summaryrefslogtreecommitdiff
path: root/firmware/2lib/2packed_key2.c
diff options
context:
space:
mode:
Diffstat (limited to 'firmware/2lib/2packed_key2.c')
-rw-r--r--firmware/2lib/2packed_key2.c109
1 files changed, 109 insertions, 0 deletions
diff --git a/firmware/2lib/2packed_key2.c b/firmware/2lib/2packed_key2.c
new file mode 100644
index 00000000..306206ee
--- /dev/null
+++ b/firmware/2lib/2packed_key2.c
@@ -0,0 +1,109 @@
+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Key unpacking functions
+ */
+
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2rsa.h"
+
+const uint8_t *vb2_packed_key2_data(const struct vb2_packed_key2 *key)
+{
+ return (const uint8_t *)key + key->key_offset;
+}
+
+int vb2_verify_packed_key2_inside(const void *parent,
+ uint32_t parent_size,
+ const struct vb2_packed_key2 *key)
+{
+ int rv;
+
+ rv = vb2_verify_member_inside(parent, parent_size,
+ key, sizeof(*key),
+ key->key_offset, key->key_size);
+ if (rv)
+ return rv;
+
+ return vb2_verify_common_header(parent, parent_size, &key->c);
+}
+
+int vb2_unpack_key2(struct vb2_public_key *key,
+ const uint8_t *buf,
+ uint32_t size)
+{
+ const struct vb2_packed_key2 *pkey =
+ (const struct vb2_packed_key2 *)buf;
+ const uint32_t *buf32;
+ uint32_t expected_key_size;
+ uint32_t sig_size;
+ int rv;
+
+ /*
+ * Check magic number.
+ *
+ * If it doesn't match, pass through to the old packed key format.
+ *
+ * TODO: remove passthru when signing scripts have switched over to
+ * use the new format.
+ */
+ if (pkey->c.magic != VB2_MAGIC_PACKED_KEY2)
+ return vb2_unpack_key(key, buf, size);
+
+ /* Make sure passed buffer is big enough for the packed key */
+ rv = vb2_verify_packed_key2_inside(buf, size, pkey);
+ if (rv)
+ return rv;
+
+ /*
+ * Check for compatible version. No need to check minor version, since
+ * that's compatible across readers matching the major version, and we
+ * haven't added any new fields.
+ */
+ if (pkey->c.struct_version_major != VB2_PACKED_KEY2_VERSION_MAJOR)
+ return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION;
+
+ /* Copy key algorithms */
+ key->sig_alg = pkey->sig_algorithm;
+ sig_size = vb2_rsa_sig_size(key->sig_alg);
+ if (!sig_size)
+ return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
+
+ key->hash_alg = pkey->hash_algorithm;
+ if (!vb2_digest_size(key->hash_alg))
+ return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
+
+ expected_key_size = vb2_packed_key_size(key->sig_alg);
+ if (!expected_key_size || expected_key_size != pkey->key_size) {
+ VB2_DEBUG("Wrong key size for algorithm\n");
+ return VB2_ERROR_UNPACK_KEY_SIZE;
+ }
+
+ /* Make sure source buffer is 32-bit aligned */
+ buf32 = (const uint32_t *)vb2_packed_key2_data(pkey);
+ if (!vb2_aligned(buf32, sizeof(uint32_t)))
+ return VB2_ERROR_UNPACK_KEY_ALIGN;
+
+ /* Sanity check key array size */
+ key->arrsize = buf32[0];
+ if (key->arrsize * sizeof(uint32_t) != sig_size)
+ return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE;
+
+ key->n0inv = buf32[1];
+
+ /* Arrays point inside the key data */
+ key->n = buf32 + 2;
+ key->rr = buf32 + 2 + key->arrsize;
+
+ /* Key description */
+ if (pkey->c.desc_size)
+ key->desc = (const char *)&(pkey->c) + pkey->c.desc_offset;
+ else
+ key->desc = "";
+
+ key->version = pkey->key_version;
+ key->guid = &pkey->key_guid;
+
+ return VB2_SUCCESS;
+}
View Lorry Controller Status