12,7 +12,7 @@ #define VBOOT_REFERENCE_VB2_STRUCT_H_ #include <stdint.h> -#include "2guid.h" +#include "2id.h" /* * Magic numbers used by vb2_struct_common.magic. @@ -137,12 +137,12 @@ struct vb2_packed_key { /* Key version */ uint32_t key_version; - /* Key GUID */ - struct vb2_guid guid; + /* Key ID */ + struct vb2_id id; } __attribute__((packed)); #define EXPECTED_VB2_PACKED_KEY_SIZE \ - (EXPECTED_VB2_STRUCT_COMMON_SIZE + 16 + EXPECTED_GUID_SIZE) + (EXPECTED_VB2_STRUCT_COMMON_SIZE + 16 + EXPECTED_ID_SIZE) /* Current version of vb2_packed_private_key struct */ #define VB2_PACKED_PRIVATE_KEY_VERSION_MAJOR 3 @@ -176,12 +176,12 @@ struct vb2_packed_private_key { */ uint16_t hash_alg; - /* Key GUID */ - struct vb2_guid guid; + /* Key ID */ + struct vb2_id id; } __attribute__((packed)); #define EXPECTED_VB2_PACKED_PRIVATE_KEY_SIZE \ - (EXPECTED_VB2_STRUCT_COMMON_SIZE + 12 + EXPECTED_GUID_SIZE) + (EXPECTED_VB2_STRUCT_COMMON_SIZE + 12 + EXPECTED_ID_SIZE) /* Current version of vb2_signature struct */ #define VB2_SIGNATURE_VERSION_MAJOR 3 @@ -215,21 +215,21 @@ struct vb2_signature { uint16_t hash_alg; /* - * GUID for the signature. + * ID for the signature. * - * If this is a keyblock signature entry, this is the GUID of the key + * If this is a keyblock signature entry, this is the ID of the key * used to generate this signature. This allows the firmware to * quickly determine which signature block (if any) goes with the key * being used by the firmware. * - * If this is a preamble hash entry, this is the GUID of the data type - * being hashed. There is no key GUID, because sig_alg=VB2_ALG_NONE. + * If this is a preamble hash entry, this is the ID of the data type + * being hashed. There is no key ID, because sig_alg=VB2_ALG_NONE. */ - struct vb2_guid guid; + struct vb2_id id; } __attribute__((packed)); #define EXPECTED_VB2_SIGNATURE_SIZE \ - (EXPECTED_VB2_STRUCT_COMMON_SIZE + 16 + EXPECTED_GUID_SIZE) + (EXPECTED_VB2_STRUCT_COMMON_SIZE + 16 + EXPECTED_ID_SIZE) /* Current version of vb2_keyblock struct */ @@ -278,7 +278,7 @@ struct vb2_keyblock { * subkey from the RW firmware (for signed kernels) and one which is * simply a SHA-512 hash (for unsigned developer kernels). * - * The GUID for each signature indicates which key was used to generate + * The ID for each signature indicates which key was used to generate * the signature. */ uint32_t sig_offset; @@ -324,7 +324,7 @@ struct vb2_fw_preamble { /* * The preamble contains a list of hashes (struct vb2_signature) for * the various firmware components. These have sig_alg=VB2_SIG_NONE, - * and the GUID for each hash identifies the component being hashed. + * and the ID for each hash identifies the component being hashed. * The calling firmware is responsible for knowing where to find those * components, which may be on a different storage device than this * preamble. diff --git a/firmware/lib21/packed_key.c b/firmware/lib21/packed_key.c index f7f2de9e..ada80800 100644 --- a/firmware/lib21/packed_key.c +++ b/firmware/lib21/packed_key.c @@ -95,7 +95,7 @@ int vb2_unpack_key(struct vb2_public_key *key, /* Key description */ key->desc = vb2_common_desc(pkey); key->version = pkey->key_version; - key->guid = &pkey->guid; + key->id = &pkey->id; return VB2_SUCCESS; } diff --git a/futility/cmd_create.c b/futility/cmd_create.c index 32eed50a..db668b2c 100644 --- a/futility/cmd_create.c +++ b/futility/cmd_create.c @@ -12,7 +12,7 @@ #include "2sysincludes.h" #include "2common.h" -#include "2guid.h" +#include "2id.h" #include "2rsa.h" #include "util_misc.h" #include "vb2_common.h" @@ -29,7 +29,7 @@ enum { OPT_OUTFILE = 1000, OPT_VERSION, OPT_DESC, - OPT_GUID, + OPT_ID, OPT_HASH_ALG, }; @@ -40,13 +40,13 @@ static char *infile, *outfile, *outext; static uint32_t opt_version = DEFAULT_VERSION; enum vb2_hash_algorithm opt_hash_alg = DEFAULT_HASH; static char *opt_desc; -static struct vb2_guid opt_guid; -static int force_guid; +static struct vb2_id opt_id; +static int force_id; static const struct option long_opts[] = { {"version", 1, 0, OPT_VERSION}, {"desc", 1, 0, OPT_DESC}, - {"guid", 1, 0, OPT_GUID}, + {"id", 1, 0, OPT_ID}, {"hash_alg", 1, 0, OPT_HASH_ALG}, {NULL, 0, 0, 0} }; @@ -70,7 +70,7 @@ static void print_help(const char *progname) entry->num, entry->name, entry->num == VB2_HASH_SHA256 ? " (default)" : ""); printf( -" --guid <guid> Identifier for this keypair (vb21 only)\n" +" --id <id> Identifier for this keypair (vb21 only)\n" " --desc <text> Human-readable description (vb21 only)\n" "\n"); @@ -239,15 +239,15 @@ static int vb2_make_keypair() } /* Update the IDs */ - if (!force_guid) { + if (!force_id) { uint8_t *digest = DigestBuf(keyb_data, keyb_size, SHA1_DIGEST_ALGORITHM); - memcpy(&opt_guid, digest, sizeof(opt_guid)); + memcpy(&opt_id, digest, sizeof(opt_id)); free(digest); } - privkey->guid = opt_guid; - memcpy((struct vb2_guid *)pubkey->guid, &opt_guid, sizeof(opt_guid)); + privkey->id = opt_id; + memcpy((struct vb2_id *)pubkey->id, &opt_id, sizeof(opt_id)); /* Write them out */ strcpy(outext, ".vbprik2"); @@ -299,14 +299,13 @@ static int do_create(int argc, char *argv[]) opt_desc = optarg; break; - case OPT_GUID: - if (VB2_SUCCESS != vb2_str_to_guid(optarg, - &opt_guid)) { - fprintf(stderr, "invalid guid \"%s\"\n", + case OPT_ID: + if (VB2_SUCCESS != vb2_str_to_id(optarg, &opt_id)) { + fprintf(stderr, "invalid id \"%s\"\n", optarg); errorcnt = 1; } - force_guid = 1; + force_id = 1; break; case OPT_HASH_ALG: diff --git a/futility/vb2_helper.c b/futility/vb2_helper.c index b3349af2..686b8333 100644 --- a/futility/vb2_helper.c +++ b/futility/vb2_helper.c @@ -9,7 +9,7 @@ #include "2sysincludes.h" #include "2common.h" -#include "2guid.h" +#include "2id.h" #include "2rsa.h" #include "util_misc.h" #include "vb2_common.h" @@ -88,10 +88,10 @@ int futil_cb_show_vb2_pubkey(struct futil_traverse_state_s *state) printf(" Hash Algorithm: %d %s\n", key.hash_alg, entry ? entry->name : "(invalid)"); printf(" Version: 0x%08x\n", key.version); - printf(" GUID: "); - vb2_print_bytes(key.guid, sizeof(*key.guid)); + printf(" ID: "); + vb2_print_bytes(key.id, sizeof(*key.id)); printf("\n"); - if (sha1sum && memcmp(key.guid, sha1sum, sizeof(*key.guid))) { + if (sha1sum && memcmp(key.id, sha1sum, sizeof(*key.id))) { printf(" Key sha1sum: "); vb2_print_bytes(sha1sum, SHA1_DIGEST_SIZE); printf("\n"); @@ -135,10 +135,10 @@ int futil_cb_show_vb2_privkey(struct futil_traverse_state_s *state) entry = vb2_lookup_by_num(vb2_text_vs_hash, key->hash_alg); printf(" Hash Algorithm: %d %s\n", key->hash_alg, entry ? entry->name : "(invalid)"); - printf(" GUID: "); - vb2_print_bytes(&key->guid, sizeof(key->guid)); + printf(" ID: "); + vb2_print_bytes(&key->id, sizeof(key->id)); printf("\n"); - if (sha1sum && memcmp(&key->guid, sha1sum, sizeof(key->guid))) { + if (sha1sum && memcmp(&key->id, sha1sum, sizeof(key->id))) { printf(" Key sha1sum: "); vb2_print_bytes(sha1sum, SHA1_DIGEST_SIZE); printf("\n"); diff --git a/host/lib21/host_key.c b/host/lib21/host_key.c index 78a6d2ec..b18d018c 100644 --- a/host/lib21/host_key.c +++ b/host/lib21/host_key.c @@ -126,10 +126,10 @@ int vb2_private_key_unpack(struct vb2_private_key **key_ptr, if (!key) return VB2_ERROR_UNPACK_PRIVATE_KEY_ALLOC; - /* Copy key algorithms and guid */ + /* Copy key algorithms and ID */ key->sig_alg = pkey->sig_alg; key->hash_alg = pkey->hash_alg; - key->guid = pkey->guid; + key->id = pkey->id; /* Unpack RSA key */ if (pkey->sig_alg == VB2_SIG_NONE) { @@ -238,14 +238,14 @@ int vb2_private_key_write(const struct vb2_private_key *key, .c.fixed_size = sizeof(pkey), .sig_alg = key->sig_alg, .hash_alg = key->hash_alg, - .guid = key->guid, + .id = key->id, }; uint8_t *buf; uint8_t *rsabuf = NULL; int rsalen = 0; int rv; - memcpy(&pkey.guid, &key->guid, sizeof(pkey.guid)); + memcpy(&pkey.id, &key->id, sizeof(pkey.id)); pkey.c.desc_size = vb2_desc_size(key->desc); @@ -297,7 +297,7 @@ int vb2_private_key_hash(const struct vb2_private_key **key_ptr, .hash_alg = VB2_HASH_SHA1, .sig_alg = VB2_SIG_NONE, .desc = "Unsigned SHA1", - .guid = VB2_GUID_NONE_SHA1, + .id = VB2_ID_NONE_SHA1, }; *key_ptr = &key; return VB2_SUCCESS; @@ -310,7 +310,7 @@ int vb2_private_key_hash(const struct vb2_private_key **key_ptr, .hash_alg = VB2_HASH_SHA256, .sig_alg = VB2_SIG_NONE, .desc = "Unsigned SHA-256", - .guid = VB2_GUID_NONE_SHA256, + .id = VB2_ID_NONE_SHA256, }; *key_ptr = &key; return VB2_SUCCESS; @@ -323,7 +323,7 @@ int vb2_private_key_hash(const struct vb2_private_key **key_ptr, .hash_alg = VB2_HASH_SHA512, .sig_alg = VB2_SIG_NONE, .desc = "Unsigned SHA-512", - .guid = VB2_GUID_NONE_SHA512, + .id = VB2_ID_NONE_SHA512, }; *key_ptr = &key; return VB2_SUCCESS; @@ -340,8 +340,8 @@ int vb2_public_key_alloc(struct vb2_public_key **key_ptr, struct vb2_public_key *key; uint32_t key_data_size = vb2_packed_key_size(sig_alg); - /* The buffer contains the key, its GUID, and its packed data */ - uint32_t buf_size = sizeof(*key) + sizeof(struct vb2_guid) + + /* The buffer contains the key, its ID, and its packed data */ + uint32_t buf_size = sizeof(*key) + sizeof(struct vb2_id) + key_data_size; if (!key_data_size) @@ -351,7 +351,7 @@ int vb2_public_key_alloc(struct vb2_public_key **key_ptr, if (!key) return VB2_ERROR_PUBLIC_KEY_ALLOC; - key->guid = (struct vb2_guid *)(key + 1); + key->id = (struct vb2_id *)(key + 1); key->sig_alg = sig_alg; *key_ptr = key; @@ -372,7 +372,7 @@ void vb2_public_key_free(struct vb2_public_key *key) uint8_t *vb2_public_key_packed_data(struct vb2_public_key *key) { - return (uint8_t *)(key->guid + 1); + return (uint8_t *)(key->id + 1); } int vb2_public_key_read_keyb(struct vb2_public_key **key_ptr, @@ -485,7 +485,7 @@ int vb2_public_key_pack(struct vb2_packed_key **key_ptr, key.key_version = pubk->version; key.sig_alg = pubk->sig_alg; key.hash_alg = pubk->hash_alg; - key.guid = *pubk->guid; + key.id = *pubk->id; /* Allocate the new buffer */ buf = calloc(1, key.c.total_size); @@ -539,7 +539,7 @@ int vb2_public_key_hash(struct vb2_public_key *key, key->sig_alg = VB2_SIG_NONE; key->hash_alg = hash_alg; - key->guid = vb2_hash_guid(hash_alg); + key->id = vb2_hash_id(hash_alg); return VB2_SUCCESS; } diff --git a/host/lib21/host_misc.c b/host/lib21/host_misc.c index 5e8a7cb5..db5e8243 100644 --- a/host/lib21/host_misc.c +++ b/host/lib21/host_misc.c @@ -136,24 +136,24 @@ static const char *onebyte(const char *str, uint8_t *vptr) return str; } -int vb2_str_to_guid(const char *str, struct vb2_guid *guid) +int vb2_str_to_id(const char *str, struct vb2_id *id) { uint8_t val; int i; if (!str) - return VB2_ERROR_STR_TO_GUID; + return VB2_ERROR_STR_TO_ID; - memset(guid, 0, sizeof(*guid)); + memset(id, 0, sizeof(*id)); - for (i = 0; i < NUM_GUID_BYTES; i++) { + for (i = 0; i < VB2_ID_NUM_BYTES; i++) { str = onebyte(str, &val); if (!str) break; - guid->raw[i] = val; + id->raw[i] = val; } /* If we get at least one valid byte, that's good enough. */ - return i ? VB2_SUCCESS : VB2_ERROR_STR_TO_GUID; + return i ? VB2_SUCCESS : VB2_ERROR_STR_TO_ID; } diff --git a/host/lib21/host_signature.c b/host/lib21/host_signature.c index 11785c71..50cc8f0a 100644 --- a/host/lib21/host_signature.c +++ b/host/lib21/host_signature.c @@ -91,7 +91,7 @@ int vb2_sign_data(struct vb2_signature **sig_ptr, .sig_alg = key->sig_alg, .hash_alg = key->hash_alg, .data_size = size, - .guid = key->guid, + .id = key->id, }; struct vb2_digest_context dc; diff --git a/host/lib21/include/host_key2.h b/host/lib21/include/host_key2.h index b219ae63..67113c13 100644 --- a/host/lib21/include/host_key2.h +++ b/host/lib21/include/host_key2.h @@ -18,7 +18,7 @@ struct vb2_private_key { enum vb2_hash_algorithm hash_alg; /* Hash algorithm */ enum vb2_signature_algorithm sig_alg; /* Signature algorithm */ char *desc; /* Description */ - struct vb2_guid guid; /* Key GUID */ + struct vb2_id id; /* Key ID */ }; /* Convert between enums and