futility: Create signatures using vboot 2.0 APIs
Refactor futility to use only vboot 2.0 APIs to create signatures.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: I176e7f424fa556d34d8fe691df5681f1e43210ce
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356128
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
diff --git a/Makefile b/Makefile
index d522533..7b8cbcf 100644
--- a/Makefile
+++ b/Makefile
@@ -460,11 +460,14 @@
host/lib/file_keys.c \
host/lib/fmap.c \
host/lib/host_common.c \
+ host/lib/host_common2.c \
host/lib/host_key.c \
+ host/lib/host_key2.c \
host/lib/host_keyblock.c \
host/lib/host_misc.c \
host/lib/util_misc.c \
host/lib/host_signature.c \
+ host/lib/host_signature2.c \
host/lib/signature_digest.c \
host/lib21/host_fw_preamble.c \
host/lib21/host_key.c \
diff --git a/firmware/include/vboot_struct.h b/firmware/include/vboot_struct.h
index 3a3f534..f270455 100644
--- a/firmware/include/vboot_struct.h
+++ b/firmware/include/vboot_struct.h
@@ -91,94 +91,6 @@
/****************************************************************************/
-#define FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR 2
-#define FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR 1
-
-/*
- * Preamble block for rewritable firmware, version 2.0. All 2.x versions of
- * this struct must start with the same data, to be compatible with version 2.0
- * readers.
- */
-typedef struct VbFirmwarePreambleHeader2_0 {
- /*
- * Size of this preamble, including keys, signatures, and padding, in
- * bytes
- */
- uint64_t preamble_size;
- /*
- * Signature for this preamble (header + kernel subkey + body
- * signature)
- */
- VbSignature preamble_signature;
- /* Version of this header format (= 2) */
- uint32_t header_version_major;
- /* Version of this header format (= 0) */
- uint32_t header_version_minor;
-
- /* Firmware version */
- uint64_t firmware_version;
- /* Key to verify kernel key block */
- VbPublicKey kernel_subkey;
- /* Signature for the firmware body */
- VbSignature body_signature;
-} __attribute__((packed)) VbFirmwarePreambleHeader2_0;
-
-#define EXPECTED_VBFIRMWAREPREAMBLEHEADER2_0_SIZE 104
-
-/* Flags for VbFirmwarePreambleHeader.flags */
-/*
- * Use the normal/dev boot path from the read-only firmware, instead of
- * verifying the body signature.
- */
-#define VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL 0x00000001
-
-/* Premable block for rewritable firmware, version 2.1.
- *
- * The firmware preamble header should be followed by:
- * 1) The kernel_subkey key data, pointed to by kernel_subkey.key_offset.
- * 2) The signature data for the firmware body, pointed to by
- * body_signature.sig_offset.
- * 3) The signature data for (header + kernel_subkey data + body signature
- * data), pointed to by preamble_signature.sig_offset.
- */
-typedef struct VbFirmwarePreambleHeader {
- /*
- * Size of this preamble, including keys, signatures, and padding, in
- * bytes
- */
- uint64_t preamble_size;
- /*
- * Signature for this preamble (header + kernel subkey + body
- * signature)
- */
- VbSignature preamble_signature;
- /* Version of this header format */
- uint32_t header_version_major;
- /* Version of this header format */
- uint32_t header_version_minor;
-
- /* Firmware version */
- uint64_t firmware_version;
- /* Key to verify kernel key block */
- VbPublicKey kernel_subkey;
- /* Signature for the firmware body */
- VbSignature body_signature;
-
- /*
- * Fields added in header version 2.1. You must verify the header
- * version before reading these fields!
- */
- /*
- * Flags; see VB_FIRMWARE_PREAMBLE_*. Readers should return 0 for
- * header version < 2.1.
- */
- uint32_t flags;
-} __attribute__((packed)) VbFirmwarePreambleHeader;
-
-#define EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE 108
-
-/****************************************************************************/
-
#define KERNEL_PREAMBLE_HEADER_VERSION_MAJOR 2
#define KERNEL_PREAMBLE_HEADER_VERSION_MINOR 2
@@ -187,7 +99,7 @@
* This should be followed by:
* 1) The signature data for the kernel body, pointed to by
* body_signature.sig_offset.
- * 2) The signature data for (VBFirmwarePreambleHeader + body signature
+ * 2) The signature data for (vb2_kernel_preamble + body signature
* data), pointed to by preamble_signature.sig_offset.
*/
typedef struct VbKernelPreambleHeader2_0 {
@@ -222,7 +134,7 @@
* This should be followed by:
* 1) The signature data for the kernel body, pointed to by
* body_signature.sig_offset.
- * 2) The signature data for (VBFirmwarePreambleHeader + body signature
+ * 2) The signature data for (vb2_fw_preamble + body signature
* data), pointed to by preamble_signature.sig_offset.
* 3) The 16-bit vmlinuz header, which is used for reconstruction of
* vmlinuz image.
