diff options
-rw-r--r-- | firmware/version.c | 2 | ||||
-rwxr-xr-x | scripts/sign_data.sh | 2 | ||||
-rw-r--r-- | utility/Makefile | 4 | ||||
-rw-r--r-- | utility/pad_digest_utility.c | 54 | ||||
-rw-r--r-- | utility/signature_digest_utility.c | 4 |
5 files changed, 62 insertions, 4 deletions
diff --git a/firmware/version.c b/firmware/version.c index 3776bc8b..3f9c99b4 100644 --- a/firmware/version.c +++ b/firmware/version.c @@ -1 +1 @@ -char* VbootVersion = "VBOOv=0a42e63b"; +char* VbootVersion = "VBOOv=b849a043"; diff --git a/scripts/sign_data.sh b/scripts/sign_data.sh index bd9e1be2..05de5a6b 100755 --- a/scripts/sign_data.sh +++ b/scripts/sign_data.sh @@ -10,4 +10,4 @@ then exit -1 fi -./signature_digest $1 $3 | openssl rsautl -sign -pkcs -inkey $2 +./signature_digest_utility $1 $3 | openssl rsautl -sign -pkcs -inkey $2 diff --git a/utility/Makefile b/utility/Makefile index 973d7855..021ac8d8 100644 --- a/utility/Makefile +++ b/utility/Makefile @@ -21,6 +21,7 @@ TARGET_NAMES = dumpRSAPublicKey \ dump_kernel_config \ gbb_utility \ load_kernel_test \ + pad_digest_utility \ signature_digest_utility \ tlcl_generator \ tpm_init_temp_fix \ @@ -60,6 +61,9 @@ ${BUILD_ROOT}/bmpblk_utility: bmpblk_utility.cc ${BUILD_ROOT}/load_kernel_test: load_kernel_test.c $(LIBS) $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto +${BUILD_ROOT}/pad_digest_utility: pad_digest_utility.c $(LIBS) + $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto + ${BUILD_ROOT}/signature_digest_utility: signature_digest_utility.c $(LIBS) $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto diff --git a/utility/pad_digest_utility.c b/utility/pad_digest_utility.c new file mode 100644 index 00000000..50f81461 --- /dev/null +++ b/utility/pad_digest_utility.c @@ -0,0 +1,54 @@ +/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Utility for to generate a padded hash suitable for generating + * PKCS#1.5 signatures. + */ + + +#include <stdio.h> +#include <stdlib.h> + +#include "file_keys.h" +#include "padding.h" +#include "signature_digest.h" +#include "utility.h" + +int main(int argc, char* argv[]) { + int algorithm = -1; + int error_code = 0; + uint8_t* digest = NULL; + uint8_t* padded_digest = NULL; + uint64_t len; + uint32_t padded_digest_len; + + if (argc != 3) { + fprintf(stderr, "Usage: %s <alg_id> <digest_file>", argv[0]); + return -1; + } + algorithm = atoi(argv[1]); + if (algorithm < 0 || algorithm >= kNumAlgorithms) { + fprintf(stderr, "Invalid Algorithm!\n"); + return -1; + } + + digest = BufferFromFile(argv[2], &len); + if (!digest) { + fprintf(stderr, "Could not read file: %s\n", argv[2]); + return -1; + } + + padded_digest = PrependDigestInfo(algorithm, digest); + padded_digest_len = (hash_size_map[algorithm] + + digestinfo_size_map[algorithm]); + + if (!padded_digest) + error_code = -1; + if(padded_digest && + 1 != fwrite(padded_digest, padded_digest_len, 1, stdout)) + error_code = -1; + Free(padded_digest); + Free(digest); + return error_code; +} diff --git a/utility/signature_digest_utility.c b/utility/signature_digest_utility.c index 6c8891b9..bf23ebd5 100644 --- a/utility/signature_digest_utility.c +++ b/utility/signature_digest_utility.c @@ -25,7 +25,7 @@ int main(int argc, char* argv[]) { uint32_t signature_digest_len; if (argc != 3) { - fprintf(stderr, "Usage: %s <algoid> <file>", argv[0]); + fprintf(stderr, "Usage: %s <alg_id> <file>", argv[0]); return -1; } algorithm = atoi(argv[1]); @@ -36,7 +36,7 @@ int main(int argc, char* argv[]) { buf = BufferFromFile(argv[2], &len); if (!buf) { - fprintf(stderr, "Could read file: %s\n", argv[2]); + fprintf(stderr, "Could not read file: %s\n", argv[2]); return -1; } |