human-readable form. Terminated with {0, 0}. */ @@ -127,8 +127,8 @@ int vb2_private_key_hash(const struct vb2_private_key **key_ptr, /** * Allocate a public key buffer of sufficient size for the signature algorithm. * - * This only initializes the sig_alg field and the guid field to an empty - * guid. It does not set any of the other fields in *key_ptr. + * This only initializes the sig_alg field and the id field to an empty + * id. It does not set any of the other fields in *key_ptr. * * @param key_ptr Destination for newly allocated key; this must be * freed with vb2_public_key_free(). @@ -141,7 +141,7 @@ int vb2_public_key_alloc(struct vb2_public_key **key_ptr, /** * Return the packed data for a key allocated with vb2_public_key_alloc(). * - * The packed data is in the same buffer, following the key struct and GUID. + * The packed data is in the same buffer, following the key struct and ID. */ uint8_t *vb2_public_key_packed_data(struct vb2_public_key *key); @@ -160,7 +160,7 @@ void vb2_public_key_free(struct vb2_public_key *key); * Read a public key from a .keyb file. * * Guesses the signature algorithm based on the size of the .keyb file. Does - * not set the hash_alg, guid, or desc fields, since those are not contained in + * not set the hash_alg, id, or desc fields, since those are not contained in * the .keyb file. * * @param key_ptr Destination for newly allocated key; this must be diff --git a/host/lib21/include/host_misc2.h b/host/lib21/include/host_misc2.h index 86ec13f0..5d891cad 100644 --- a/host/lib21/include/host_misc2.h +++ b/host/lib21/include/host_misc2.h @@ -9,28 +9,18 @@ #include <stdint.h> #include <stdio.h> -#include "2guid.h" +#include "2id.h" /* Length of string representation, including trailing '\0' */ -#define VB2_GUID_MIN_STRLEN (2 * NUM_GUID_BYTES + 1) +#define VB2_ID_MIN_STRLEN (2 * VB2_ID_NUM_BYTES + 1) /** - * Convert string to struct vb2_guid. + * Convert hex string to struct vb2_id. * - * @param str Example: "C12A7328-F81F-11D2-BA4B-00A0C93EC93B" - * @param guid Destination for binary representation + * @param str Example: "01ABef000042" + * @param id Destination for binary representation * @return VB2_SUCCESS, or non-zero if error. */ -int vb2_str_to_guid(const char *str, struct vb2_guid *guid); - -/** - * Convert struct vb2_guid to string. - * - * @param guid Binary representation - * @param str Buffer for result "C12A7328-F81F-11D2-BA4B-00A0C93EC93B" - * @return VB2_SUCCESS, or non-zero if error. - */ -int vb2_guid_to_str(const struct vb2_guid *guid, - char *buf, unsigned int buflen); +int vb2_str_to_id(const char *str, struct vb2_id *id); #endif /* VBOOT_REFERENCE_HOST_MISC2_H_ */ diff --git a/tests/vb21_api_tests.c b/tests/vb21_api_tests.c index dbc4750d..91631f69 100644 --- a/tests/vb21_api_tests.c +++ b/tests/vb21_api_tests.c @@ -33,7 +33,7 @@ static const int mock_body_size = sizeof(mock_body); static const int mock_hash_alg = VB2_HASH_SHA256; static int mock_sig_size; -static