diff --git a/firmware/lib20/include/vb2_struct.h b/firmware/lib20/include/vb2_struct.h
index eeaf0ce..5220fa3 100644
--- a/firmware/lib20/include/vb2_struct.h
+++ b/firmware/lib20/include/vb2_struct.h
@@ -120,8 +120,8 @@
#define FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR 1
/* Flags for vb2_fw_preamble.flags */
-/* Reserved; do not use */
-#define VB2_FIRMWARE_PREAMBLE_RESERVED0 0x00000001
+/* Use RO-normal firmware (deprecated; do not use) */
+#define VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL 0x00000001
/* Do not allow use of any hardware crypto accelerators. */
#define VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO 0x00000002
diff --git a/futility/cmd_show.c b/futility/cmd_show.c
index d3cfc7f..261197d 100644
--- a/futility/cmd_show.c
+++ b/futility/cmd_show.c
@@ -239,7 +239,7 @@
printf(" Firmware body size: %d\n", pre2->body_signature.data_size);
printf(" Preamble flags: %d\n", flags);
- if (flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
+ if (flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
printf("Preamble requests USE_RO_NORMAL;"
" skipping body verification.\n");
goto done;
@@ -269,7 +269,7 @@
/* Can't trust the BIOS unless everything is signed (in which case
* we've already returned), but standalone files are okay. */
if (state || (sign_key && good_sig)) {
- if (!(flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL))
+ if (!(flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL))
printf("Body verification succeeded.\n");
if (state)
state->area[state->c].is_valid = 1;
diff --git a/futility/cmd_sign.c b/futility/cmd_sign.c
index acaa2f1..6d44840 100644
--- a/futility/cmd_sign.c
+++ b/futility/cmd_sign.c
@@ -27,6 +27,7 @@
#include "kernel_blob.h"
#include "util_misc.h"
#include "vb1_helper.h"
+#include "vb2_struct.h"
#include "vb21_common.h"
#include "host_key2.h"
#include "vboot_common.h"
@@ -80,6 +81,15 @@
strerror(errno));
return 1;
}
+ sign_option.signprivate2 = vb2_read_private_key_pem(
+ sign_option.pem_signpriv,
+ sign_option.pem_algo);
+ if (!sign_option.signprivate2) {
+ fprintf(stderr,
+ "Unable to read PEM signing key: %s\n",
+ strerror(errno));
+ return 1;
+ }
vblock = KeyBlockCreate(data_key,
sign_option.signprivate,
sign_option.flags);
@@ -244,21 +254,22 @@
int ft_sign_raw_firmware(const char *name, uint8_t *buf, uint32_t len,
void *data)
{
- VbSignature *body_sig;
- VbFirmwarePreambleHeader *preamble;
+ struct vb2_signature *body_sig;
+ struct vb2_fw_preamble *preamble;
int rv;
- body_sig = CalculateSignature(buf, len, sign_option.signprivate);
+ body_sig = vb2_calculate_signature(buf, len, sign_option.signprivate2);
if (!body_sig) {
fprintf(stderr, "Error calculating body signature\n");
return 1;
}
- preamble = CreateFirmwarePreamble(sign_option.version,
- sign_option.kernel_subkey,
- body_sig,
- sign_option.signprivate,
- sign_option.flags);
+ preamble = vb2_create_fw_preamble(
+ sign_option.version,
+ (struct vb2_packed_key *)sign_option.kernel_subkey,
+ body_sig,
+ sign_option.signprivate2,
+ sign_option.flags);
if (!preamble) {
fprintf(stderr, "Error creating firmware preamble.\n");
free(body_sig);
@@ -290,7 +301,7 @@
" --pem_signpriv FILE.pem Signing key in PEM format...\n"
" --pem_algo NUM AND the algorithm to use (0 - %d)\n"
"\n"
- " If a signing key is not given, the keyblock will not be signed (duh)."
+ " If a signing key is not given, the keyblock will not be signed."
"\n\n"
"And these, too:\n\n"
" -f|--flags NUM Flags specifying use conditions\n"
@@ -363,7 +374,7 @@
"Required PARAMS:\n"
" -s|--signprivate FILE.vbprivk"
" The private key to sign the kernel blob\n"
- " -b|--keyblock FILE.keyblock The keyblock containing the public\n"
+ " -b|--keyblock FILE.keyblock Keyblock containing the public\n"
" key to verify the kernel blob\n"
" -v|--version NUM The kernel version number\n"
" --bootloader FILE Bootloader stub\n"
@@ -398,7 +409,7 @@
" in place if no OUTFILE given)\n"
"\n"
"Optional PARAMS:\n"
- " -b|--keyblock FILE.keyblock The keyblock containing the public\n"
+ " -b|--keyblock FILE.keyblock Keyblock containing the public\n"
" key to verify the kernel blob\n"
" -v|--version NUM The kernel version number\n"
" --config FILE The kernel commandline file\n"
@@ -651,6 +662,11 @@
fprintf(stderr, "Error reading %s\n", optarg);
errorcnt++;
}
+ sign_option.signprivate2 = vb2_read_private_key(optarg);
+ if (!sign_option.signprivate2) {
+ fprintf(stderr, "Error reading %s\n", optarg);
+ errorcnt++;
+ }
break;
case 'b':
sign_option.keyblock = KeyBlockRead(optarg);
@@ -667,7 +683,8 @@
}
break;
case 'S':
- sign_option.devsignprivate = PrivateKeyRead(optarg);
+ sign_option.devsignprivate =
+ vb2_read_private_key(optarg);
if (!sign_option.devsignprivate) {
fprintf(stderr, "Error reading %s\n", optarg);
errorcnt++;
@@ -1037,6 +1054,8 @@
if (sign_option.signprivate)
free(sign_option.signprivate);
+ if (sign_option.signprivate2)
+ free(sign_option.signprivate2);
if (sign_option.keyblock)
free(sign_option.keyblock);
if (sign_option.kernel_subkey)
diff --git a/futility/cmd_vbutil_firmware.c b/futility/cmd_vbutil_firmware.c
index 66a05c1..b187d27 100644
--- a/futility/cmd_vbutil_firmware.c
+++ b/futility/cmd_vbutil_firmware.c
@@ -92,8 +92,6 @@
VbPrivateKey *signing_key;
VbPublicKey *kernel_subkey;
- VbSignature *body_sig;
- VbFirmwarePreambleHeader *preamble;
VbKeyBlockHeader *key_block;
uint64_t key_block_size;
uint8_t *fv_data;
@@ -127,6 +125,12 @@
VbExError("Error reading signing key.\n");
return 1;
}
+ struct vb2_private_key *signing_key2 =
+ vb2_read_private_key(signprivate);
+ if (!signing_key2) {
+ VbExError("Error reading signing key.\n");
+ return 1;
+ }
kernel_subkey = PublicKeyRead(kernelkey_file);
if (!kernel_subkey) {
@@ -142,7 +146,8 @@
VbExError("Empty firmware volume file\n");
return 1;
}
- body_sig = CalculateSignature(fv_data, fv_size, signing_key);
