From 5de6b40ca74f4a6724941068a15bb0cf261a2d01 Mon Sep 17 00:00:00 2001
From: Bill Richardson <wfrichar@chromium.org>
Date: Thu, 1 Sep 2011 14:47:05 -0700
Subject: Display sha1sums in BIOS debug info

BUG=none
TEST=manual

Press 'TAB' at any BIOS screen. You should see some sha1sums.

Change-Id: Id2f034ad198e4c9c53ab2f2a8fa6195f3479f6aa
Reviewed-on: http://gerrit.chromium.org/gerrit/7101
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
---
 firmware/lib/vboot_display.c | 39 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 37 insertions(+), 2 deletions(-)

diff --git a/firmware/lib/vboot_display.c b/firmware/lib/vboot_display.c
index 9ee9419e..307aa540 100644
--- a/firmware/lib/vboot_display.c
+++ b/firmware/lib/vboot_display.c
@@ -348,6 +348,25 @@ VbError_t VbDisplayScreen(VbCommonParams* cparams, uint32_t screen, int force,
 }
 
 
+static void Uint8ToString(char *buf, uint8_t val) {
+  const char *trans = "0123456789abcdef";
+  *buf++ = trans[val >> 4];
+  *buf = trans[val & 0xF];
+}
+
+static void FillInSha1Sum(char *outbuf, VbPublicKey* key) {
+  uint8_t* buf = ((uint8_t *)key) + key->key_offset;
+  uint64_t buflen = key->key_size;
+  uint8_t* digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM);
+  int i;
+  for (i=0; i<SHA1_DIGEST_SIZE; i++) {
+    Uint8ToString(outbuf, digest[i]);
+    outbuf += 2;
+  }
+  *outbuf = '\0';
+  VbExFree(digest);
+}
+
 #define DEBUG_INFO_SIZE 512
 
 /* Display debug info to the screen */
@@ -355,6 +374,7 @@ VbError_t VbDisplayDebugInfo(VbCommonParams* cparams, VbNvContext *vncptr) {
   VbSharedDataHeader* shared = (VbSharedDataHeader*)cparams->shared_data_blob;
   GoogleBinaryBlockHeader* gbb = (GoogleBinaryBlockHeader*)cparams->gbb_data;
   char buf[DEBUG_INFO_SIZE] = "";
+  char sha1sum[SHA1_DIGEST_SIZE * 2 + 1];
   uint32_t used = 0;
   uint32_t i;
 
@@ -413,12 +433,27 @@ VbError_t VbDisplayDebugInfo(VbCommonParams* cparams, VbNvContext *vncptr) {
     used += Strncat(buf + used, "0 (default)", DEBUG_INFO_SIZE - used);
   }
 
+  /* Add sha1sum for Root & Recovery keys */
+  FillInSha1Sum(sha1sum,
+                (VbPublicKey*)((uint8_t*)gbb + gbb->rootkey_offset));
+  used += Strncat(buf + used, "\ngbb.rootkey: ", DEBUG_INFO_SIZE - used);
+  used += Strncat(buf + used, sha1sum, DEBUG_INFO_SIZE - used);
+  FillInSha1Sum(sha1sum,
+                (VbPublicKey*)((uint8_t*)gbb + gbb->recovery_key_offset));
+  used += Strncat(buf + used, "\ngbb.recovery_key: ", DEBUG_INFO_SIZE - used);
+  used += Strncat(buf + used, sha1sum, DEBUG_INFO_SIZE - used);
+
+  /* If we're in dev-mode, show the kernel subkey that we expect, too. */
+  if (0 == shared->recovery_reason) {
+    FillInSha1Sum(sha1sum, &shared->kernel_subkey);
+    used += Strncat(buf + used, "\nkernel_subkey: ", DEBUG_INFO_SIZE - used);
+    used += Strncat(buf + used, sha1sum, DEBUG_INFO_SIZE - used);
+  }
+
   /* Make sure we finish with a newline */
   used += Strncat(buf + used, "\n", DEBUG_INFO_SIZE - used);
 
   /* TODO: add more interesting data:
-   * - SHA1 of kernel subkey (assuming we always set it in VbSelectFirmware,
-   *   even in recovery mode, where we just copy it from the root key)
    * - Information on current disks */
 
   buf[DEBUG_INFO_SIZE - 1] = '\0';
-- 
cgit v1.2.1