const struct vb2_guid test_guid[4] = { +static const struct vb2_id test_id[4] = { {.raw = {0x11}}, {.raw = {0x22}}, {.raw = {0x33}}, @@ -104,7 +104,7 @@ static void reset_common_data(enum reset_type t) for (i = 0; i < 3; i++) { vb2_sign_data(&sig, mock_body, mock_body_size - 16 * i, hash_key, NULL); - memcpy(&sig->guid, test_guid + i, sizeof(sig->guid)); + memcpy(&sig->id, test_id + i, sizeof(sig->id)); memcpy((uint8_t *)pre + sig_offset, sig, sig->c.total_size); sig_offset += sig->c.total_size; mock_sig_size = sig->c.total_size; @@ -116,7 +116,7 @@ static void reset_common_data(enum reset_type t) + sd->workbuf_preamble_size; if (t == FOR_EXTEND_HASH || t == FOR_CHECK_HASH) - vb2api_init_hash2(&ctx, test_guid, NULL); + vb2api_init_hash2(&ctx, test_id, NULL); if (t == FOR_CHECK_HASH) vb2api_extend_hash(&ctx, mock_body, mock_body_size); @@ -208,7 +208,7 @@ static void init_hash_tests(void) sig = (struct vb2_signature *)((uint8_t *)pre + pre->hash_offset); wb_used_before = ctx.workbuf_used; - TEST_SUCC(vb2api_init_hash2(&ctx, test_guid, &size), + TEST_SUCC(vb2api_init_hash2(&ctx, test_id, &size), "init hash good"); TEST_EQ(sd->workbuf_hash_offset, (wb_used_before + (VB2_WORKBUF_ALIGN - 1)) & @@ -225,7 +225,7 @@ static void init_hash_tests(void) TEST_EQ(sd->hash_remaining_size, mock_body_size, "hash remaining"); wb_used_before = ctx.workbuf_used; - TEST_SUCC(vb2api_init_hash2(&ctx, test_guid + 2, NULL), + TEST_SUCC(vb2api_init_hash2(&ctx, test_id + 2, NULL), "init hash again"); TEST_EQ(ctx.workbuf_used, wb_used_before, "init hash reuses context"); TEST_EQ(sd->hash_tag, @@ -234,29 +234,29 @@ static void init_hash_tests(void) "hash signature offset 2"); reset_common_data(FOR_MISC); - TEST_EQ(vb2api_init_hash2(&ctx, test_guid + 3, &size), - VB2_ERROR_API_INIT_HASH_GUID, "init hash invalid guid"); + TEST_EQ(vb2api_init_hash2(&ctx, test_id + 3, &size), + VB2_ERROR_API_INIT_HASH_ID, "init hash invalid id"); reset_common_data(FOR_MISC); sd->workbuf_preamble_size = 0; - TEST_EQ(vb2api_init_hash2(&ctx, test_guid, &size), + TEST_EQ(vb2api_init_hash2(&ctx, test_id, &size), VB2_ERROR_API_INIT_HASH_PREAMBLE, "init hash preamble"); reset_common_data(FOR_MISC); ctx.workbuf_used = ctx.workbuf_size - sizeof(struct vb2_digest_context) + 8; - TEST_EQ(vb2api_init_hash2(&ctx, test_guid, &size), + TEST_EQ(vb2api_init_hash2(&ctx, test_id, &size), VB2_ERROR_API_INIT_HASH_WORKBUF, "init hash workbuf"); reset_common_data(FOR_MISC); sig->hash_alg = VB2_HASH_INVALID; - TEST_EQ(vb2api_init_hash2(&ctx, test_guid, &size), + TEST_EQ(vb2api_init_hash2(&ctx, test_id, &size), VB2_ERROR_SHA_INIT_ALGORITHM, "init hash algorithm"); if (hwcrypto_state == HWCRYPTO_ENABLED) { reset_common_data(FOR_MISC); retval_hwcrypto = VB2_ERROR_MOCK; - TEST_EQ(vb2api_init_hash2(&ctx, test_guid, &size), + TEST_EQ(vb2api_init_hash2(&ctx, test_id, &size), VB2_ERROR_MOCK, "init hash use hwcrypto"); } } diff --git a/tests/vb21_common_tests.c b/tests/vb21_common_tests.c