+ struct vb2_signature *body_sig =
+ vb2_calculate_signature(fv_data, fv_size, signing_key2);
if (!body_sig) {
VbExError("Error calculating body signature\n");
return 1;
@@ -150,10 +155,10 @@
free(fv_data);
/* Create preamble */
- preamble = CreateFirmwarePreamble(version,
- kernel_subkey,
- body_sig,
- signing_key, preamble_flags);
+ struct vb2_fw_preamble *preamble =
+ vb2_create_fw_preamble(version,
+ (struct vb2_packed_key *)kernel_subkey,
+ body_sig, signing_key2, preamble_flags);
if (!preamble) {
VbExError("Error creating preamble.\n");
return 1;
@@ -284,7 +289,7 @@
/* TODO: verify body size same as signature size */
/* Verify body */
- if (flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
+ if (flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
printf("Preamble requests USE_RO_NORMAL;"
" skipping body verification.\n");
} else if (VB2_SUCCESS ==
diff --git a/futility/file_type.inc b/futility/file_type.inc
index fe76759..f5a941d 100644
--- a/futility/file_type.inc
+++ b/futility/file_type.inc
@@ -27,7 +27,7 @@
R_(ft_recognize_gbb),
S_(ft_show_gbb),
NONE)
-FILE_TYPE(FW_PREAMBLE, "fw_pre", "VbFirmwarePreamble (VBLOCK_A/B)",
+FILE_TYPE(FW_PREAMBLE, "fw_pre", "firmware preamble (VBLOCK_A/B)",
R_(ft_recognize_vblock1),
S_(ft_show_fw_preamble),
NONE)
diff --git a/futility/file_type_bios.c b/futility/file_type_bios.c
index 037a007..dc51828 100644
--- a/futility/file_type_bios.c
+++ b/futility/file_type_bios.c
@@ -285,8 +285,8 @@
goto whatever;
}
uint32_t more = key_block->key_block_size;
- VbFirmwarePreambleHeader *preamble =
- (VbFirmwarePreambleHeader *)(buf + more);
+ struct vb2_fw_preamble *preamble =
+ (struct vb2_fw_preamble *)(buf + more);
uint32_t fw_size = preamble->body_signature.data_size;
struct bios_area_s *fw_body_area = 0;
@@ -322,23 +322,23 @@
static int write_new_preamble(struct bios_area_s *vblock,
struct bios_area_s *fw_body,
- VbPrivateKey *signkey,
+ struct vb2_private_key *signkey,
VbKeyBlockHeader *keyblock)
{
- VbSignature *body_sig;
- VbFirmwarePreambleHeader *preamble;
+ struct vb2_signature *body_sig;
+ struct vb2_fw_preamble *preamble;
- body_sig = CalculateSignature(fw_body->buf, fw_body->len, signkey);
+ body_sig = vb2_calculate_signature(fw_body->buf, fw_body->len, signkey);
if (!body_sig) {
fprintf(stderr, "Error calculating body signature\n");
return 1;
}
- preamble = CreateFirmwarePreamble(sign_option.version,
- sign_option.kernel_subkey,
- body_sig,
- signkey,
- sign_option.flags);
+ preamble = vb2_create_fw_preamble(sign_option.version,
+ (struct vb2_packed_key *)sign_option.kernel_subkey,
+ body_sig,
+ signkey,
+ sign_option.flags);
if (!preamble) {
fprintf(stderr, "Error creating firmware preamble.\n");
free(body_sig);
@@ -420,13 +420,13 @@
sign_option.devkeyblock);
} else {
retval |= write_new_preamble(vblock_a, fw_a,
- sign_option.signprivate,
+ sign_option.signprivate2,
sign_option.keyblock);
}
/* FW B is always normal keys */
retval |= write_new_preamble(vblock_b, fw_b,
- sign_option.signprivate,
+ sign_option.signprivate2,
sign_option.keyblock);
diff --git a/futility/futility_options.h b/futility/futility_options.h
index 92d9a95..456ee34 100644
--- a/futility/futility_options.h
+++ b/futility/futility_options.h
@@ -34,9 +34,10 @@
struct sign_option_s {
VbPrivateKey *signprivate;
+ struct vb2_private_key *signprivate2;
VbKeyBlockHeader *keyblock;
VbPublicKey *kernel_subkey;
- VbPrivateKey *devsignprivate;
+ struct vb2_private_key *devsignprivate;
VbKeyBlockHeader *devkeyblock;
uint32_t version;
int version_specified;
diff --git a/host/lib/host_common.c b/host/lib/host_common.c
index 959b65a..a666e80 100644
--- a/host/lib/host_common.c
+++ b/host/lib/host_common.c
@@ -14,62 +14,6 @@
#include "utility.h"
#include "vboot_common.h"
-VbFirmwarePreambleHeader *CreateFirmwarePreamble(
- uint64_t firmware_version,
- const VbPublicKey *kernel_subkey,
- const VbSignature *body_signature,
- const VbPrivateKey *signing_key,
- uint32_t flags)
-{
- VbFirmwarePreambleHeader *h;
- uint64_t signed_size = (sizeof(VbFirmwarePreambleHeader) +
- kernel_subkey->key_size +
- body_signature->sig_size);
- uint64_t block_size = signed_size + siglen_map[signing_key->algorithm];
- uint8_t *kernel_subkey_dest;
- uint8_t *body_sig_dest;
- uint8_t *block_sig_dest;
- VbSignature *sigtmp;
-
- /* Allocate key block */
- h = (VbFirmwarePreambleHeader *)malloc(block_size);
- if (!h)
- return NULL;
-
- Memset(h, 0, block_size);
- kernel_subkey_dest = (uint8_t *)(h + 1);
- body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size;
- block_sig_dest = body_sig_dest + body_signature->sig_size;
-
- h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR;
- h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR;
- h->preamble_size = block_size;
- h->firmware_version = firmware_version;
- h->flags = flags;
-
- /* Copy data key */
- PublicKeyInit(&h->kernel_subkey, kernel_subkey_dest,
- kernel_subkey->key_size);
- PublicKeyCopy(&h->kernel_subkey, kernel_subkey);
-
- /* Copy body signature */
- SignatureInit(&h->body_signature, body_sig_dest,
- body_signature->sig_size, 0);
- SignatureCopy(&h->body_signature, body_signature);
-
- /* Set up signature struct so we can calculate the signature */
- SignatureInit(&h->preamble_signature, block_sig_dest,
- siglen_map[signing_key->algorithm], signed_size);
-
- /* Calculate signature */
- sigtmp = CalculateSignature((uint8_t *)h, signed_size, signing_key);
- SignatureCopy(&h->preamble_signature, sigtmp);
- free(sigtmp);
-
- /* Return the header */
- return h;
-}
-
VbKernelPreambleHeader *CreateKernelPreamble(
uint64_t kernel_version,
uint64_t body_load_address,
diff --git a/host/lib/host_common2.c b/host/lib/host_common2.c
new file mode 100644
index 0000000..ae02b8b
--- /dev/null
+++ b/host/lib/host_common2.c
@@ -0,0 +1,74 @@
+/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Host functions for verified boot.
