scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-27 03:33:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

vboot2: move verify digest to 2common

Browse Source 
This removes code duplicated between 2common.c and 2rsa.c.  This is in
preparation for adding new unsigned hash algorithms.

BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make -j runtests

Change-Id: Ic9c542ae14d3b7f786129c1d52f8963847a94fb8
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/224780
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
This commit is contained in:
Randall Spangler
2014-10-17 16:41:46 -07:00
committed by chrome-internal-fetch
parent 6df3e33912
commit 9504754fee
8 changed files with 82 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
firmware/2lib/2api.c
View File

@@ -273,24 +273,11 @@ int vb2api_check_hash(struct vb2_context *ctx)
if (rv) if (rv)
return rv; return rv;
/* Make sure body signature is the right size */
if (pre->body_signature.sig_size != vb2_rsa_sig_size(key.algorithm)) {
VB2_DEBUG("Wrong data signature size for algorithm, "
"sig_size=%d, expected %d for algorithm %d.\n",
(int)pre->body_signature.sig_size,
vb2_rsa_sig_size(key.algorithm),
key.algorithm);
return VB2_ERROR_API_CHECK_HASH_SIG_SIZE;
}
/* /*
* Check digest vs. signature. Note that this destroys the signature. * Check digest vs. signature. Note that this destroys the signature.
* That's ok, because we only check each signature once per boot. * That's ok, because we only check each signature once per boot.
*/ */
rv = vb2_verify_digest(&key, rv = vb2_verify_digest(&key, &pre->body_signature, digest, &wb);
vb2_signature_data(&pre->body_signature),
digest,
&wb);
if (rv) if (rv)
vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv); vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv);

32
firmware/2lib/2common.c
View File

@@ -225,6 +225,24 @@ int vb2_unpack_key(struct vb2_public_key *key,
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_verify_digest(const struct vb2_public_key *key,
struct vb2_signature *sig,
const uint8_t *digest,
struct vb2_workbuf *wb)
{
uint8_t *sig_data = vb2_signature_data(sig);
if (sig->sig_size != vb2_rsa_sig_size(key->algorithm)) {
VB2_DEBUG("Wrong data signature size for algorithm, "
"sig_size=%d, expected %d for algorithm %d.\n",
sig->sig_size, vb2_rsa_sig_size(key->algorithm),
key->algorithm);
return VB2_ERROR_VDATA_SIG_SIZE;
}
return vb2_rsa_verify_digest(key, sig_data, digest, wb);
}
int vb2_verify_data(const uint8_t *data, int vb2_verify_data(const uint8_t *data,
uint32_t size, uint32_t size,
struct vb2_signature *sig, struct vb2_signature *sig,
@@ -240,14 +258,6 @@ int vb2_verify_data(const uint8_t *data,
if (key->algorithm >= VB2_ALG_COUNT) if (key->algorithm >= VB2_ALG_COUNT)
return VB2_ERROR_VDATA_ALGORITHM; return VB2_ERROR_VDATA_ALGORITHM;
if (sig->sig_size != vb2_rsa_sig_size(key->algorithm)) {
VB2_DEBUG("Wrong data signature size for algorithm, "
"sig_size=%d, expected %d for algorithm %d.\n",
(int)sig->sig_size, vb2_rsa_sig_size(key->algorithm),
key->algorithm);
return VB2_ERROR_VDATA_SIG_SIZE;
}
if (sig->data_size > size) { if (sig->data_size > size) {
VB2_DEBUG("Data buffer smaller than length of signed data.\n"); VB2_DEBUG("Data buffer smaller than length of signed data.\n");
return VB2_ERROR_VDATA_NOT_ENOUGH_DATA; return VB2_ERROR_VDATA_NOT_ENOUGH_DATA;
@@ -255,6 +265,9 @@ int vb2_verify_data(const uint8_t *data,
/* Digest goes at start of work buffer */ /* Digest goes at start of work buffer */
digest_size = vb2_digest_size(key->algorithm); digest_size = vb2_digest_size(key->algorithm);
if (!digest_size)
return VB2_ERROR_VDATA_DIGEST_SIZE;
digest = vb2_workbuf_alloc(&wblocal, digest_size); digest = vb2_workbuf_alloc(&wblocal, digest_size);
if (!digest) if (!digest)
return VB2_ERROR_VDATA_WORKBUF_DIGEST; return VB2_ERROR_VDATA_WORKBUF_DIGEST;
@@ -278,8 +291,7 @@ int vb2_verify_data(const uint8_t *data,
vb2_workbuf_free(&wblocal, sizeof(*dc)); vb2_workbuf_free(&wblocal, sizeof(*dc));
return vb2_verify_digest(key, vb2_signature_data(sig), digest, return vb2_verify_digest(key, sig, digest, &wblocal);
&wblocal);
} }
int vb2_verify_keyblock(struct vb2_keyblock *block, int vb2_verify_keyblock(struct vb2_keyblock *block,

