scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-25 02:35:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

vboot: Disambiguate vb2.1 structs and functions

Browse Source 
Futility needs to link against both vboot1/vboot2.0 and vboot2.1
functions.  This was easy in the past because it did (vboot1 +
vboot2.1) and there's no overlap.

In replacing vboot1 function calls and structs with vboot2.0, now there
are symbol collisions between vboot2.0 and vboot2.1.  For example, both
of them use a struct called vb2_signature, but the structs are defined
differently.  Functions which operate on those structs also overload.

Rename the vb2.1 structs to start with vb21_ instead of vb2_.  Do the
same for vb2.1 functions which operate on vb2.1 data.

BUG=chromium:611535
BRANCH=none
TEST=make runtests

Change-Id: I24defd87cbd9ef64239faf1a8e98ab2372d27539
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/347458
Reviewed-by: Daisuke Nojiri <dnojiri@google.com>
This commit is contained in:
Randall Spangler
2016-05-25 16:42:44 -07:00
committed by chrome-bot
parent 2afa87360d
commit ca72512866
35 changed files with 779 additions and 778 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
firmware/2lib/include/2return_codes.h
View File

@@ -206,7 +206,7 @@ enum vb2_return_code {
/* /*
* Buffer too small for total, fixed size, or description reported in * Buffer too small for total, fixed size, or description reported in
* common header, or member data checked via * common header, or member data checked via
* vb2_verify_common_member(). * vb21_verify_common_member().
*/ */
VB2_ERROR_COMMON_TOTAL_SIZE, VB2_ERROR_COMMON_TOTAL_SIZE,
VB2_ERROR_COMMON_FIXED_SIZE, VB2_ERROR_COMMON_FIXED_SIZE,

16
firmware/lib21/api.c
View File

@@ -14,7 +14,7 @@
#include "2secdata.h" #include "2secdata.h"
#include "2sha.h" #include "2sha.h"
#include "2rsa.h" #include "2rsa.h"
#include "vb2_common.h" #include "vb21_common.h"
int vb2api_fw_phase3(struct vb2_context *ctx) int vb2api_fw_phase3(struct vb2_context *ctx)
{ {
@@ -42,8 +42,8 @@ int vb2api_init_hash2(struct vb2_context *ctx,
uint32_t *size) uint32_t *size)
{ {
struct vb2_shared_data *sd = vb2_get_sd(ctx); struct vb2_shared_data *sd = vb2_get_sd(ctx);
const struct vb2_fw_preamble *pre; const struct vb21_fw_preamble *pre;
const struct vb2_signature *sig = NULL; const struct vb21_signature *sig = NULL;
struct vb2_digest_context *dc; struct vb2_digest_context *dc;
struct vb2_workbuf wb; struct vb2_workbuf wb;
uint32_t hash_offset; uint32_t hash_offset;
@@ -54,13 +54,13 @@ int vb2api_init_hash2(struct vb2_context *ctx,
/* Get preamble pointer */ /* Get preamble pointer */
if (!sd->workbuf_preamble_size) if (!sd->workbuf_preamble_size)
return VB2_ERROR_API_INIT_HASH_PREAMBLE; return VB2_ERROR_API_INIT_HASH_PREAMBLE;
pre = (const struct vb2_fw_preamble *) pre = (const struct vb21_fw_preamble *)
(ctx->workbuf + sd->workbuf_preamble_offset); (ctx->workbuf + sd->workbuf_preamble_offset);
/* Find the matching signature */ /* Find the matching signature */
hash_offset = pre->hash_offset; hash_offset = pre->hash_offset;
for (i = 0; i < pre->hash_count; i++) { for (i = 0; i < pre->hash_count; i++) {
sig = (const struct vb2_signature *) sig = (const struct vb21_signature *)
((uint8_t *)pre + hash_offset); ((uint8_t *)pre + hash_offset);
if (!memcmp(id, &sig->id, sizeof(*id))) if (!memcmp(id, &sig->id, sizeof(*id)))
@@ -93,7 +93,7 @@ int vb2api_init_hash2(struct vb2_context *ctx,
if (size) if (size)
*size = sig->data_size; *size = sig->data_size;
if (!(pre->flags & VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO)) { if (!(pre->flags & VB21_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO)) {
rv = vb2ex_hwcrypto_digest_init(sig->hash_alg, sig->data_size); rv = vb2ex_hwcrypto_digest_init(sig->hash_alg, sig->data_size);
if (!rv) { if (!rv) {
VB2_DEBUG("Using HW crypto engine for hash_alg %d\n", VB2_DEBUG("Using HW crypto engine for hash_alg %d\n",
@@ -123,7 +123,7 @@ int vb2api_check_hash(struct vb2_context *ctx)
uint8_t *digest; uint8_t *digest;
uint32_t digest_size = vb2_digest_size(dc->hash_alg); uint32_t digest_size = vb2_digest_size(dc->hash_alg);
const struct vb2_signature *sig; const struct vb21_signature *sig;
int rv; int rv;
@@ -132,7 +132,7 @@ int vb2api_check_hash(struct vb2_context *ctx)
/* Get signature pointer */ /* Get signature pointer */
if (!sd->hash_tag) if (!sd->hash_tag)
return VB2_ERROR_API_CHECK_HASH_TAG; return VB2_ERROR_API_CHECK_HASH_TAG;
sig = (const struct vb2_signature *)(ctx->workbuf + sd->hash_tag); sig = (const struct vb21_signature *)(ctx->workbuf + sd->hash_tag);
/* Must have initialized hash digest work area */ /* Must have initialized hash digest work area */
if (!sd->workbuf_hash_size) if (!sd->workbuf_hash_size)