+ *
+ * TODO: change all 'return 0', 'return 1' into meaningful return codes.
+ */
+
+#include <string.h>
+
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2rsa.h"
+#include "host_common.h"
+#include "host_key2.h"
+#include "cryptolib.h"
+#include "utility.h"
+#include "vb2_common.h"
+#include "vboot_common.h"
+
+struct vb2_fw_preamble *vb2_create_fw_preamble(
+ uint32_t firmware_version,
+ const struct vb2_packed_key *kernel_subkey,
+ const struct vb2_signature *body_signature,
+ const struct vb2_private_key *signing_key,
+ uint32_t flags)
+{
+ uint32_t signed_size = (sizeof(struct vb2_fw_preamble) +
+ kernel_subkey->key_size +
+ body_signature->sig_size);
+ uint32_t block_size = signed_size +
+ vb2_rsa_sig_size(signing_key->sig_alg);
+
+ /* Allocate preamble */
+ struct vb2_fw_preamble *h =
+ (struct vb2_fw_preamble *)calloc(block_size, 1);
+ if (!h)
+ return NULL;
+
+ uint8_t *kernel_subkey_dest = (uint8_t *)(h + 1);
+ uint8_t *body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size;
+ uint8_t *block_sig_dest = body_sig_dest + body_signature->sig_size;
+
+ h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR;
+ h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR;
+ h->preamble_size = block_size;
+ h->firmware_version = firmware_version;
+ h->flags = flags;
+
+ /* Copy data key */
+ PublicKeyInit((VbPublicKey *)&h->kernel_subkey, kernel_subkey_dest,
+ kernel_subkey->key_size);
+ PublicKeyCopy((VbPublicKey *)&h->kernel_subkey,
+ (VbPublicKey *)kernel_subkey);
+
+ /* Copy body signature */
+ vb2_init_signature(&h->body_signature,
+ body_sig_dest, body_signature->sig_size, 0);
+ vb2_copy_signature(&h->body_signature, body_signature);
+
+ /* Set up signature struct so we can calculate the signature */
+ vb2_init_signature(&h->preamble_signature, block_sig_dest,
+ vb2_rsa_sig_size(signing_key->sig_alg), signed_size);
+
+ /* Calculate signature */
+ struct vb2_signature *sig =
+ vb2_calculate_signature((uint8_t *)h, signed_size, signing_key);
+ vb2_copy_signature(&h->preamble_signature, sig);
+ free(sig);
+
+ /* Return the header */
+ return h;
+}
diff --git a/host/lib/host_key2.c b/host/lib/host_key2.c
new file mode 100644
index 0000000..28f02af
--- /dev/null
+++ b/host/lib/host_key2.c
@@ -0,0 +1,105 @@
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Host functions for keys.
+ */
+
+/* TODO: change all 'return 0', 'return 1' into meaningful return codes */
+
+#include <openssl/pem.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2rsa.h"
+#include "2sha.h"
+#include "cryptolib.h"
+#include "host_common.h"
+#include "host_key.h"
+#include "host_key2.h"
+#include "host_misc.h"
+#include "vb2_common.h"
+#include "vboot_common.h"
+
+struct vb2_private_key *vb2_read_private_key(const char *filename)
+{
+ uint8_t *buf = NULL;
+ uint32_t bufsize = 0;
+ if (VB2_SUCCESS != vb2_read_file(filename, &buf, &bufsize)) {
+ VbExError("unable to read from file %s\n", filename);
+ return NULL;
+ }
+
+ struct vb2_private_key *key =
+ (struct vb2_private_key *)calloc(sizeof(*key), 1);
+ if (!key) {
+ VbExError("Unable to allocate private key\n");
+ free(buf);
+ return NULL;
+ }
+
+ uint64_t alg = *(uint64_t *)buf;
+ key->hash_alg = vb2_crypto_to_hash(alg);
+ key->sig_alg = vb2_crypto_to_signature(alg);
+ const unsigned char *start = buf + sizeof(alg);
+
+ key->rsa_private_key =
+ d2i_RSAPrivateKey(0, &start, bufsize - sizeof(alg));
+
+ if (!key->rsa_private_key) {
+ VbExError("Unable to parse RSA private key\n");
+ free(buf);
+ free(key);
+ return NULL;
+ }
+
+ free(buf);
+ return key;
+}
+
+struct vb2_private_key *vb2_read_private_key_pem(
+ const char* filename,
+ enum vb2_crypto_algorithm algorithm)
+{
+ RSA *rsa_key;
+ FILE *f;
+
+ if (algorithm >= VB2_ALG_COUNT) {
+ VB2_DEBUG("%s() called with invalid algorithm!\n",
+ __FUNCTION__);
+ return NULL;
+ }
+
+ /* Read private key */
+ f = fopen(filename, "r");
+ if (!f) {
+ VB2_DEBUG("%s(): Couldn't open key file: %s\n",
+ __FUNCTION__, filename);
+ return NULL;
+ }
+ rsa_key = PEM_read_RSAPrivateKey(f, NULL, NULL, NULL);
+ fclose(f);
+ if (!rsa_key) {
+ VB2_DEBUG("%s(): Couldn't read private key from file: %s\n",
+ __FUNCTION__, filename);
+ return NULL;
+ }
+
+ /* Store key and algorithm in our struct */
+ struct vb2_private_key *key =
+ (struct vb2_private_key *)calloc(sizeof(*key), 1);
+ if (!key) {
+ RSA_free(rsa_key);
+ return NULL;
+ }
+ key->rsa_private_key = rsa_key;
+ key->hash_alg = vb2_crypto_to_hash(algorithm);
+ key->sig_alg = vb2_crypto_to_signature(algorithm);
+
+ /* Return the key */
+ return key;
+}
diff --git a/host/lib/host_keyblock.c b/host/lib/host_keyblock.c
index 333b7d4..982013f 100644
--- a/host/lib/host_keyblock.c
+++ b/host/lib/host_keyblock.c
@@ -57,9 +57,9 @@
Memset(&h->key_block_signature, 0, sizeof(VbSignature));
/* Calculate checksum */
- sigtmp = CalculateChecksum((uint8_t*)h, signed_size);
- SignatureCopy(&h->key_block_checksum, sigtmp);
- free(sigtmp);
+ struct vb2_signature *chk = vb2_sha512_signature((uint8_t*)h, signed_size);
+ SignatureCopy(&h->key_block_checksum, (VbSignature *)chk);
+ free(chk);
/* Calculate signature */
if (signing_key) {
@@ -117,9 +117,9 @@
siglen_map[algorithm], signed_size);
/* Calculate checksum */
- sigtmp = CalculateChecksum((uint8_t*)h, signed_size);
- SignatureCopy(&h->key_block_checksum, sigtmp);
- free(sigtmp);
+ struct vb2_signature *chk = vb2_sha512_signature((uint8_t*)h, signed_size);
+ SignatureCopy(&h->key_block_checksum, (VbSignature *)chk);
