diff options
Diffstat (limited to 'futility/cmd_sign.c')
-rw-r--r-- | futility/cmd_sign.c | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/futility/cmd_sign.c b/futility/cmd_sign.c index 6d448404..23e298b9 100644 --- a/futility/cmd_sign.c +++ b/futility/cmd_sign.c @@ -60,16 +60,22 @@ static int no_opt_if(int expr, const char *optname) /* This wraps/signs a public key, producing a keyblock. */ int ft_sign_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data) { - VbPublicKey *data_key = (VbPublicKey *)buf; - VbKeyBlockHeader *vblock; + struct vb2_packed_key *data_key = (struct vb2_packed_key *)buf; + struct vb2_keyblock *block; + + if (!packed_key_looks_ok(data_key, len)) { + fprintf(stderr, "Public key looks bad.\n"); + return 1; + } if (sign_option.pem_signpriv) { if (sign_option.pem_external) { /* External signing uses the PEM file directly. */ - vblock = KeyBlockCreate_external( + block = vb2_create_keyblock_external( data_key, sign_option.pem_signpriv, - sign_option.pem_algo, sign_option.flags, + sign_option.pem_algo, + sign_option.flags, sign_option.pem_external); } else { sign_option.signprivate = PrivateKeyReadPem( @@ -90,19 +96,19 @@ int ft_sign_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data) strerror(errno)); return 1; } - vblock = KeyBlockCreate(data_key, - sign_option.signprivate, - sign_option.flags); + block = vb2_create_keyblock(data_key, + sign_option.signprivate2, + sign_option.flags); } } else { /* Not PEM. Should already have a signing key. */ - vblock = KeyBlockCreate(data_key, sign_option.signprivate, - sign_option.flags); + block = vb2_create_keyblock(data_key, sign_option.signprivate2, + sign_option.flags); } /* Write it out */ return WriteSomeParts(sign_option.outfile, - vblock, vblock->key_block_size, + block, block->keyblock_size, NULL, 0); } @@ -166,7 +172,7 @@ int ft_sign_kern_preamble(const char *name, uint8_t *buf, uint32_t len, { uint8_t *kpart_data, *kblob_data, *vblock_data; uint64_t kpart_size, kblob_size, vblock_size; - VbKeyBlockHeader *keyblock = NULL; + struct vb2_keyblock *keyblock = NULL; VbKernelPreambleHeader *preamble = NULL; int rv = 0; @@ -278,7 +284,7 @@ int ft_sign_raw_firmware(const char *name, uint8_t *buf, uint32_t len, rv = WriteSomeParts(sign_option.outfile, sign_option.keyblock, - sign_option.keyblock->key_block_size, + sign_option.keyblock->keyblock_size, preamble, preamble->preamble_size); free(preamble); @@ -669,7 +675,7 @@ static int do_sign(int argc, char *argv[]) } break; case 'b': - sign_option.keyblock = KeyBlockRead(optarg); + sign_option.keyblock = vb2_read_keyblock(optarg); if (!sign_option.keyblock) { fprintf(stderr, "Error reading %s\n", optarg); errorcnt++; @@ -691,7 +697,7 @@ static int do_sign(int argc, char *argv[]) } break; case 'B': - sign_option.devkeyblock = KeyBlockRead(optarg); + sign_option.devkeyblock = vb2_read_keyblock(optarg); if (!sign_option.devkeyblock) { fprintf(stderr, "Error reading %s\n", optarg); errorcnt++; |