16
firmware/2lib/2rsa.c
View File

@@ -165,7 +165,9 @@ uint32_t vb2_rsa_sig_size(uint32_t algorithm)
uint32_t vb2_packed_key_size(uint32_t algorithm) uint32_t vb2_packed_key_size(uint32_t algorithm)
{ {
if (algorithm >= VB2_ALG_COUNT) uint32_t sig_size = vb2_rsa_sig_size(algorithm);
if (!sig_size)
return 0; return 0;
/* /*
@@ -173,7 +175,7 @@ uint32_t vb2_packed_key_size(uint32_t algorithm)
* 2 * key_len bytes for the n and rr arrays * 2 * key_len bytes for the n and rr arrays
* + sizeof len + sizeof n0inv. * + sizeof len + sizeof n0inv.
*/ */
return 2 * vb2_rsa_sig_size(algorithm) + 2 * sizeof(uint32_t); return 2 * sig_size + 2 * sizeof(uint32_t);
} }
/* /*
@@ -274,10 +276,10 @@ int vb2_check_padding(uint8_t *sig, int algorithm)
return result ? VB2_ERROR_RSA_PADDING : VB2_SUCCESS; return result ? VB2_ERROR_RSA_PADDING : VB2_SUCCESS;
} }
int vb2_verify_digest(const struct vb2_public_key *key, int vb2_rsa_verify_digest(const struct vb2_public_key *key,
uint8_t *sig, uint8_t *sig,
const uint8_t *digest, const uint8_t *digest,
struct vb2_workbuf *wb) struct vb2_workbuf *wb)
{ {
struct vb2_workbuf wblocal = *wb; struct vb2_workbuf wblocal = *wb;
uint32_t *workbuf32; uint32_t *workbuf32;
@@ -288,7 +290,7 @@ int vb2_verify_digest(const struct vb2_public_key *key,
if (!key || !sig || !digest) if (!key || !sig || !digest)
return VB2_ERROR_RSA_VERIFY_PARAM; return VB2_ERROR_RSA_VERIFY_PARAM;
if (key->algorithm >= VB2_ALG_COUNT) { if (key->algorithm > VB2_ALG_RSA8192_SHA512) {
VB2_DEBUG("Invalid signature type!\n"); VB2_DEBUG("Invalid signature type!\n");
return VB2_ERROR_RSA_VERIFY_ALGORITHM; return VB2_ERROR_RSA_VERIFY_ALGORITHM;
} }

17
firmware/2lib/include/2common.h
View File

@@ -214,6 +214,23 @@ int vb2_unpack_key(struct vb2_public_key *key,
const uint8_t *buf, const uint8_t *buf,
uint32_t size); uint32_t size);
/* Size of work buffer sufficient for vb2_rsa_verify_digest() worst case */
#define VB2_VERIFY_DIGEST_WORKBUF_BYTES VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES
/**
* Verify a signature against an expected hash digest.
*
* @param key Key to use in signature verification
* @param sig Signature to verify (may be destroyed in process)
* @param digest Digest of signed data
* @param wb Work buffer
* @return VB2_SUCCESS, or non-zero if error.
*/
int vb2_verify_digest(const struct vb2_public_key *key,
struct vb2_signature *sig,
const uint8_t *digest,
struct vb2_workbuf *wb);
/* Size of work buffer sufficient for vb2_verify_data() worst case */ /* Size of work buffer sufficient for vb2_verify_data() worst case */
#define VB2_VERIFY_DATA_WORKBUF_BYTES \ #define VB2_VERIFY_DATA_WORKBUF_BYTES \
(VB2_SHA512_DIGEST_SIZE + \ (VB2_SHA512_DIGEST_SIZE + \