+ free(chk);
/* Calculate signature */
sigtmp = CalculateSignature_external((uint8_t*)h, signed_size,
diff --git a/host/lib/host_signature.c b/host/lib/host_signature.c
index 5767684..33000f1 100644
--- a/host/lib/host_signature.c
+++ b/host/lib/host_signature.c
@@ -54,54 +54,6 @@
return 0;
}
-
-VbSignature* CalculateChecksum(const uint8_t* data, uint64_t size) {
-
- uint8_t header_checksum[VB2_SHA512_DIGEST_SIZE];
- VbSignature* sig;
-
- if (VB2_SUCCESS != vb2_digest_buffer(data, size, VB2_HASH_SHA512,
- header_checksum,
- sizeof(header_checksum)))
- return NULL;
-
- sig = SignatureAlloc(VB2_SHA512_DIGEST_SIZE, 0);
- if (!sig)
- return NULL;
-
- sig->sig_offset = sizeof(VbSignature);
- sig->sig_size = VB2_SHA512_DIGEST_SIZE;
- sig->data_size = size;
-
- /* Signature data immediately follows the header */
- Memcpy(GetSignatureData(sig), header_checksum, VB2_SHA512_DIGEST_SIZE);
- return sig;
-}
-
-VbSignature* CalculateHash(const uint8_t* data, uint64_t size,
- const VbPrivateKey* key) {
- int vb2_alg = vb2_crypto_to_hash(key->algorithm);
- uint8_t digest[VB2_MAX_DIGEST_SIZE];
- int digest_size = vb2_digest_size(vb2_alg);
- VbSignature* sig = NULL;
-
- /* Calculate the digest */
- if (VB2_SUCCESS != vb2_digest_buffer(data, size, vb2_alg,
- digest, sizeof(digest)))
- return NULL;
-
- /* Allocate output signature */
- sig = SignatureAlloc(digest_size, size);
- if (!sig)
- return NULL;
-
- /* The digest itself is the signature data */
- Memcpy(GetSignatureData(sig), digest, digest_size);
-
- /* Return the signature */
- return sig;
-}
-
VbSignature* CalculateSignature(const uint8_t* data, uint64_t size,
const VbPrivateKey* key) {
int vb2_alg = vb2_crypto_to_hash(key->algorithm);
diff --git a/host/lib/host_signature2.c b/host/lib/host_signature2.c
new file mode 100644
index 0000000..e07f3d0
--- /dev/null
+++ b/host/lib/host_signature2.c
@@ -0,0 +1,135 @@
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Host functions for signature generation.
+ */
+
+#include <openssl/rsa.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2rsa.h"
+#include "2sha.h"
+#include "cryptolib.h"
+#include "file_keys.h"
+#include "host_common.h"
+#include "host_key2.h"
+#include "host_signature2.h"
+#include "vb2_common.h"
+#include "vboot_common.h"
+
+struct vb2_signature *vb2_alloc_signature(uint32_t sig_size,
+ uint32_t data_size)
+{
+ struct vb2_signature *sig = (struct vb2_signature *)
+ calloc(sizeof(*sig) + sig_size, 1);
+ if (!sig)
+ return NULL;
+
+ sig->sig_offset = sizeof(*sig);
+ sig->sig_size = sig_size;
+ sig->data_size = data_size;
+
+ return sig;
+}
+
+void vb2_init_signature(struct vb2_signature *sig, uint8_t *sig_data,
+ uint32_t sig_size, uint32_t data_size)
+{
+ sig->sig_offset = OffsetOf(sig, sig_data);
+ sig->sig_size = sig_size;
+ sig->data_size = data_size;
+}
+
+int vb2_copy_signature(struct vb2_signature *dest,
+ const struct vb2_signature *src)
+{
+ if (dest->sig_size < src->sig_size)
+ return VB2_ERROR_SIG_SIZE;
+
+ dest->sig_size = src->sig_size;
+ dest->data_size = src->data_size;
+
+ memcpy(vb2_signature_data(dest),
+ vb2_signature_data((struct vb2_signature *)src),
+ src->sig_size);
+
+ return VB2_SUCCESS;
+}
+
+struct vb2_signature *vb2_sha512_signature(const uint8_t *data, uint32_t size)
+{
+ uint8_t digest[VB2_SHA512_DIGEST_SIZE];
+ if (VB2_SUCCESS != vb2_digest_buffer(data, size, VB2_HASH_SHA512,
+ digest, sizeof(digest)))
+ return NULL;
+
+ struct vb2_signature *sig =
+ vb2_alloc_signature(VB2_SHA512_DIGEST_SIZE, size);
+ if (!sig)
+ return NULL;
+
+ memcpy(vb2_signature_data(sig), digest, VB2_SHA512_DIGEST_SIZE);
+ return sig;
+}
+
+struct vb2_signature *vb2_calculate_signature(
+ const uint8_t *data, uint32_t size,
+ const struct vb2_private_key *key)
+{
+ uint8_t digest[VB2_MAX_DIGEST_SIZE];
+ uint32_t digest_size = vb2_digest_size(key->hash_alg);
+
+ uint32_t digest_info_size = 0;
+ const uint8_t *digest_info = NULL;
+ if (VB2_SUCCESS != vb2_digest_info(key->hash_alg,
+ &digest_info, &digest_info_size))
+ return NULL;
+
+ /* Calculate the digest */
+ if (VB2_SUCCESS != vb2_digest_buffer(data, size, key->hash_alg,
+ digest, digest_size))
+ return NULL;
+
+ /* Prepend the digest info to the digest */
+ int signature_digest_len = digest_size + digest_info_size;
+ uint8_t *signature_digest = malloc(signature_digest_len);
+ if (!signature_digest)
+ return NULL;
+
+ memcpy(signature_digest, digest_info, digest_info_size);
+ memcpy(signature_digest + digest_info_size, digest, digest_size);
+
+ /* Allocate output signature */
+ struct vb2_signature *sig = (struct vb2_signature *)
+ vb2_alloc_signature(vb2_rsa_sig_size(key->sig_alg), size);
+ if (!sig) {
+ free(signature_digest);
+ return NULL;
+ }
+
+ /* Sign the signature_digest into our output buffer */
+ int rv = RSA_private_encrypt(signature_digest_len, /* Input length */
+ signature_digest, /* Input data */
+ vb2_signature_data(sig), /* Output sig */
+ key->rsa_private_key, /* Key to use */
+ RSA_PKCS1_PADDING); /* Padding */
+ free(signature_digest);
+
+ if (-1 == rv) {
+ VB2_DEBUG("%s: RSA_private_encrypt() failed.\n", __func__);
+ free(sig);
+ return NULL;
+ }
+
+ /* Return the signature */
+ return sig;
+}
diff --git a/host/lib/include/host_common.h b/host/lib/include/host_common.h
index 895a675..c9f9713 100644
--- a/host/lib/include/host_common.h
+++ b/host/lib/include/host_common.h
@@ -24,17 +24,21 @@
#include "vboot_struct.h"
/**
- * Create a firmware preamble, signed with [signing_key].