133
firmware/lib21/common.c
View File

@@ -9,18 +9,18 @@
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "2sha.h" #include "2sha.h"
#include "vb2_common.h" #include "vb21_common.h"
const char *vb2_common_desc(const void *buf) const char *vb21_common_desc(const void *buf)
{ {
const struct vb2_struct_common *c = buf; const struct vb21_struct_common *c = buf;
return c->desc_size ? (const char *)c + c->fixed_size : ""; return c->desc_size ? (const char *)c + c->fixed_size : "";
} }
int vb2_verify_common_header(const void *parent, uint32_t parent_size) int vb21_verify_common_header(const void *parent, uint32_t parent_size)
{ {
const struct vb2_struct_common *c = parent; const struct vb21_struct_common *c = parent;
/* Parent buffer size must be at least the claimed total size */ /* Parent buffer size must be at least the claimed total size */
if (parent_size < c->total_size) if (parent_size < c->total_size)
@@ -50,19 +50,19 @@ int vb2_verify_common_header(const void *parent, uint32_t parent_size)
return VB2_ERROR_COMMON_DESC_SIZE; return VB2_ERROR_COMMON_DESC_SIZE;
/* Description must be null-terminated */ /* Description must be null-terminated */
if (vb2_common_desc(c)[c->desc_size - 1] != 0) if (vb21_common_desc(c)[c->desc_size - 1] != 0)
return VB2_ERROR_COMMON_DESC_TERMINATOR; return VB2_ERROR_COMMON_DESC_TERMINATOR;
} }
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_verify_common_member(const void *parent, int vb21_verify_common_member(const void *parent,
uint32_t *min_offset, uint32_t *min_offset,
uint32_t member_offset, uint32_t member_offset,
uint32_t member_size) uint32_t member_size)
{ {
const struct vb2_struct_common *c = parent; const struct vb21_struct_common *c = parent;
uint32_t member_end = member_offset + member_size; uint32_t member_end = member_offset + member_size;
/* Make sure member doesn't wrap */ /* Make sure member doesn't wrap */
@@ -92,13 +92,13 @@ int vb2_verify_common_member(const void *parent,
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_verify_common_subobject(const void *parent, int vb21_verify_common_subobject(const void *parent,
uint32_t *min_offset, uint32_t *min_offset,
uint32_t member_offset) uint32_t member_offset)
{ {
const struct vb2_struct_common *p = parent; const struct vb21_struct_common *p = parent;
const struct vb2_struct_common *m = const struct vb21_struct_common *m =
(const struct vb2_struct_common *) (const struct vb21_struct_common *)
((const uint8_t *)parent + member_offset); ((const uint8_t *)parent + member_offset);
int rv; int rv;
@@ -106,7 +106,7 @@ int vb2_verify_common_subobject(const void *parent,
* Verify the parent has space at the member offset for the common * Verify the parent has space at the member offset for the common
* header. * header.
*/ */
rv = vb2_verify_common_member(parent, min_offset, member_offset, rv = vb21_verify_common_member(parent, min_offset, member_offset,
sizeof(*m)); sizeof(*m));
if (rv) if (rv)
return rv; return rv;
@@ -116,7 +116,7 @@ int vb2_verify_common_subobject(const void *parent,
* additional data for the object past its common header fits in the * additional data for the object past its common header fits in the
* parent. * parent.
*/ */
rv = vb2_verify_common_header(m, p->total_size - member_offset); rv = vb21_verify_common_header(m, p->total_size - member_offset);
if (rv) if (rv)
return rv; return rv;
@@ -171,18 +171,18 @@ const struct vb2_id *vb2_hash_id(enum vb2_hash_algorithm hash_alg)
} }
} }
int vb2_verify_signature(const struct vb2_signature *sig, uint32_t size) int vb21_verify_signature(const struct vb21_signature *sig, uint32_t size)
{ {
uint32_t min_offset = 0; uint32_t min_offset = 0;
uint32_t expect_sig_size; uint32_t expect_sig_size;
int rv; int rv;
/* Check magic number */ /* Check magic number */
if (sig->c.magic != VB2_MAGIC_SIGNATURE) if (sig->c.magic != VB21_MAGIC_SIGNATURE)
return VB2_ERROR_SIG_MAGIC; return VB2_ERROR_SIG_MAGIC;
/* Make sure common header is good */ /* Make sure common header is good */
rv = vb2_verify_common_header(sig, size); rv = vb21_verify_common_header(sig, size);
if (rv) if (rv)
return rv; return rv;
@@ -191,7 +191,7 @@ int vb2_verify_signature(const struct vb2_signature *sig, uint32_t size)
* that's compatible across readers matching the major version, and we * that's compatible across readers matching the major version, and we
* haven't added any new fields. * haven't added any new fields.
*/ */
if (sig->c.struct_version_major != VB2_SIGNATURE_VERSION_MAJOR) if (sig->c.struct_version_major != VB21_SIGNATURE_VERSION_MAJOR)
