From 6fb3a9645e584cdf6ff5e2739d8ac94d5f2ea38d Mon Sep 17 00:00:00 2001 From: Bill Richardson Date: Wed, 27 Aug 2014 15:37:47 -0700 Subject: futility: add separate check function for VPbublicKey Provide a PublicKeyLooksOkay() function to sanity-check VbPublicKey structs. This was just part of PublicKeyRead(), but I want to separate the reading from the checking. BUG=chromium:224734 BRANCH=ToT TEST=make runtests Change-Id: I1dd808e623e2a7fdc2789e02305619111a7b01e6 Signed-off-by: Bill Richardson Reviewed-on: https://chromium-review.googlesource.com/214621 Reviewed-by: Randall Spangler Reviewed-on: https://chromium-review.googlesource.com/227855 Tested-by: Daisuke Nojiri Reviewed-by: Daisuke Nojiri Commit-Queue: Daisuke Nojiri --- host/lib/host_key.c | 56 +++++++++++++++++++++++++-------------------- host/lib/include/host_key.h | 2 ++ 2 files changed, 33 insertions(+), 25 deletions(-) diff --git a/host/lib/host_key.c b/host/lib/host_key.c index e2736f95..c9efa85c 100644 --- a/host/lib/host_key.c +++ b/host/lib/host_key.c @@ -201,39 +201,45 @@ VbPublicKey* PublicKeyReadKeyb(const char* filename, uint64_t algorithm, } +int PublicKeyLooksOkay(VbPublicKey *key, uint64_t file_size) +{ + uint64_t key_size; + + /* Sanity-check key data */ + if (0 != VerifyPublicKeyInside(key, file_size, key)) { + VBDEBUG(("PublicKeyRead() not a VbPublicKey\n")); + return 0; + } + if (key->algorithm >= kNumAlgorithms) { + VBDEBUG(("PublicKeyRead() invalid algorithm\n")); + return 0; + } + if (key->key_version > 0xFFFF) { + VBDEBUG(("PublicKeyRead() invalid version\n")); + return 0; /* Currently, TPM only supports 16-bit version */ + } + if (!RSAProcessedKeySize(key->algorithm, &key_size) || + key_size != key->key_size) { + VBDEBUG(("PublicKeyRead() wrong key size for algorithm\n")); + return 0; + } + + /* Success */ + return 1; +} + + + VbPublicKey* PublicKeyRead(const char* filename) { VbPublicKey* key; uint64_t file_size; - uint64_t key_size; key = (VbPublicKey*)ReadFile(filename, &file_size); if (!key) return NULL; - do { - /* Sanity-check key data */ - if (0 != VerifyPublicKeyInside(key, file_size, key)) { - VBDEBUG(("PublicKeyRead() not a VbPublicKey\n")); - break; - } - if (key->algorithm >= kNumAlgorithms) { - VBDEBUG(("PublicKeyRead() invalid algorithm\n")); - break; - } - if (key->key_version > 0xFFFF) { - VBDEBUG(("PublicKeyRead() invalid version\n")); - break; /* Currently, TPM only supports 16-bit version */ - } - if (!RSAProcessedKeySize(key->algorithm, &key_size) || - key_size != key->key_size) { - VBDEBUG(("PublicKeyRead() wrong key size for algorithm\n")); - break; - } - - /* Success */ - return key; - - } while(0); + if (PublicKeyLooksOkay(key, file_size)) + return key; /* Error */ free(key); diff --git a/host/lib/include/host_key.h b/host/lib/include/host_key.h index 018c25d3..85aef244 100644 --- a/host/lib/include/host_key.h +++ b/host/lib/include/host_key.h @@ -52,6 +52,8 @@ VbPublicKey* PublicKeyAlloc(uint64_t key_size, uint64_t algorithm, * Returns NULL if error. */ VbPublicKey* PublicKeyRead(const char* filename); +/* Return true if the public key struct appears correct. */ +int PublicKeyLooksOkay(VbPublicKey *key, uint64_t file_size); /* Read a public key from a .keyb file. Caller owns the returned * pointer, and must free it with Free(). -- cgit v1.2.1