index d2ac0edf..eb943bc1 100644 --- a/tests/vb21_common_tests.c +++ b/tests/vb21_common_tests.c @@ -27,9 +27,9 @@ static const uint8_t test_data3[] = "Even more test data"; static void test_struct_packing(void) { /* Test new struct sizes */ - TEST_EQ(EXPECTED_GUID_SIZE, - sizeof(struct vb2_guid), - "sizeof(vb2_guid)"); + TEST_EQ(EXPECTED_ID_SIZE, + sizeof(struct vb2_id), + "sizeof(vb2_id)"); TEST_EQ(EXPECTED_VB2_STRUCT_COMMON_SIZE, sizeof(struct vb2_struct_common), "sizeof(vb2_struct_common)"); @@ -298,7 +298,7 @@ static void test_verify_keyblock(void) memcpy(buf, buf2, buf_size); TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk3, &wb), - VB2_ERROR_KEYBLOCK_SIG_GUID, + VB2_ERROR_KEYBLOCK_SIG_ID, "vb2_verify_keyblock() key not present"); memcpy(buf, buf2, buf_size); diff --git a/tests/vb21_host_key_tests.c b/tests/vb21_host_key_tests.c index 6a01d724..e6730133 100644 --- a/tests/vb21_host_key_tests.c +++ b/tests/vb21_host_key_tests.c @@ -39,7 +39,7 @@ static void private_key_tests(const struct alg_combo *combo, const char *testfile = "test.vbprik2"; const char *notapem = "not_a_pem"; const char *testdesc = "test desc"; - const struct vb2_guid test_guid = {.raw = {0xaa}}; + const struct vb2_id test_id = {.raw = {0xaa}}; uint8_t *buf, *buf2; uint32_t bufsize; @@ -72,7 +72,7 @@ static void private_key_tests(const struct alg_combo *combo, TEST_SUCC(vb2_private_key_set_desc(key, testdesc), "Set desc"); key->hash_alg = combo->hash_alg; key->sig_alg = combo->sig_alg; - key->guid = test_guid; + key->id = test_id; unlink(testfile); @@ -86,7 +86,7 @@ static void private_key_tests(const struct alg_combo *combo, TEST_PTR_NEQ(k2, NULL, " key_ptr"); TEST_EQ(k2->sig_alg, key->sig_alg, " sig alg"); TEST_EQ(k2->hash_alg, key->hash_alg, " hash alg"); - TEST_EQ(memcmp(&k2->guid, &key->guid, sizeof(k2->guid)), 0, " guid"); + TEST_EQ(memcmp(&k2->id, &key->id, sizeof(k2->id)), 0, " id"); TEST_EQ(strcmp(k2->desc, testdesc), 0, " desc"); vb2_private_key_free(k2); @@ -157,8 +157,8 @@ static void private_key_tests(const struct alg_combo *combo, TEST_PTR_NEQ(ckey, NULL, " key_ptr"); TEST_EQ(ckey->hash_alg, combo->hash_alg, " hash_alg"); TEST_EQ(ckey->sig_alg, VB2_SIG_NONE, " sig_alg"); - TEST_EQ(memcmp(&ckey->guid, vb2_hash_guid(combo->hash_alg), - sizeof(ckey->guid)), 0, " guid"); + TEST_EQ(memcmp(&ckey->id, vb2_hash_id(combo->hash_alg), + sizeof(ckey->id)), 0, " id"); TEST_SUCC(vb2_private_key_write(ckey, testfile), "Write hash key"); TEST_SUCC(vb2_private_key_read(&key, testfile), "Read hash key"); @@ -172,7 +172,7 @@ static void public_key_tests(const struct alg_combo *combo, struct vb2_packed_key *pkey; const char *testfile = "test.vbpubk2"; const char *testdesc = "test desc"; - const struct vb2_guid test_guid = {.raw = {0xbb}}; + const struct vb2_id test_id = {.raw = {0xbb}}; const uint32_t test_version = 0xcc01; uint8_t *buf; uint32_t bufsize; @@ -214,7 +214,7 @@ static void public_key_tests(const struct alg_combo *combo, TEST_SUCC(vb2_public_key_read_keyb(&key, keybfile), "Read keyb 3"); TEST_SUCC(vb2_public_key_set_desc(key, testdesc), "Set desc"); key->hash_alg = combo->hash_alg; - key->guid = &test_guid; + key->id = &test_id; key->version = test_version; TEST_SUCC(vb2_public_key_pack(&pkey, key), "Pack public key"); @@ -222,8 +222,8 @@ static void public_key_tests(const struct alg_combo *combo, TEST_EQ(pkey->hash_alg, key->hash_alg, " hash_alg"); TEST_EQ(pkey->sig_alg, key->sig_alg, " sig_alg"); TEST_EQ(pkey->key_version, key->version, " version"); - TEST_EQ(memcmp(&pkey->guid, key->guid, sizeof(pkey->guid)), 0, - " guid"); + TEST_EQ(memcmp(&pkey->id, key->id, sizeof(pkey->id)), 0, + " id"); TEST_EQ(strcmp(vb2_common_desc(pkey), key->desc), 0, " desc"); TEST_SUCC(vb2_unpack_key(&k2, (uint8_t *)pkey, pkey->c.total_size), "Unpack public key"); @@ -266,8 +266,8 @@ static void public_key_tests(const struct alg_combo *combo, TEST_SUCC(vb2_public_key_hash(&k2, combo->hash_alg), "Hash key"); TEST_EQ(k2.hash_alg, combo->hash_alg, " hash_alg"); TEST_EQ(k2.sig_alg, VB2_SIG_NONE, " sig_alg"); - TEST_EQ(memcmp(k2.guid, vb2_hash_guid(combo->hash_alg), - sizeof(*k2.guid)), 0, " guid"); + TEST_EQ(memcmp(k2.id, vb2_hash_id(combo->hash_alg), + sizeof(*k2.id)), 0, " id"); TEST_SUCC(vb2_public_key_pack(&pkey, &k2), "Pack public hash key"); TEST_PTR_NEQ(pkey, NULL, " key_ptr"); diff --git a/tests/vb21_host_sig_tests.c b/tests/vb21_host_sig_tests.c index 4a1943ab..37894a56 100644 --- a/tests/vb21_host_sig_tests.c +++ b/tests/vb21_host_sig_tests.c @@ -30,7 +30,7 @@ static const struct alg_combo test_algs[] = { {"RSA8192/SHA-512", VB2_SIG_RSA8192, VB2_HASH_SHA512}, }; -const struct vb2_guid test_guid = {.raw = {0xaa}}; +const struct vb2_id test_id = {.raw = {0xaa}}; const char *test_desc = "The test key"; const char *test_sig_desc = "The test signature"; const uint8_t test_data[] = "Some test data"; @@ -60,13 +60,13 @@ static void sig_tests(const struct alg_combo *combo, /* Create test keys */ /* TODO: should read these from .vbprik2, .vbpubk2 files */ TEST_SUCC(vb2_private_key_read_pem(&prik, pemfile), "Read private key"); - prik->guid = test_guid; + prik->id = test_id; prik->hash_alg = combo->hash_alg; prik->sig_alg = combo->sig_alg; vb2_private_key_set_desc(prik, test_desc); TEST_SUCC(vb2_public_key_read_keyb(&pubk, keybfile), "Read pub key"); - pubk->guid = &test_guid; + pubk->id = &test_id; pubk->hash_alg = combo->hash_alg; vb2_public_key_set_desc(pubk, test_desc); @@ -83,7 +83,7 @@ static void sig_tests(const struct alg_combo *combo, "Sign good"); TEST_PTR_NEQ(sig, NULL, " sig_ptr"); TEST_EQ(0, strcmp(vb2_common_desc(sig), test_desc), " desc"); - TEST_EQ(0, memcmp(&sig->guid, &test_guid, sizeof(test_guid)), " guid"); + TEST_EQ(0, memcmp(&sig->id, &test_id, sizeof(test_id)), " id"); TEST_EQ(sig->data_size, test_size, " data_size"); TEST_SUCC(vb2_sig_size_for_key(&size, prik, NULL), "Sig size"); TEST_EQ(size, sig->c.total_size, " size"); |