return VB2_ERROR_SIG_VERSION; return VB2_ERROR_SIG_VERSION;
/* Make sure header is big enough for signature */ /* Make sure header is big enough for signature */
@@ -199,7 +199,7 @@ int vb2_verify_signature(const struct vb2_signature *sig, uint32_t size)
return VB2_ERROR_SIG_HEADER_SIZE; return VB2_ERROR_SIG_HEADER_SIZE;
/* Make sure signature data is inside */ /* Make sure signature data is inside */
rv = vb2_verify_common_member(sig, &min_offset, rv = vb21_verify_common_member(sig, &min_offset,
sig->sig_offset, sig->sig_size); sig->sig_offset, sig->sig_size);
if (rv) if (rv)
return rv; return rv;
@@ -217,15 +217,15 @@ int vb2_verify_signature(const struct vb2_signature *sig, uint32_t size)
/** /**
* Return the signature data for a signature * Return the signature data for a signature
*/ */
static uint8_t *vb2_signature_data(struct vb2_signature *sig) static uint8_t *vb21_signature_data(struct vb21_signature *sig)
{ {
return (uint8_t *)sig + sig->sig_offset; return (uint8_t *)sig + sig->sig_offset;
} }
int vb2_verify_digest(const struct vb2_public_key *key, int vb21_verify_digest(const struct vb2_public_key *key,
struct vb2_signature *sig, struct vb21_signature *sig,
const uint8_t *digest, const uint8_t *digest,
const struct vb2_workbuf *wb) const struct vb2_workbuf *wb)
{ {
uint32_t key_sig_size = vb2_sig_size(key->sig_alg, key->hash_alg); uint32_t key_sig_size = vb2_sig_size(key->sig_alg, key->hash_alg);
@@ -242,7 +242,7 @@ int vb2_verify_digest(const struct vb2_public_key *key,
if (key->sig_alg == VB2_SIG_NONE) { if (key->sig_alg == VB2_SIG_NONE) {
/* Bare hash */ /* Bare hash */
if (vb2_safe_memcmp(vb2_signature_data(sig), if (vb2_safe_memcmp(vb21_signature_data(sig),
digest, key_sig_size)) digest, key_sig_size))
return VB2_ERROR_VDATA_VERIFY_DIGEST; return VB2_ERROR_VDATA_VERIFY_DIGEST;
@@ -250,16 +250,16 @@ int vb2_verify_digest(const struct vb2_public_key *key,
} else { } else {
/* RSA-signed digest */ /* RSA-signed digest */
return vb2_rsa_verify_digest(key, return vb2_rsa_verify_digest(key,
vb2_signature_data(sig), vb21_signature_data(sig),
digest, wb); digest, wb);
} }
} }
int vb2_verify_data(const void *data, int vb21_verify_data(const void *data,
uint32_t size, uint32_t size,
struct vb2_signature *sig, struct vb21_signature *sig,
const struct vb2_public_key *key, const struct vb2_public_key *key,
const struct vb2_workbuf *wb) const struct vb2_workbuf *wb)
{ {
struct vb2_workbuf wblocal = *wb; struct vb2_workbuf wblocal = *wb;
struct vb2_digest_context *dc; struct vb2_digest_context *dc;
@@ -300,23 +300,23 @@ int vb2_verify_data(const void *data,
vb2_workbuf_free(&wblocal, sizeof(*dc)); vb2_workbuf_free(&wblocal, sizeof(*dc));
return vb2_verify_digest(key, sig, digest, &wblocal); return vb21_verify_digest(key, sig, digest, &wblocal);
} }
int vb2_verify_keyblock(struct vb2_keyblock *block, int vb21_verify_keyblock(struct vb21_keyblock *block,
uint32_t size, uint32_t size,
const struct vb2_public_key *key, const struct vb2_public_key *key,
const struct vb2_workbuf *wb) const struct vb2_workbuf *wb)
{ {
uint32_t min_offset = 0, sig_offset; uint32_t min_offset = 0, sig_offset;
int rv, i; int rv, i;
/* Check magic number */ /* Check magic number */
if (block->c.magic != VB2_MAGIC_KEYBLOCK) if (block->c.magic != VB21_MAGIC_KEYBLOCK)
return VB2_ERROR_KEYBLOCK_MAGIC; return VB2_ERROR_KEYBLOCK_MAGIC;
/* Make sure common header is good */ /* Make sure common header is good */
rv = vb2_verify_common_header(block, size); rv = vb21_verify_common_header(block, size);
if (rv) if (rv)
return rv; return rv;
@@ -325,7 +325,7 @@ int vb2_verify_keyblock(struct vb2_keyblock *block,
* that's compatible across readers matching the major version, and we * that's compatible across readers matching the major version, and we
* haven't added any new fields. * haven't added any new fields.
*/ */
if (block->c.struct_version_major != VB2_KEYBLOCK_VERSION_MAJOR) if (block->c.struct_version_major != VB21_KEYBLOCK_VERSION_MAJOR)
return VB2_ERROR_KEYBLOCK_HEADER_VERSION; return VB2_ERROR_KEYBLOCK_HEADER_VERSION;
/* Make sure header is big enough */ /* Make sure header is big enough */
@@ -333,25 +333,26 @@ int vb2_verify_keyblock(struct vb2_keyblock *block,
return VB2_ERROR_KEYBLOCK_SIZE; return VB2_ERROR_KEYBLOCK_SIZE;
/* Make sure data key is inside */ /* Make sure data key is inside */
rv = vb2_verify_common_subobject(block, &min_offset, block->key_offset); rv = vb21_verify_common_subobject(block, &min_offset,
block->key_offset);
if (rv) if (rv)
return rv; return rv;
/* Loop over signatures */ /* Loop over signatures */
