summaryrefslogtreecommitdiff
path: root/firmware/2lib/2common.c
diff options
context:
space:
mode:
Diffstat (limited to 'firmware/2lib/2common.c')
-rw-r--r--firmware/2lib/2common.c260
1 files changed, 0 insertions, 260 deletions
diff --git a/firmware/2lib/2common.c b/firmware/2lib/2common.c
index e15ddb77..9e75d0c3 100644
--- a/firmware/2lib/2common.c
+++ b/firmware/2lib/2common.c
@@ -110,267 +110,7 @@ void vb2_workbuf_free(struct vb2_workbuf *wb, uint32_t size)
wb->size += size;
}
-uint8_t *vb2_signature_data(struct vb2_signature *sig)
-{
- return (uint8_t *)sig + sig->sig_offset;
-}
-
ptrdiff_t vb2_offset_of(const void *base, const void *ptr)
{
return (uintptr_t)ptr - (uintptr_t)base;
}
-
-int vb2_verify_member_inside(const void *parent, size_t parent_size,
- const void *member, size_t member_size,
- ptrdiff_t member_data_offset,
- size_t member_data_size)
-{
- const uintptr_t parent_end = (uintptr_t)parent + parent_size;
- const ptrdiff_t member_offs = vb2_offset_of(parent, member);
- const ptrdiff_t member_end_offs = member_offs + member_size;
- const ptrdiff_t data_offs = member_offs + member_data_offset;
- const ptrdiff_t data_end_offs = data_offs + member_data_size;
-
- /* Make sure parent doesn't wrap */
- if (parent_size < 0 || parent_end < (uintptr_t)parent)
- return VB2_ERROR_INSIDE_PARENT_WRAPS;
-
- /*
- * Make sure the member is fully contained in the parent and doesn't
- * wrap. Use >, not >=, since member_size = 0 is possible.
- */
- if (member_size < 0 || member_end_offs < member_offs)
- return VB2_ERROR_INSIDE_MEMBER_WRAPS;
- if (member_offs < 0 || member_offs > parent_size ||
- member_end_offs > parent_size)
- return VB2_ERROR_INSIDE_MEMBER_OUTSIDE;
-
- /* Make sure the member data is after the member */
- if (member_data_size > 0 && data_offs < member_end_offs)
- return VB2_ERROR_INSIDE_DATA_OVERLAP;
-
- /* Make sure parent fully contains member data, if any */
- if (member_data_size < 0 || data_end_offs < data_offs)
- return VB2_ERROR_INSIDE_DATA_WRAPS;
- if (data_offs < 0 || data_offs > parent_size ||
- data_end_offs > parent_size)
- return VB2_ERROR_INSIDE_DATA_OUTSIDE;
-
- return VB2_SUCCESS;
-}
-
-int vb2_verify_signature_inside(const void *parent,
- uint32_t parent_size,
- const struct vb2_signature *sig)
-{
- return vb2_verify_member_inside(parent, parent_size,
- sig, sizeof(*sig),
- sig->sig_offset, sig->sig_size);
-}
-
-int vb2_verify_digest(const struct vb2_public_key *key,
- struct vb2_signature *sig,
- const uint8_t *digest,
- const struct vb2_workbuf *wb)
-{
- uint8_t *sig_data = vb2_signature_data(sig);
-
- if (sig->sig_size != vb2_rsa_sig_size(key->sig_alg)) {
- VB2_DEBUG("Wrong data signature size for algorithm, "
- "sig_size=%d, expected %d for algorithm %d.\n",
- sig->sig_size, vb2_rsa_sig_size(key->sig_alg),
- key->sig_alg);
- return VB2_ERROR_VDATA_SIG_SIZE;
- }
-
- return vb2_rsa_verify_digest(key, sig_data, digest, wb);
-}
-
-int vb2_verify_data(const uint8_t *data,
- uint32_t size,
- struct vb2_signature *sig,
- const struct vb2_public_key *key,
- const struct vb2_workbuf *wb)
-{
- struct vb2_workbuf wblocal = *wb;
- struct vb2_digest_context *dc;
- uint8_t *digest;
- uint32_t digest_size;
- int rv;
-
- if (sig->data_size > size) {
- VB2_DEBUG("Data buffer smaller than length of signed data.\n");
- return VB2_ERROR_VDATA_NOT_ENOUGH_DATA;
- }
-
- /* Digest goes at start of work buffer */
- digest_size = vb2_digest_size(key->hash_alg);
- if (!digest_size)
- return VB2_ERROR_VDATA_DIGEST_SIZE;
-
- digest = vb2_workbuf_alloc(&wblocal, digest_size);
- if (!digest)
- return VB2_ERROR_VDATA_WORKBUF_DIGEST;
-
- /* Hashing requires temp space for the context */
- dc = vb2_workbuf_alloc(&wblocal, sizeof(*dc));
- if (!dc)
- return VB2_ERROR_VDATA_WORKBUF_HASHING;
-
- rv = vb2_digest_init(dc, key->hash_alg);
- if (rv)
- return rv;
-
- rv = vb2_digest_extend(dc, data, sig->data_size);
- if (rv)
- return rv;
-
- rv = vb2_digest_finalize(dc, digest, digest_size);
- if (rv)
- return rv;
-
- vb2_workbuf_free(&wblocal, sizeof(*dc));
-
- return vb2_verify_digest(key, sig, digest, &wblocal);
-}
-
-int vb2_verify_keyblock(struct vb2_keyblock *block,
- uint32_t size,
- const struct vb2_public_key *key,
- const struct vb2_workbuf *wb)
-{
- struct vb2_signature *sig;
- int rv;
-