+ * Create a firmware preamble.
*
- * Caller owns the returned pointer, and must free it with Free().
+ * @param firmware_version Firmware version
+ * @param kernel_subkey Kernel subkey to store in preamble
+ * @param body_signature Signature of firmware body
+ * @param signing_key Private key to sign header with
+ * @param flags Firmware preamble flags
*
- * Returns NULL if error.
+ * @return The preamble, or NULL if error. Caller must free() it.
*/
-VbFirmwarePreambleHeader *CreateFirmwarePreamble(
- uint64_t firmware_version,
- const VbPublicKey *kernel_subkey,
- const VbSignature *body_signature,
- const VbPrivateKey *signing_key,
+struct vb2_fw_preamble *vb2_create_fw_preamble(
+ uint32_t firmware_version,
+ const struct vb2_packed_key *kernel_subkey,
+ const struct vb2_signature *body_signature,
+ const struct vb2_private_key *signing_key,
uint32_t flags);
/**
diff --git a/host/lib/include/host_key.h b/host/lib/include/host_key.h
index cdfc81b..25b7f76 100644
--- a/host/lib/include/host_key.h
+++ b/host/lib/include/host_key.h
@@ -8,10 +8,12 @@
#ifndef VBOOT_REFERENCE_HOST_KEY_H_
#define VBOOT_REFERENCE_HOST_KEY_H_
+#include "2crypto.h"
#include "cryptolib.h"
#include "vboot_struct.h"
struct vb2_packed_key;
+struct vb2_private_key;
typedef struct rsa_st RSA;
@@ -23,9 +25,11 @@
/* Read a private key from a .pem file. Caller owns the returned pointer,
- * and must free it with PrivateKeyFree(). */
+ * and must free() it. */
VbPrivateKey* PrivateKeyReadPem(const char* filename, uint64_t algorithm);
-
+struct vb2_private_key *vb2_read_private_key_pem(
+ const char *filename,
+ enum vb2_crypto_algorithm algorithm);
/* Free a private key. */
void PrivateKeyFree(VbPrivateKey* key);
@@ -33,13 +37,12 @@
/* Write a private key to a file in .vbprivk format. */
int PrivateKeyWrite(const char* filename, const VbPrivateKey* key);
-/* Read a privake key from a .vbprivk file. Caller owns the returned
- * pointer, and must free it with PrivateKeyFree().
+/* Read a private key from a .vbprivk file. Caller owns the returned
+ * pointer, and must free() it.
*
* Returns NULL if error. */
VbPrivateKey* PrivateKeyRead(const char* filename);
-
-
+struct vb2_private_key *vb2_read_private_key(const char *filename);
/* Allocate a new public key with space for a [key_size] byte key. */
VbPublicKey* PublicKeyAlloc(uint64_t key_size, uint64_t algorithm,
diff --git a/host/lib/include/host_signature.h b/host/lib/include/host_signature.h
index fb03c6c..2c7f24a 100644
--- a/host/lib/include/host_signature.h
+++ b/host/lib/include/host_signature.h
@@ -13,35 +13,57 @@
#include "utility.h"
#include "vboot_struct.h"
+struct vb2_private_key;
+struct vb2_signature;
-/* Initialize a signature struct. */
+/**
+ * Initialize a signature struct.
+ *
+ * @param sig Structure to initialize
+ * @param sig_data Pointer to signature data buffer (after sig)
+ * @param sig_size Size of signature data buffer in bytes
+ * @param data_size Amount of data signed in bytes
+ */
void SignatureInit(VbSignature* sig, uint8_t* sig_data,
uint64_t sig_size, uint64_t data_size);
+void vb2_init_signature(struct vb2_signature *sig, uint8_t *sig_data,
+ uint32_t sig_size, uint32_t data_size);
-/* Allocate a new signature with space for a [sig_size] byte signature. */
+/**
+ * Allocate a new signature.
+ *
+ * @param sig_size Size of signature in bytes
+ * @param data_size Amount of data signed in bytes
+ *
+ * @return The signature or NULL if error. Caller must free() it.
+ */
VbSignature* SignatureAlloc(uint64_t sig_size, uint64_t data_size);
+struct vb2_signature *vb2_alloc_signature(uint32_t sig_size,
+ uint32_t data_size);
-
-/* Copy a signature key from [src] to [dest].
+/**
+ * Copy a signature.