6
firmware/2lib/include/2return_codes.h
View File

@@ -155,6 +155,12 @@ enum vb2_return_code {
/* Not enough work buffer for hash temp data in vb2_verify_data() */ /* Not enough work buffer for hash temp data in vb2_verify_data() */
VB2_ERROR_VDATA_WORKBUF_HASHING, VB2_ERROR_VDATA_WORKBUF_HASHING,
/*
* Bad digest size in vb2_verify_data() - probably because algorithm
* is bad.
*/
VB2_ERROR_VDATA_DIGEST_SIZE,
/********************************************************************** /**********************************************************************
* Keyblock verification errors (all in vb2_verify_keyblock()) * Keyblock verification errors (all in vb2_verify_keyblock())
*/ */

12
firmware/2lib/include/2rsa.h
View File

@@ -44,8 +44,8 @@ uint32_t vb2_packed_key_size(uint32_t algorithm);
*/ */
int vb2_check_padding(uint8_t *sig, int algorithm); int vb2_check_padding(uint8_t *sig, int algorithm);
/* Size of work buffer sufficient for vb2_verify_digest() worst case */ /* Size of work buffer sufficient for vb2_rsa_verify_digest() worst case */
#define VB2_VERIFY_DIGEST_WORKBUF_BYTES (3 * 1024) #define VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES (3 * 1024)
/** /**
* Verify a RSA PKCS1.5 signature against an expected hash digest. * Verify a RSA PKCS1.5 signature against an expected hash digest.
@@ -56,9 +56,9 @@ int vb2_check_padding(uint8_t *sig, int algorithm);
* @param wb Work buffer * @param wb Work buffer
* @return VB2_SUCCESS, or non-zero if error. * @return VB2_SUCCESS, or non-zero if error.
*/ */
int vb2_verify_digest(const struct vb2_public_key *key, int vb2_rsa_verify_digest(const struct vb2_public_key *key,
uint8_t *sig, uint8_t *sig,
const uint8_t *digest, const uint8_t *digest,
struct vb2_workbuf *wb); struct vb2_workbuf *wb);
#endif /* VBOOT_REFERENCE_2RSA_H_ */ #endif /* VBOOT_REFERENCE_2RSA_H_ */

10
tests/vb2_api_tests.c
View File

@@ -176,10 +176,10 @@ uint32_t vb2_rsa_sig_size(uint32_t algorithm)
return mock_sig_size; return mock_sig_size;
} }
int vb2_verify_digest(const struct vb2_public_key *key, int vb2_rsa_verify_digest(const struct vb2_public_key *key,
uint8_t *sig, uint8_t *sig,
const uint8_t *digest, const uint8_t *digest,
struct vb2_workbuf *wb) struct vb2_workbuf *wb)
{ {
return retval_vb2_verify_digest; return retval_vb2_verify_digest;
} }
@@ -426,7 +426,7 @@ static void check_hash_tests(void)
(cc.workbuf + sd->workbuf_preamble_offset); (cc.workbuf + sd->workbuf_preamble_offset);
pre->body_signature.sig_size++; pre->body_signature.sig_size++;
TEST_EQ(vb2api_check_hash(&cc), TEST_EQ(vb2api_check_hash(&cc),
VB2_ERROR_API_CHECK_HASH_SIG_SIZE, "check hash sig size"); VB2_ERROR_VDATA_SIG_SIZE, "check hash sig size");
reset_common_data(FOR_CHECK_HASH); reset_common_data(FOR_CHECK_HASH);
retval_vb2_digest_finalize = VB2_ERROR_RSA_VERIFY_DIGEST; retval_vb2_digest_finalize = VB2_ERROR_RSA_VERIFY_DIGEST;

