vb21: load private key before signing
When we load the private key, it calls out to PKCS11 and sets up the
modulus and ID of the key. Make sure to do that before signing data, so
that PKCS11 keys have the ID copied into the signature block.
BUG=b:413430417
BRANCH=None
TEST=manual
TEST=make runtests
Change-Id: Iba05e451827aecb706fb433a3e03c413955c144e
Signed-off-by: Benjamin Shai <bshai@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/6489297
Reviewed-by: Jakub "Kuba" Czapiga <czapiga@google.com>
Commit-Queue: Jakub "Kuba" Czapiga <czapiga@google.com>
Tested-by: Jakub "Kuba" Czapiga <czapiga@google.com>
diff --git a/host/lib21/host_signature.c b/host/lib21/host_signature.c
index d2cfba2..253a24b 100644
--- a/host/lib21/host_signature.c
+++ b/host/lib21/host_signature.c
@@ -6,6 +6,7 @@
*/
#include <openssl/rsa.h>
+#include <unistd.h>
#include "2common.h"
#include "2rsa.h"
@@ -17,6 +18,7 @@
#include "host_misc.h"
#include "host_p11.h"
#include "host_signature21.h"
+#include "util_misc.h"
vb2_error_t vb2_digest_info(enum vb2_hash_algorithm hash_alg,
const uint8_t **buf_ptr, uint32_t *size_ptr)
@@ -69,9 +71,26 @@
}
vb2_error_t vb21_sign_data(struct vb21_signature **sig_ptr, const uint8_t *data,
- uint32_t size, const struct vb2_private_key *key,
+ uint32_t size, struct vb2_private_key *key,
const char *desc)
{
+ /* Preinitialize these fields used in the error handling. */
+ vb2_error_t rv;
+ *sig_ptr = NULL;
+ uint8_t *sig_digest = NULL;
+
+ if (key->key_location == PRIVATE_KEY_P11) {
+ /* Load keyb from the key to force PKCS11 fields to initialize. */
+ uint8_t *keyb_data;
+ uint32_t keyb_size;
+ if (vb_keyb_from_private_key(key, &keyb_data, &keyb_size)) {
+ fprintf(stderr, "Couldn't extract the public key\n");
+ rv = VB2_ERROR_UNKNOWN;
+ goto done;
+ }
+ free(keyb_data);
+ }
+
struct vb21_signature s = {
.c.magic = VB21_MAGIC_SIGNATURE,
.c.struct_version_major = VB21_SIGNATURE_VERSION_MAJOR,
@@ -83,17 +102,13 @@
.id = key->id,
};
- vb2_error_t rv;
struct vb2_digest_context dc;
uint32_t digest_size;
const uint8_t *info = NULL;
uint32_t info_size = 0;
uint32_t sig_digest_size;
- uint8_t *sig_digest = NULL;
uint8_t *buf = NULL;
- *sig_ptr = NULL;
-
/* Use key description if no description supplied */
if (!desc)
desc = key->desc;
@@ -230,7 +245,7 @@
}
vb2_error_t vb21_sign_object(uint8_t *buf, uint32_t sig_offset,
- const struct vb2_private_key *key,
+ struct vb2_private_key *key,
const char *desc)
{
struct vb21_struct_common *c = (struct vb21_struct_common *)buf;
@@ -253,7 +268,7 @@
}
vb2_error_t vb21_sign_object_multiple(uint8_t *buf, uint32_t sig_offset,
- const struct vb2_private_key **key_list,
+ struct vb2_private_key **key_list,
uint32_t key_count)
{
struct vb21_struct_common *c = (struct vb21_struct_common *)buf;
diff --git a/host/lib21/include/host_signature21.h b/host/lib21/include/host_signature21.h
index 093814d..9ea13b1 100644
--- a/host/lib21/include/host_signature21.h
+++ b/host/lib21/include/host_signature21.h
@@ -37,7 +37,7 @@
* @return VB2_SUCCESS, or non-zero error code on failure.
*/
vb2_error_t vb21_sign_data(struct vb21_signature **sig_ptr, const uint8_t *data,
- uint32_t size, const struct vb2_private_key *key,
+ uint32_t size, struct vb2_private_key *key,
const char *desc);
/**
@@ -76,7 +76,7 @@
* @param desc If non-null, description to use for signature
*/
vb2_error_t vb21_sign_object(uint8_t *buf, uint32_t sig_offset,
- const struct vb2_private_key *key,
+ struct vb2_private_key *key,
const char *desc);
/**
@@ -90,7 +90,7 @@
* @param key_count Number of keys in list
*/
vb2_error_t vb21_sign_object_multiple(uint8_t *buf, uint32_t sig_offset,
- const struct vb2_private_key **key_list,
+ struct vb2_private_key **key_list,
uint32_t key_count);
#endif /* VBOOT_REFERENCE_HOST_SIGNATURE2_H_ */
diff --git a/tests/vb21_host_common_tests.c b/tests/vb21_host_common_tests.c
index 440a066..e10019f 100644
--- a/tests/vb21_host_common_tests.c
+++ b/tests/vb21_host_common_tests.c
@@ -207,7 +207,7 @@
static void test_verify_hash(void)
{
struct vb21_signature *sig;
- const struct vb2_private_key *prik;
+ struct vb2_private_key *prik;
struct vb2_public_key pubk;
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]
__attribute__((aligned(VB2_WORKBUF_ALIGN)));
@@ -215,7 +215,7 @@
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
- TEST_SUCC(vb2_private_key_hash(&prik, VB2_HASH_SHA256),
+ TEST_SUCC(vb2_private_key_hash((const struct vb2_private_key **)&prik, VB2_HASH_SHA256),
"create private hash key");
TEST_SUCC(vb2_public_key_hash(&pubk, VB2_HASH_SHA256),
"create hash key");
diff --git a/tests/vb21_host_sig_tests.c b/tests/vb21_host_sig_tests.c
index 63ef180..b5205f1 100644
--- a/tests/vb21_host_sig_tests.c
+++ b/tests/vb21_host_sig_tests.c
@@ -40,8 +40,7 @@
const char *pemfile,
const char *keybfile)
{
- struct vb2_private_key *prik, prik2;
- const struct vb2_private_key *prihash, *priks[2];
+ struct vb2_private_key *prik, prik2, *prihash, *priks[2];
struct vb2_public_key *pubk, pubhash;
struct vb21_signature *sig, *sig2;
uint32_t size;
@@ -70,7 +69,8 @@
pubk->hash_alg = combo->hash_alg;
vb2_public_key_set_desc(pubk, test_desc);
- TEST_SUCC(vb2_private_key_hash(&prihash, combo->hash_alg),
+ TEST_SUCC(vb2_private_key_hash((const struct vb2_private_key **)&prihash,
+ combo->hash_alg),
"Private hash key");
TEST_SUCC(vb2_public_key_hash(&pubhash, combo->hash_alg),
"Public hash key");
@@ -134,7 +134,8 @@
free(buf);
/* Multiply sign an object */
- TEST_SUCC(vb21_sig_size_for_keys(&size, priks, 2), "Sigs size");
+ TEST_SUCC(vb21_sig_size_for_keys(&size, (const struct vb2_private_key **)priks, 2),
+ "Sigs size");
bufsize = c_sig_offs + size;
buf = calloc(1, bufsize);
memset(buf + sizeof(*c), 0x12, 24);