sig_offset = block->sig_offset; sig_offset = block->sig_offset;
for (i = 0; i < block->sig_count; i++, sig_offset = min_offset) { for (i = 0; i < block->sig_count; i++, sig_offset = min_offset) {
struct vb2_signature *sig; struct vb21_signature *sig;
/* Make sure signature is inside keyblock */ /* Make sure signature is inside keyblock */
rv = vb2_verify_common_subobject(block, &min_offset, rv = vb21_verify_common_subobject(block, &min_offset,
sig_offset); sig_offset);
if (rv) if (rv)
return rv; return rv;
sig = (struct vb2_signature *)((uint8_t *)block + sig_offset); sig = (struct vb21_signature *)((uint8_t *)block + sig_offset);
/* Verify the signature integrity */ /* Verify the signature integrity */
rv = vb2_verify_signature(sig, rv = vb21_verify_signature(sig,
block->c.total_size - sig_offset); block->c.total_size - sig_offset);
if (rv) if (rv)
return rv; return rv;
@@ -364,28 +365,28 @@ int vb2_verify_keyblock(struct vb2_keyblock *block,
if (sig->data_size != block->sig_offset) if (sig->data_size != block->sig_offset)
return VB2_ERROR_KEYBLOCK_SIGNED_SIZE; return VB2_ERROR_KEYBLOCK_SIGNED_SIZE;
return vb2_verify_data(block, block->sig_offset, sig, key, wb); return vb21_verify_data(block, block->sig_offset, sig, key, wb);
} }
/* If we're still here, no signature matched the key ID */ /* If we're still here, no signature matched the key ID */
return VB2_ERROR_KEYBLOCK_SIG_ID; return VB2_ERROR_KEYBLOCK_SIG_ID;
} }
int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble, int vb21_verify_fw_preamble(struct vb21_fw_preamble *preamble,
uint32_t size, uint32_t size,
const struct vb2_public_key *key, const struct vb2_public_key *key,
const struct vb2_workbuf *wb) const struct vb2_workbuf *wb)
{ {
struct vb2_signature *sig; struct vb21_signature *sig;
uint32_t min_offset = 0, hash_offset; uint32_t min_offset = 0, hash_offset;
int rv, i; int rv, i;
/* Check magic number */ /* Check magic number */
if (preamble->c.magic != VB2_MAGIC_FW_PREAMBLE) if (preamble->c.magic != VB21_MAGIC_FW_PREAMBLE)
return VB2_ERROR_PREAMBLE_MAGIC; return VB2_ERROR_PREAMBLE_MAGIC;
/* Make sure common header is good */ /* Make sure common header is good */
rv = vb2_verify_common_header(preamble, size); rv = vb21_verify_common_header(preamble, size);
if (rv) if (rv)
return rv; return rv;
@@ -394,7 +395,7 @@ int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
* that's compatible across readers matching the major version, and we * that's compatible across readers matching the major version, and we
* haven't added any new fields. * haven't added any new fields.
*/ */
if (preamble->c.struct_version_major != VB2_FW_PREAMBLE_VERSION_MAJOR) if (preamble->c.struct_version_major != VB21_FW_PREAMBLE_VERSION_MAJOR)
return VB2_ERROR_PREAMBLE_HEADER_VERSION; return VB2_ERROR_PREAMBLE_HEADER_VERSION;
/* Make sure header is big enough */ /* Make sure header is big enough */
@@ -405,16 +406,16 @@ int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
hash_offset = preamble->hash_offset; hash_offset = preamble->hash_offset;
for (i = 0; i < preamble->hash_count; i++, hash_offset = min_offset) { for (i = 0; i < preamble->hash_count; i++, hash_offset = min_offset) {
/* Make sure signature is inside preamble */ /* Make sure signature is inside preamble */
rv = vb2_verify_common_subobject(preamble, &min_offset, rv = vb21_verify_common_subobject(preamble, &min_offset,
hash_offset); hash_offset);
if (rv) if (rv)
return rv; return rv;
sig = (struct vb2_signature *) sig = (struct vb21_signature *)
((uint8_t *)preamble + hash_offset); ((uint8_t *)preamble + hash_offset);
/* Verify the signature integrity */ /* Verify the signature integrity */
rv = vb2_verify_signature( rv = vb21_verify_signature(
sig, preamble->c.total_size - hash_offset); sig, preamble->c.total_size - hash_offset);
if (rv) if (rv)
return rv; return rv;
@@ -425,16 +426,16 @@ int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
} }
/* Make sure signature is inside preamble */ /* Make sure signature is inside preamble */
rv = vb2_verify_common_subobject(preamble, &min_offset, rv = vb21_verify_common_subobject(preamble, &min_offset,
preamble->sig_offset); preamble->sig_offset);
if (rv) if (rv)
return rv; return rv;
/* Verify preamble signature */ /* Verify preamble signature */
sig = (struct vb2_signature *)((uint8_t *)preamble + sig = (struct vb21_signature *)((uint8_t *)preamble +
preamble->sig_offset); preamble->sig_offset);
rv = vb2_verify_data(preamble, preamble->sig_offset, sig, key, wb); rv = vb21_verify_data(preamble, preamble->sig_offset, sig, key, wb);
if (rv) if (rv)
return rv; return rv;