*
- * Returns 0 if success, non-zero if error. */
+ * @param dest Destination signature
+ * @param src Source signature
+ *
+ * @return VB2_SUCCESS, or non-zero if error. */
int SignatureCopy(VbSignature* dest, const VbSignature* src);
+int vb2_copy_signature(struct vb2_signature *dest,
+ const struct vb2_signature *src);
-
-/* Calculates a SHA-512 checksum.
- * Caller owns the returned pointer, and must free it with Free().
+/**
+ * Calculate a SHA-512 digest-only signature.
*
- * Returns NULL on error. */
-VbSignature* CalculateChecksum(const uint8_t* data, uint64_t size);
-
-
-/* Calculates a hash of the data using the algorithm from the specified key.
- * Caller owns the returned pointer, and must free it with Free().
+ * Caller owns the returned pointer, and must free() it.
*
- * Returns NULL on error. */
-VbSignature* CalculateHash(const uint8_t* data, uint64_t size,
- const VbPrivateKey* key);
+ * @param data Pointer to data to hash
+ * @param size Length of data in bytes
+ *
+ * @return The signature, or NULL if error.
+ */
+struct vb2_signature *vb2_sha512_signature(const uint8_t *data, uint32_t size);
/* Calculates a signature for the data using the specified key.
* Caller owns the returned pointer, and must free it with Free().
@@ -49,6 +71,9 @@
* Returns NULL on error. */
VbSignature* CalculateSignature(const uint8_t* data, uint64_t size,
const VbPrivateKey* key);
+struct vb2_signature *vb2_calculate_signature(
+ const uint8_t *data, uint32_t size,
+ const struct vb2_private_key *key);
/* Calculates a signature for the data using the specified key and
* an external program.
diff --git a/host/lib21/host_signature.c b/host/lib21/host_signature.c
index 01f4f32..5339b07 100644
--- a/host/lib21/host_signature.c
+++ b/host/lib21/host_signature.c
@@ -17,17 +17,9 @@
#include "host_signature2.h"
#include "host_misc.h"
-/**
- * Get the digest info for a hash algorithm
- *
- * @param hash_alg Hash algorithm
- * @param buf_ptr On success, points to the digest info
- * @param size_ptr On success, contains the info size in bytes
- * @return VB2_SUCCESS, or non-zero error code on failure.
- */
-static int vb2_digest_info(enum vb2_hash_algorithm hash_alg,
- const uint8_t **buf_ptr,
- uint32_t *size_ptr)
+int vb2_digest_info(enum vb2_hash_algorithm hash_alg,
+ const uint8_t **buf_ptr,
+ uint32_t *size_ptr)
{
*buf_ptr = NULL;
*size_ptr = 0;
diff --git a/host/lib21/include/host_signature2.h b/host/lib21/include/host_signature2.h
index 8eb95ba..5faf6da 100644
--- a/host/lib21/include/host_signature2.h
+++ b/host/lib21/include/host_signature2.h
@@ -11,6 +11,19 @@
#include "2struct.h"
struct vb2_private_key;
+struct vb21_signature;
+
+/**
+ * Get the digest info for a hash algorithm
+ *
+ * @param hash_alg Hash algorithm
+ * @param buf_ptr On success, points to the digest info
+ * @param size_ptr On success, contains the info size in bytes
+ * @return VB2_SUCCESS, or non-zero error code on failure.
+ */
+int vb2_digest_info(enum vb2_hash_algorithm hash_alg,
+ const uint8_t **buf_ptr,
+ uint32_t *size_ptr);
/**
* Sign data buffer
diff --git a/host/linktest/main.c b/host/linktest/main.c
index 5e7aa27..1631ec3 100644
--- a/host/linktest/main.c
+++ b/host/linktest/main.c
@@ -36,11 +36,9 @@
SignatureInit(0, 0, 0, 0);
SignatureAlloc(0, 0);
SignatureCopy(0, 0);
- CalculateChecksum(0, 0);
CalculateSignature(0, 0, 0);
/* host_common.h */
- CreateFirmwarePreamble(0, 0, 0, 0, 0);
CreateKernelPreamble(0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
/* file_keys.h */
diff --git a/tests/gen_preamble_testdata.sh b/tests/gen_preamble_testdata.sh
index 4bccdf9..661cf9a 100755
--- a/tests/gen_preamble_testdata.sh
+++ b/tests/gen_preamble_testdata.sh
@@ -4,11 +4,11 @@
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
#
-# This generates the pre-change test data used to ensure that modifications to
-# VbFirmwarePreambleHeader and VbKernelPreambleHeader will not break the
-# signing tools for older releases. This was run *before* any modifications, so
-# be sure to revert the repo back to the correct point if you need to run it
-# again.
+# This generates the pre-change test data used to ensure that
+# modifications to vb2_fw_preamble and VbKernelPreambleHeader will not
+# break the signing tools for older releases. This was run *before*
+# any modifications, so be sure to revert the repo back to the correct
+# point if you need to run it again.
# Load common constants and variables for tests.
diff --git a/tests/run_preamble_tests.sh b/tests/run_preamble_tests.sh
index df2f54f..be07715 100755
--- a/tests/run_preamble_tests.sh
+++ b/tests/run_preamble_tests.sh
@@ -4,10 +4,10 @@
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
#
-# This tests that vblocks using pre-3.0 versions of VbFirmwarePreambleHeader
-# and VbKernelPreambleHeader will still verify (or not) correctly. We need to
-# keep the old versions around to make sure that we can still sign images in
-# the ways that existing devices can validate.
+# This tests that vblocks using pre-3.0 versions of vb2_fw_preamble
+# and VbKernelPreambleHeader will still verify (or not) correctly. We
+# need to keep the old versions around to make sure that we can still
+# sign images in the ways that existing devices can validate.
