1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*/
/* Routines for verifying a file's signature. Useful in testing the core
* RSA verification implementation.
*/
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include "2sysincludes.h"
#include "2common.h"
#include "2sha.h"
#include "2rsa.h"
#include "file_keys.h"
#include "host_common.h"
#include "vb2_common.h"
/* ANSI Color coding sequences. */
#define COL_GREEN "\e[1;32m"
#define COL_RED "\e[0;31m"
#define COL_STOP "\e[m"
int main(int argc, char* argv[])
{
uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]
__attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
struct vb2_workbuf wb;
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
int return_code = 1; /* Default to error. */
uint8_t digest[VB2_MAX_DIGEST_SIZE];
struct vb2_packed_key *pk = NULL;
uint8_t *signature = NULL;
uint32_t sig_len = 0;
if (argc != 5) {
int i;
fprintf(stderr,
"Usage: %s <algorithm> <key file> <signature file>"
" <input file>\n\n", argv[0]);
fprintf(stderr,
"where <algorithm> depends on the signature algorithm"
" used:\n");
for(i = 0; i < VB2_ALG_COUNT; i++)
fprintf(stderr, "\t%d for %s\n", i,
vb2_get_crypto_algorithm_name(i));
return -1;
}
int algorithm = atoi(argv[1]);
if (algorithm >= VB2_ALG_COUNT) {
fprintf(stderr, "Invalid algorithm %d\n", algorithm);
goto error;
}
pk = vb2_read_packed_keyb(argv[2], algorithm, 0);
if (!pk) {
fprintf(stderr, "Can't read RSA public key.\n");
goto error;
}
struct vb2_public_key k2;
if (VB2_SUCCESS != vb2_unpack_key(&k2, pk)) {
fprintf(stderr, "Can't unpack RSA public key.\n");
goto error;
}
if (VB2_SUCCESS != vb2_read_file(argv[3], &signature, &sig_len)) {
fprintf(stderr, "Can't read signature.\n");
goto error;
}
uint32_t expect_sig_size =
vb2_rsa_sig_size(vb2_crypto_to_signature(algorithm));
if (sig_len != expect_sig_size) {
fprintf(stderr, "Expected signature size %u, got %u\n",
expect_sig_size, sig_len);
goto error;
}
if (VB2_SUCCESS != DigestFile(argv[4], vb2_crypto_to_hash(algorithm),
digest, sizeof(digest))) {
fprintf(stderr, "Error calculating digest.\n");
goto error;
}
if (VB2_SUCCESS == vb2_rsa_verify_digest(&k2, signature, digest, &wb)) {
return_code = 0;
fprintf(stderr, "Signature Verification "
COL_GREEN "SUCCEEDED" COL_STOP "\n");
} else {
fprintf(stderr, "Signature Verification "
COL_RED "FAILED" COL_STOP "\n");
}
error:
if (pk)
free(pk);
if (signature)
free(signature);
return return_code;
}
|