79
firmware/lib21/include/vb2_common.h → firmware/lib21/include/vb21_common.h
View File

@@ -5,23 +5,24 @@
* Common functions between firmware and kernel verified boot. * Common functions between firmware and kernel verified boot.
*/ */
#ifndef VBOOT_REFERENCE_VB2_COMMON_H_ #ifndef VBOOT_REFERENCE_VB21_COMMON_H_
#define VBOOT_REFERENCE_VB2_COMMON_H_ #define VBOOT_REFERENCE_VB21_COMMON_H_
#include "2common.h" #include "2common.h"
#include "2return_codes.h" #include "2return_codes.h"
#include "2struct.h" #include "2struct.h"
#include "vb2_struct.h" #include "vb21_struct.h"
/** /**
* Return the description of an object starting with a vb2_struct_common header. * Return the description of an object starting with a vb21_struct_common
* header.
* *
* Does not sanity-check the buffer; merely returns the pointer. * Does not sanity-check the buffer; merely returns the pointer.
* *
* @param buf Pointer to common object * @param buf Pointer to common object
* @return A pointer to description or an empty string if none. * @return A pointer to description or an empty string if none.
*/ */
const char *vb2_common_desc(const void *buf); const char *vb21_common_desc(const void *buf);
/** /**
* Verify the common struct header is fully contained in its parent data * Verify the common struct header is fully contained in its parent data
@@ -32,12 +33,12 @@ const char *vb2_common_desc(const void *buf);
* @param parent_size Parent size in bytes * @param parent_size Parent size in bytes
* @return VB2_SUCCESS, or non-zero if error. * @return VB2_SUCCESS, or non-zero if error.
*/ */
int vb2_verify_common_header(const void *parent, uint32_t parent_size); int vb21_verify_common_header(const void *parent, uint32_t parent_size);
/** /**
* Verify a member is within the data for a parent object * Verify a member is within the data for a parent object
* *
* @param parent Parent data (starts with struct vb2_struct_common) * @param parent Parent data (starts with struct vb21_struct_common)
* @param min_offset Pointer to minimum offset where member can be located. * @param min_offset Pointer to minimum offset where member can be located.
* If this offset is 0 on input, uses the size of the * If this offset is 0 on input, uses the size of the
* fixed header (and description, if any). This will be * fixed header (and description, if any). This will be
@@ -47,10 +48,10 @@ int vb2_verify_common_header(const void *parent, uint32_t parent_size);
* @param member_size Size of member data, in bytes * @param member_size Size of member data, in bytes
* @return VB2_SUCCESS, or non-zero if error. * @return VB2_SUCCESS, or non-zero if error.
*/ */
int vb2_verify_common_member(const void *parent, int vb21_verify_common_member(const void *parent,
uint32_t *min_offset, uint32_t *min_offset,
uint32_t member_offset, uint32_t member_offset,
uint32_t member_size); uint32_t member_size);
/** /**
* Verify a member which starts with a common header is within the parent * Verify a member which starts with a common header is within the parent
@@ -59,7 +60,7 @@ int vb2_verify_common_member(const void *parent,
* member's claimed total size fits within the parent's claimed total size at * member's claimed total size fits within the parent's claimed total size at
* the specified offset. * the specified offset.
* *
* @param parent Parent data (starts with struct vb2_struct_common) * @param parent Parent data (starts with struct vb21_struct_common)
* @param min_offset Pointer to minimum offset where member can be located. * @param min_offset Pointer to minimum offset where member can be located.
* If this offset is 0 on input, uses the size of the * If this offset is 0 on input, uses the size of the
* fixed header (and description, if any). This will be * fixed header (and description, if any). This will be
@@ -70,9 +71,9 @@ int vb2_verify_common_member(const void *parent,
* member. * member.
* @return VB2_SUCCESS, or non-zero if error. * @return VB2_SUCCESS, or non-zero if error.
*/ */
int vb2_verify_common_subobject(const void *parent, int vb21_verify_common_subobject(const void *parent,