# Load common constants and variables for tests.
. "$(dirname "$0")/common.sh"
diff --git a/tests/vb20_common2_tests.c b/tests/vb20_common2_tests.c
index e5463e2..623633d 100644
--- a/tests/vb20_common2_tests.c
+++ b/tests/vb20_common2_tests.c
@@ -140,14 +140,14 @@
char filename[1024];
int rsa_len = siglen_map[key_algorithm] * 8;
- VbPrivateKey *private_key = NULL;
+ struct vb2_private_key *private_key = NULL;
struct vb2_signature *sig = NULL;
struct vb2_packed_key *key1;
printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]);
sprintf(filename, "%s/key_rsa%d.pem", keys_dir, rsa_len);
- private_key = PrivateKeyReadPem(filename, key_algorithm);
+ private_key = vb2_read_private_key_pem(filename, key_algorithm);
if (!private_key) {
fprintf(stderr, "Error reading private_key: %s\n", filename);
return 1;
@@ -162,8 +162,8 @@
}
/* Calculate good signatures */
- sig = (struct vb2_signature *)
- CalculateSignature(test_data, sizeof(test_data), private_key);
+ sig = vb2_calculate_signature(test_data, sizeof(test_data),
+ private_key);
TEST_PTR_NEQ(sig, 0, "Calculate signature");
if (!sig)
return 1;
diff --git a/tests/vb20_common3_tests.c b/tests/vb20_common3_tests.c
index 9520738..6de4b8a 100644
--- a/tests/vb20_common3_tests.c
+++ b/tests/vb20_common3_tests.c
@@ -203,18 +203,18 @@
}
static void resign_fw_preamble(struct vb2_fw_preamble *h,
- const VbPrivateKey *key)
+ struct vb2_private_key *key)
{
- VbSignature *sig = CalculateSignature(
+ struct vb2_signature *sig = vb2_calculate_signature(
(const uint8_t *)h, h->preamble_signature.data_size, key);
- SignatureCopy((VbSignature *)&h->preamble_signature, sig);
+ vb2_copy_signature(&h->preamble_signature, sig);
free(sig);
}
static void test_verify_fw_preamble(const VbPublicKey *public_key,
- const VbPrivateKey *private_key,
- const VbPublicKey *kernel_subkey)
+ struct vb2_private_key *private_key,
+ struct vb2_packed_key *kernel_subkey)
{
struct vb2_fw_preamble *hdr;
struct vb2_fw_preamble *h;
@@ -227,17 +227,16 @@
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
/* Create a dummy signature */
- VbSignature *body_sig = SignatureAlloc(56, 78);
+ struct vb2_signature *body_sig = vb2_alloc_signature(56, 78);
TEST_SUCC(vb2_unpack_key(&rsa, (uint8_t *)public_key,
public_key->key_offset + public_key->key_size),
"vb2_verify_fw_preamble() prereq key");
- hdr = (struct vb2_fw_preamble *)
- CreateFirmwarePreamble(0x1234, kernel_subkey, body_sig,
- private_key, 0x5678);
+ hdr = vb2_create_fw_preamble(0x1234, kernel_subkey, body_sig,
+ private_key, 0x5678);
TEST_PTR_NEQ(hdr, NULL,
- "VerifyFirmwarePreamble() prereq test preamble");
+ "vb2_verify_fw_preamble() prereq test preamble");
if (!hdr)
return;
hsize = (uint32_t) hdr->preamble_size;
@@ -368,7 +367,7 @@
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
/* Create a dummy signature */
- VbSignature *body_sig = SignatureAlloc(56, 0x214000);
+ struct vb2_signature *body_sig = vb2_alloc_signature(56, 0x214000);
TEST_SUCC(vb2_unpack_key(&rsa, (uint8_t *)public_key,
public_key->key_offset + public_key->key_size),
@@ -376,7 +375,8 @@
hdr = (struct vb2_kernel_preamble *)
CreateKernelPreamble(0x1234, 0x100000, 0x300000, 0x4000,
- body_sig, 0x304000, 0x10000, 0, 0,
+ (VbSignature *)body_sig,
+ 0x304000, 0x10000, 0, 0,
private_key);
TEST_PTR_NEQ(hdr, NULL,
"vb2_verify_kernel_preamble() prereq test preamble");
@@ -542,6 +542,14 @@
return 1;
}
+ struct vb2_private_key *signing_private_key2 =
+ vb2_read_private_key_pem(filename, signing_key_algorithm);
+ if (!signing_private_key2) {
+ fprintf(stderr, "Error reading signing_private_key: %s\n",
+ filename);
+ return 1;
+ }
+
sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, signing_rsa_len);
signing_public_key = PublicKeyReadKeyb(filename,
signing_key_algorithm, 1);
@@ -564,14 +572,16 @@
data_public_key);
test_verify_keyblock(signing_public_key, signing_private_key,
data_public_key);
- test_verify_fw_preamble(signing_public_key, signing_private_key,
- data_public_key);
+ test_verify_fw_preamble(signing_public_key, signing_private_key2,
+ (struct vb2_packed_key *)data_public_key);
test_verify_kernel_preamble(signing_public_key, signing_private_key);
if (signing_public_key)
free(signing_public_key);
if (signing_private_key)
free(signing_private_key);
+ if (signing_private_key2)
+ free(signing_private_key2);
if (data_public_key)
free(data_public_key);
diff --git a/tests/vb20_common_tests.c b/tests/vb20_common_tests.c
index 4f4d681..9cc6dd7 100644
--- a/tests/vb20_common_tests.c
+++ b/tests/vb20_common_tests.c
@@ -43,9 +43,6 @@
TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE,
EXPECTED_VBKEYBLOCKHEADER_SIZE,
"vboot1->2 keyblock sizes same");
- TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE,
- EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE,
- "vboot1->2 firmware preamble sizes same");
}
/**
diff --git a/tests/vboot_common_tests.c b/tests/vboot_common_tests.c
index 3c303a6..875180b 100644
--- a/tests/vboot_common_tests.c
+++ b/tests/vboot_common_tests.c
@@ -25,12 +25,6 @@
"sizeof(VbSignature)");
TEST_EQ(EXPECTED_VBKEYBLOCKHEADER_SIZE, sizeof(VbKeyBlockHeader),
"sizeof(VbKeyBlockHeader)");
- TEST_EQ(EXPECTED_VBFIRMWAREPREAMBLEHEADER2_0_SIZE,
- sizeof(VbFirmwarePreambleHeader2_0),
- "sizeof(VbFirmwarePreambleHeader2_0)");
- TEST_EQ(EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE,
- sizeof(VbFirmwarePreambleHeader),
- "sizeof(VbFirmwarePreambleHeader)");
TEST_EQ(EXPECTED_VBKERNELPREAMBLEHEADER2_2_SIZE,
sizeof(VbKernelPreambleHeader),
"sizeof(VbKernelPreambleHeader)");