- /* Sanity checks before attempting signature of data */
- if(size < sizeof(*block)) {
- VB2_DEBUG("Not enough space for key block header.\n");
- return VB2_ERROR_KEYBLOCK_TOO_SMALL_FOR_HEADER;
- }
- if (memcmp(block->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE)) {
- VB2_DEBUG("Not a valid verified boot key block.\n");
- return VB2_ERROR_KEYBLOCK_MAGIC;
- }
- if (block->header_version_major != KEY_BLOCK_HEADER_VERSION_MAJOR) {
- VB2_DEBUG("Incompatible key block header version.\n");
- return VB2_ERROR_KEYBLOCK_HEADER_VERSION;
- }
- if (size < block->keyblock_size) {
- VB2_DEBUG("Not enough data for key block.\n");
- return VB2_ERROR_KEYBLOCK_SIZE;
- }
-
- /* Check signature */
- sig = &block->keyblock_signature;
-
- if (vb2_verify_signature_inside(block, block->keyblock_size, sig)) {
- VB2_DEBUG("Key block signature off end of block\n");
- return VB2_ERROR_KEYBLOCK_SIG_OUTSIDE;
- }
-
- /* Make sure advertised signature data sizes are sane. */
- if (block->keyblock_size < sig->data_size) {
- VB2_DEBUG("Signature calculated past end of block\n");
- return VB2_ERROR_KEYBLOCK_SIGNED_TOO_MUCH;
- }
-
- VB2_DEBUG("Checking key block signature...\n");
- rv = vb2_verify_data((const uint8_t *)block, size, sig, key, wb);
- if (rv) {
- VB2_DEBUG("Invalid key block signature.\n");
- return VB2_ERROR_KEYBLOCK_SIG_INVALID;
- }
-
- /* Verify we signed enough data */
- if (sig->data_size < sizeof(struct vb2_keyblock)) {
- VB2_DEBUG("Didn't sign enough data\n");
- return VB2_ERROR_KEYBLOCK_SIGNED_TOO_LITTLE;
- }
-
- /* Verify data key is inside the block and inside signed data */
- if (vb2_verify_packed_key_inside(block, block->keyblock_size,
- &block->data_key)) {
- VB2_DEBUG("Data key off end of key block\n");
- return VB2_ERROR_KEYBLOCK_DATA_KEY_OUTSIDE;
- }
- if (vb2_verify_packed_key_inside(block, sig->data_size,
- &block->data_key)) {
- VB2_DEBUG("Data key off end of signed data\n");
- return VB2_ERROR_KEYBLOCK_DATA_KEY_UNSIGNED;
- }
-
- /* Success */
- return VB2_SUCCESS;
-}
-
-int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
- uint32_t size,
- const struct vb2_public_key *key,
- const struct vb2_workbuf *wb)
-{
- struct vb2_signature *sig = &preamble->preamble_signature;
-
- VB2_DEBUG("Verifying preamble.\n");
-
- /* Sanity checks before attempting signature of data */
- if(size < sizeof(*preamble)) {
- VB2_DEBUG("Not enough data for preamble header\n");
- return VB2_ERROR_PREAMBLE_TOO_SMALL_FOR_HEADER;
- }
- if (preamble->header_version_major !=
- FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR) {
- VB2_DEBUG("Incompatible firmware preamble header version.\n");
- return VB2_ERROR_PREAMBLE_HEADER_VERSION;
- }
-
- if (preamble->header_version_minor < 1) {
- VB2_DEBUG("Only preamble header 2.1+ supported\n");
- return VB2_ERROR_PREAMBLE_HEADER_OLD;
- }
-
- if (size < preamble->preamble_size) {
- VB2_DEBUG("Not enough data for preamble.\n");
- return VB2_ERROR_PREAMBLE_SIZE;
- }
-
- /* Check signature */
- if (vb2_verify_signature_inside(preamble, preamble->preamble_size,
- sig)) {
- VB2_DEBUG("Preamble signature off end of preamble\n");
- return VB2_ERROR_PREAMBLE_SIG_OUTSIDE;
- }
-
- /* Make sure advertised signature data sizes are sane. */
- if (preamble->preamble_size < sig->data_size) {
- VB2_DEBUG("Signature calculated past end of the block\n");
- return VB2_ERROR_PREAMBLE_SIGNED_TOO_MUCH;
- }
-
- if (vb2_verify_data((const uint8_t *)preamble, size, sig, key, wb)) {
- VB2_DEBUG("Preamble signature validation failed\n");
- return VB2_ERROR_PREAMBLE_SIG_INVALID;
- }
-
- /* Verify we signed enough data */
- if (sig->data_size < sizeof(struct vb2_fw_preamble)) {
- VB2_DEBUG("Didn't sign enough data\n");
- return VB2_ERROR_PREAMBLE_SIGNED_TOO_LITTLE;
- }
-
- /* Verify body signature is inside the signed data */
- if (vb2_verify_signature_inside(preamble, sig->data_size,
- &preamble->body_signature)) {
- VB2_DEBUG("Firmware body signature off end of preamble\n");
- return VB2_ERROR_PREAMBLE_BODY_SIG_OUTSIDE;
- }
-
- /* Verify kernel subkey is inside the signed data */
- if (vb2_verify_packed_key_inside(preamble, sig->data_size,
- &preamble->kernel_subkey)) {
- VB2_DEBUG("Kernel subkey off end of preamble\n");
- return VB2_ERROR_PREAMBLE_KERNEL_SUBKEY_OUTSIDE;
- }
-
- /* Success */
- return VB2_SUCCESS;
-}
View Lorry Controller Status