uint32_t *min_offset, uint32_t *min_offset,
uint32_t member_offset); uint32_t member_offset);
/** /**
* Unpack a key for use in verification * Unpack a key for use in verification
@@ -85,14 +86,14 @@ int vb2_verify_common_subobject(const void *parent,
* @param size Size of buffer in bytes * @param size Size of buffer in bytes
* @return VB2_SUCCESS, or non-zero error code if error. * @return VB2_SUCCESS, or non-zero error code if error.
*/ */
int vb2_unpack_key(struct vb2_public_key *key, int vb21_unpack_key(struct vb2_public_key *key,
const uint8_t *buf, const uint8_t *buf,
uint32_t size); uint32_t size);
/** /**
* Unpack the RSA data fields for a public key * Unpack the RSA data fields for a public key
* *
* This is called by vb2_unpack_key() to extract the arrays from a packed key. * This is called by vb21_unpack_key() to extract the arrays from a packed key.
* These elements of *key will point inside the key_data buffer. * These elements of *key will point inside the key_data buffer.
* *
* @param key Destination key for RSA data fields * @param key Destination key for RSA data fields
@@ -109,8 +110,8 @@ int vb2_unpack_key_data(struct vb2_public_key *key,
* @param size Size of buffer containing signature struct * @param size Size of buffer containing signature struct
* @return VB2_SUCCESS, or non-zero if error. * @return VB2_SUCCESS, or non-zero if error.
*/ */
int vb2_verify_signature(const struct vb2_signature *sig, int vb21_verify_signature(const struct vb21_signature *sig,
uint32_t size); uint32_t size);
/** /**
* Verify a signature against an expected hash digest. * Verify a signature against an expected hash digest.
@@ -121,10 +122,10 @@ int vb2_verify_signature(const struct vb2_signature *sig,
* @param wb Work buffer * @param wb Work buffer
* @return VB2_SUCCESS, or non-zero if error. * @return VB2_SUCCESS, or non-zero if error.
*/ */
int vb2_verify_digest(const struct vb2_public_key *key, int vb21_verify_digest(const struct vb2_public_key *key,
struct vb2_signature *sig, struct vb21_signature *sig,
const uint8_t *digest, const uint8_t *digest,
const struct vb2_workbuf *wb); const struct vb2_workbuf *wb);
/** /**
* Verify data matches signature. * Verify data matches signature.
@@ -137,11 +138,11 @@ int vb2_verify_digest(const struct vb2_public_key *key,
* @param wb Work buffer * @param wb Work buffer
* @return VB2_SUCCESS, or non-zero error code if error. * @return VB2_SUCCESS, or non-zero error code if error.
*/ */
int vb2_verify_data(const void *data, int vb21_verify_data(const void *data,
uint32_t size, uint32_t size,
struct vb2_signature *sig, struct vb21_signature *sig,
const struct vb2_public_key *key, const struct vb2_public_key *key,
const struct vb2_workbuf *wb); const struct vb2_workbuf *wb);
/** /**
* Check the sanity of a key block using a public key. * Check the sanity of a key block using a public key.
@@ -155,10 +156,10 @@ int vb2_verify_data(const void *data,
* @param wb Work buffer * @param wb Work buffer
* @return VB2_SUCCESS, or non-zero error code if error. * @return VB2_SUCCESS, or non-zero error code if error.
*/ */
int vb2_verify_keyblock(struct vb2_keyblock *block, int vb21_verify_keyblock(struct vb21_keyblock *block,
uint32_t size, uint32_t size,
const struct vb2_public_key *key, const struct vb2_public_key *key,
const struct vb2_workbuf *wb); const struct vb2_workbuf *wb);
/** /**
* Check the sanity of a firmware preamble using a public key. * Check the sanity of a firmware preamble using a public key.
@@ -171,9 +172,9 @@ int vb2_verify_keyblock(struct vb2_keyblock *block,
* @param wb Work buffer * @param wb Work buffer
* @return VB2_SUCCESS, or non-zero error code if error. * @return VB2_SUCCESS, or non-zero error code if error.
*/ */
int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble, int vb21_verify_fw_preamble(struct vb21_fw_preamble *preamble,
uint32_t size, uint32_t size,
const struct vb2_public_key *key, const struct vb2_public_key *key,
const struct vb2_workbuf *wb); const struct vb2_workbuf *wb);
#endif /* VBOOT_REFERENCE_VB2_COMMON_H_ */ #endif /* VBOOT_REFERENCE_VB21_COMMON_H_ */