31
tests/vb2_rsa_padding_tests.c
View File

@@ -51,14 +51,15 @@ static void test_signatures(const struct vb2_public_key *key)
/* The first test signature is valid. */ /* The first test signature is valid. */
Memcpy(sig, signatures[0], sizeof(sig)); Memcpy(sig, signatures[0], sizeof(sig));
TEST_SUCC(vb2_verify_digest(key, sig, test_message_sha1_hash, &wb), TEST_SUCC(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
"RSA Padding Test valid sig"); "RSA Padding Test valid sig");
/* All other signatures should fail verification. */ /* All other signatures should fail verification. */
unexpected_success = 0; unexpected_success = 0;
for (i = 1; i < sizeof(signatures) / sizeof(signatures[0]); i++) { for (i = 1; i < sizeof(signatures) / sizeof(signatures[0]); i++) {
Memcpy(sig, signatures[i], sizeof(sig)); Memcpy(sig, signatures[i], sizeof(sig));
if (!vb2_verify_digest(key, sig, test_message_sha1_hash, &wb)) { if (!vb2_rsa_verify_digest(key, sig,
test_message_sha1_hash, &wb)) {
fprintf(stderr, fprintf(stderr,
"RSA Padding Test vector %d FAILED!\n", i); "RSA Padding Test vector %d FAILED!\n", i);
unexpected_success++; unexpected_success++;
@@ -69,7 +70,7 @@ static void test_signatures(const struct vb2_public_key *key)
/** /**
* Test other error conditions in vb2_verify_digest(). * Test other error conditions in vb2_rsa_verify_digest().
*/ */
static void test_verify_digest(struct vb2_public_key *key) { static void test_verify_digest(struct vb2_public_key *key) {
uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]; uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES];
@@ -79,40 +80,40 @@ static void test_verify_digest(struct vb2_public_key *key) {
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
Memcpy(sig, signatures[0], sizeof(sig)); Memcpy(sig, signatures[0], sizeof(sig));
TEST_SUCC(vb2_verify_digest(key, sig, test_message_sha1_hash, &wb), TEST_SUCC(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
"vb2_verify_digest() good"); "vb2_rsa_verify_digest() good");
Memcpy(sig, signatures[0], sizeof(sig)); Memcpy(sig, signatures[0], sizeof(sig));
vb2_workbuf_init(&wb, workbuf, sizeof(sig) * 3 - 1); vb2_workbuf_init(&wb, workbuf, sizeof(sig) * 3 - 1);
TEST_EQ(vb2_verify_digest(key, sig, test_message_sha1_hash, &wb), TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
VB2_ERROR_RSA_VERIFY_WORKBUF, VB2_ERROR_RSA_VERIFY_WORKBUF,
"vb2_verify_digest() small workbuf"); "vb2_rsa_verify_digest() small workbuf");
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
key->algorithm += VB2_ALG_COUNT; key->algorithm += VB2_ALG_COUNT;
Memcpy(sig, signatures[0], sizeof(sig)); Memcpy(sig, signatures[0], sizeof(sig));
TEST_EQ(vb2_verify_digest(key, sig, test_message_sha1_hash, &wb), TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
VB2_ERROR_RSA_VERIFY_ALGORITHM, VB2_ERROR_RSA_VERIFY_ALGORITHM,
"vb2_verify_digest() bad key alg"); "vb2_rsa_verify_digest() bad key alg");
key->algorithm -= VB2_ALG_COUNT; key->algorithm -= VB2_ALG_COUNT;
key->arrsize *= 2; key->arrsize *= 2;
Memcpy(sig, signatures[0], sizeof(sig)); Memcpy(sig, signatures[0], sizeof(sig));
TEST_EQ(vb2_verify_digest(key, sig, test_message_sha1_hash, &wb), TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
VB2_ERROR_RSA_VERIFY_SIG_LEN, VB2_ERROR_RSA_VERIFY_SIG_LEN,
"vb2_verify_digest() bad sig len"); "vb2_rsa_verify_digest() bad sig len");
key->arrsize /= 2; key->arrsize /= 2;
/* Corrupt the signature near start and end */ /* Corrupt the signature near start and end */
Memcpy(sig, signatures[0], sizeof(sig)); Memcpy(sig, signatures[0], sizeof(sig));
sig[3] ^= 0x42; sig[3] ^= 0x42;
TEST_EQ(vb2_verify_digest(key, sig, test_message_sha1_hash, &wb), TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
VB2_ERROR_RSA_PADDING, "vb2_verify_digest() bad sig"); VB2_ERROR_RSA_PADDING, "vb2_rsa_verify_digest() bad sig");
Memcpy(sig, signatures[0], sizeof(sig)); Memcpy(sig, signatures[0], sizeof(sig));
sig[RSA1024NUMBYTES - 3] ^= 0x56; sig[RSA1024NUMBYTES - 3] ^= 0x56;
TEST_EQ(vb2_verify_digest(key, sig, test_message_sha1_hash, &wb), TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
VB2_ERROR_RSA_PADDING, "vb2_verify_digest() bad sig end"); VB2_ERROR_RSA_PADDING, "vb2_rsa_verify_digest() bad sig end");
} }
int main(int argc, char *argv[]) int main(int argc, char *argv[])