summaryrefslogtreecommitdiff
path: root/firmware/lib/vboot_common.c
diff options
context:
space:
mode:
Diffstat (limited to 'firmware/lib/vboot_common.c')
-rw-r--r--firmware/lib/vboot_common.c87
1 files changed, 0 insertions, 87 deletions
diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c
index 308bfeed..3535952f 100644
--- a/firmware/lib/vboot_common.c
+++ b/firmware/lib/vboot_common.c
@@ -311,93 +311,6 @@ int KeyBlockVerify(const VbKeyBlockHeader *block, uint64_t size,
return VBOOT_SUCCESS;
}
-int VerifyFirmwarePreamble(const VbFirmwarePreambleHeader *preamble,
- uint64_t size, const RSAPublicKey *key)
-{
- const VbSignature *sig = &preamble->preamble_signature;
-
- VBDEBUG(("Verifying preamble.\n"));
- /* Sanity checks before attempting signature of data */
- if(size < EXPECTED_VBFIRMWAREPREAMBLEHEADER2_0_SIZE) {
- VBDEBUG(("Not enough data for preamble header 2.0.\n"));
- return VBOOT_PREAMBLE_INVALID;
- }
- if (preamble->header_version_major !=
- FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR) {
- VBDEBUG(("Incompatible firmware preamble header version.\n"));
- return VBOOT_PREAMBLE_INVALID;
- }
- if (size < preamble->preamble_size) {
- VBDEBUG(("Not enough data for preamble.\n"));
- return VBOOT_PREAMBLE_INVALID;
- }
-
- /* Check signature */
- if (VerifySignatureInside(preamble, preamble->preamble_size, sig)) {
- VBDEBUG(("Preamble signature off end of preamble\n"));
- return VBOOT_PREAMBLE_INVALID;
- }
-
- /* Make sure advertised signature data sizes are sane. */
- if (preamble->preamble_size < sig->data_size) {
- VBDEBUG(("Signature calculated past end of the block\n"));
- return VBOOT_PREAMBLE_INVALID;
- }
-
- if (VerifyData((const uint8_t *)preamble, size, sig, key)) {
- VBDEBUG(("Preamble signature validation failed\n"));
- return VBOOT_PREAMBLE_SIGNATURE;
- }
-
- /* Verify we signed enough data */
- if (sig->data_size < sizeof(VbFirmwarePreambleHeader)) {
- VBDEBUG(("Didn't sign enough data\n"));
- return VBOOT_PREAMBLE_INVALID;
- }
-
- /* Verify body signature is inside the signed data */
- if (VerifySignatureInside(preamble, sig->data_size,
- &preamble->body_signature)) {
- VBDEBUG(("Firmware body signature off end of preamble\n"));
- return VBOOT_PREAMBLE_INVALID;
- }
-
- /* Verify kernel subkey is inside the signed data */
- if (VerifyPublicKeyInside(preamble, sig->data_size,
- &preamble->kernel_subkey)) {
- VBDEBUG(("Kernel subkey off end of preamble\n"));
- return VBOOT_PREAMBLE_INVALID;
- }
-
- /*
- * If the preamble header version is at least 2.1, verify we have space
- * for the added fields from 2.1.
- */
- if (preamble->header_version_minor >= 1) {
- if(size < EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE) {
- VBDEBUG(("Not enough data for preamble header 2.1.\n"));
- return VBOOT_PREAMBLE_INVALID;
- }
- }
-
- /* Success */
- return VBOOT_SUCCESS;
-}
-
-uint32_t VbGetFirmwarePreambleFlags(const VbFirmwarePreambleHeader *preamble)
-{
- if (preamble->header_version_minor < 1) {
- /*
- * Old structure; return default flags. (Note that we don't
- * need to check header_version_major; if that's not 2 then
- * VerifyFirmwarePreamble() would have already failed.
- */
- return 0;
- }
-
- return preamble->flags;
-}
-
int VerifyKernelPreamble(const VbKernelPreambleHeader *preamble,
uint64_t size, const RSAPublicKey *key)
{
View Lorry Controller Status