134
firmware/lib21/include/vb2_struct.h → firmware/lib21/include/vb21_struct.h
View File

@@ -8,48 +8,48 @@
* have trouble with accessing unaligned integers. * have trouble with accessing unaligned integers.
*/ */
#ifndef VBOOT_REFERENCE_VB2_STRUCT_H_ #ifndef VBOOT_REFERENCE_VB21_STRUCT_H_
#define VBOOT_REFERENCE_VB2_STRUCT_H_ #define VBOOT_REFERENCE_VB21_STRUCT_H_
#include <stdint.h> #include <stdint.h>
#include "2id.h" #include "2id.h"
/* /*
* Magic numbers used by vb2_struct_common.magic. * Magic numbers used by vb21_struct_common.magic.
* *
* All valid numbers should be listed here to avoid accidental overlap. * All valid numbers should be listed here to avoid accidental overlap.
* Numbers start at a large value, so that previous parsers (which stored * Numbers start at a large value, so that previous parsers (which stored
* things like lengths and offsets at that field) will detect and reject new * things like lengths and offsets at that field) will detect and reject new
* structs as invalid. * structs as invalid.
*/ */
enum vb2_struct_common_magic { enum vb21_struct_common_magic {
/* "Vb2B" = vb2_keyblock.c.magic */ /* "Vb2B" = vb21_keyblock.c.magic */
VB2_MAGIC_KEYBLOCK = 0x42326256, VB21_MAGIC_KEYBLOCK = 0x42326256,
/* "Vb2F" = vb2_fw_preamble.c.magic */ /* "Vb2F" = vb21_fw_preamble.c.magic */
VB2_MAGIC_FW_PREAMBLE = 0x46326256, VB21_MAGIC_FW_PREAMBLE = 0x46326256,
/* "Vb2I" = vb2_packed_private_key.c.magic */ /* "Vb2I" = vb21_packed_private_key.c.magic */
VB2_MAGIC_PACKED_PRIVATE_KEY = 0x49326256, VB21_MAGIC_PACKED_PRIVATE_KEY = 0x49326256,
/* "Vb2K" = vb2_kernel_preamble.c.magic */ /* "Vb2K" = vb2_kernel_preamble.c.magic */
VB2_MAGIC_KERNEL_PREAMBLE = 0x4b326256, VB21_MAGIC_KERNEL_PREAMBLE = 0x4b326256,
/* "Vb2P" = vb2_packed_key.c.magic */ /* "Vb2P" = vb21_packed_key.c.magic */
VB2_MAGIC_PACKED_KEY = 0x50326256, VB21_MAGIC_PACKED_KEY = 0x50326256,
/* "Vb2S" = vb2_signature.c.magic */ /* "Vb2S" = vb21_signature.c.magic */
VB2_MAGIC_SIGNATURE = 0x53326256, VB21_MAGIC_SIGNATURE = 0x53326256,
}; };
/* /*
* Generic struct header for all vboot2 structs. This makes it easy to * Generic struct header for all vboot2.1 structs. This makes it easy to
* automatically parse and identify vboot structs (e.g., in futility). This * automatically parse and identify vboot structs (e.g., in futility). This
* must be the first member of the parent vboot2 struct. * must be the first member of the parent vboot2.1 struct.
*/ */
struct vb2_struct_common { struct vb21_struct_common {
/* Magic number; see vb2_struct_common_magic for expected values */ /* Magic number; see vb21_struct_common_magic for expected values */
uint32_t magic; uint32_t magic;
/* /*
@@ -100,23 +100,23 @@ struct vb2_struct_common {
uint32_t desc_size; uint32_t desc_size;
} __attribute__((packed)); } __attribute__((packed));
#define EXPECTED_VB2_STRUCT_COMMON_SIZE 20 #define EXPECTED_VB21_STRUCT_COMMON_SIZE 20
/* Current version of vb2_packed_key struct */ /* Current version of vb21_packed_key struct */
#define VB2_PACKED_KEY_VERSION_MAJOR 3 #define VB21_PACKED_KEY_VERSION_MAJOR 3
#define VB2_PACKED_KEY_VERSION_MINOR 0 #define VB21_PACKED_KEY_VERSION_MINOR 0
/* /*
* Packed public key data * Packed public key data
* *
* The key data must be arranged like this: * The key data must be arranged like this:
* 1) vb2_packed_key header struct h * 1) vb21_packed_key header struct h
* 2) Key description (pointed to by h.c.fixed_size) * 2) Key description (pointed to by h.c.fixed_size)
* 3) Key data key (pointed to by h.key_offset) * 3) Key data key (pointed to by h.key_offset)
*/ */
struct vb2_packed_key { struct vb21_packed_key {
/* Common header fields */ /* Common header fields */
struct vb2_struct_common c; struct vb21_struct_common c;
/* Offset of key data from start of this struct */ /* Offset of key data from start of this struct */
uint32_t key_offset; uint32_t key_offset;
@@ -141,24 +141,24 @@ struct vb2_packed_key {
struct vb2_id id; struct vb2_id id;
} __attribute__((packed)); } __attribute__((packed));
#define EXPECTED_VB2_PACKED_KEY_SIZE \ #define EXPECTED_VB21_PACKED_KEY_SIZE \
(EXPECTED_VB2_STRUCT_COMMON_SIZE + 16 + EXPECTED_ID_SIZE) (EXPECTED_VB21_STRUCT_COMMON_SIZE + 16 + EXPECTED_ID_SIZE)
/* Current version of vb2_packed_private_key struct */ /* Current version of vb21_packed_private_key struct */
#define VB2_PACKED_PRIVATE_KEY_VERSION_MAJOR 3 #define VB21_PACKED_PRIVATE_KEY_VERSION_MAJOR 3
#define VB2_PACKED_PRIVATE_KEY_VERSION_MINOR 0 #define VB21_PACKED_PRIVATE_KEY_VERSION_MINOR 0
/* /*
* Packed private key data * Packed private key data
* *
* The key data must be arranged like this: * The key data must be arranged like this:
* 1) vb2_packed_private_key header struct h * 1) vb21_packed_private_key header struct h
* 2) Key description (pointed to by h.c.fixed_size) * 2) Key description (pointed to by h.c.fixed_size)
* 3) Key data key (pointed to by h.key_offset) * 3) Key data key (pointed to by h.key_offset)
*/ */
struct vb2_packed_private_key { struct vb21_packed_private_key {
/* Common header fields */ /* Common header fields */
struct vb2_struct_common c; struct vb21_struct_common c;
/* Offset of key data from start of this struct */ /* Offset of key data from start of this struct */
uint32_t key_offset; uint32_t key_offset;
@@ -180,24 +180,24 @@ struct vb2_packed_private_key {
struct vb2_id id; struct vb2_id id;
} __attribute__((packed)); } __attribute__((packed));
#define EXPECTED_VB2_PACKED_PRIVATE_KEY_SIZE \ #define EXPECTED_VB21_PACKED_PRIVATE_KEY_SIZE \
(EXPECTED_VB2_STRUCT_COMMON_SIZE + 12 + EXPECTED_ID_SIZE) (EXPECTED_VB21_STRUCT_COMMON_SIZE + 12 + EXPECTED_ID_SIZE)
/* Current version of vb2_signature struct */ /* Current version of vb21_signature struct */
#define VB2_SIGNATURE_VERSION_MAJOR 3 #define VB21_SIGNATURE_VERSION_MAJOR 3
#define VB2_SIGNATURE_VERSION_MINOR 0 #define VB21_SIGNATURE_VERSION_MINOR 0
/* /*
* Signature data * Signature data
* *
* The signature data must be arranged like this: * The signature data must be arranged like this:
* 1) vb2_signature header struct h * 1) vb21_signature header struct h
* 2) Signature description (pointed to by h.c.fixed_size) * 2) Signature description (pointed to by h.c.fixed_size)
* 3) Signature data (pointed to by h.sig_offset) * 3) Signature data (pointed to by h.sig_offset)
*/ */
struct vb2_signature { struct vb21_signature {
/* Common header fields */ /* Common header fields */
struct vb2_struct_common c; struct vb21_struct_common c;
/* Offset of signature data from start of this struct */ /* Offset of signature data from start of this struct */
uint32_t sig_offset; uint32_t sig_offset;
@@ -228,20 +228,20 @@ struct vb2_signature {
struct vb2_id id; struct vb2_id id;
} __attribute__((packed)); } __attribute__((packed));
#define EXPECTED_VB2_SIGNATURE_SIZE \ #define EXPECTED_VB21_SIGNATURE_SIZE \
(EXPECTED_VB2_STRUCT_COMMON_SIZE + 16 + EXPECTED_ID_SIZE) (EXPECTED_VB21_STRUCT_COMMON_SIZE + 16 + EXPECTED_ID_SIZE)
/* Current version of vb2_keyblock struct */ /* Current version of vb21_keyblock struct */
#define VB2_KEYBLOCK_VERSION_MAJOR 3 #define VB21_KEYBLOCK_VERSION_MAJOR 3
#define VB2_KEYBLOCK_VERSION_MINOR 0 #define VB21_KEYBLOCK_VERSION_MINOR 0
/* /*
* Key block. This contains a signed, versioned key for use in the next stage * Key block. This contains a signed, versioned key for use in the next stage
* of verified boot. * of verified boot.
* *
* The key block data must be arranged like this: * The key block data must be arranged like this:
* 1) vb2_keyblock header struct h * 1) vb21_keyblock header struct h
* 2) Keyblock description (pointed to by h.c.fixed_size) * 2) Keyblock description (pointed to by h.c.fixed_size)
* 3) Data key (pointed to by h.data_key_offset) * 3) Data key (pointed to by h.data_key_offset)
* 4) Signatures (first signature pointed to by h.sig_offset) * 4) Signatures (first signature pointed to by h.sig_offset)
@@ -249,15 +249,15 @@ struct vb2_signature {
* The signatures from 4) must cover all the data from 1), 2), 3). That is, * The signatures from 4) must cover all the data from 1), 2), 3). That is,
* signatures must sign all data up to sig_offset. * signatures must sign all data up to sig_offset.
*/ */
struct vb2_keyblock { struct vb21_keyblock {
/* Common header fields */ /* Common header fields */
struct vb2_struct_common c; struct vb21_struct_common c;
/* Flags (VB2_KEY_BLOCK_FLAG_*) */ /* Flags (VB2_KEY_BLOCK_FLAG_*) */
uint32_t flags; uint32_t flags;
/* /*
* Offset of key (struct vb2_packed_key) to use in next stage of * Offset of key (struct vb21_packed_key) to use in next stage of
* verification, from start of the keyblock. * verification, from start of the keyblock.
*/ */
uint32_t key_offset; uint32_t key_offset;
@@ -266,7 +266,7 @@ struct vb2_keyblock {
uint32_t sig_count; uint32_t sig_count;
/* /*
* Offset of the first signature (struct vb2_signature) from the start * Offset of the first signature (struct vb21_signature) from the start
* of the keyblock. * of the keyblock.
* *
* Signatures sign the contents of this struct and the data pointed to * Signatures sign the contents of this struct and the data pointed to
@@ -284,45 +284,45 @@ struct vb2_keyblock {
uint32_t sig_offset; uint32_t sig_offset;
} __attribute__((packed)); } __attribute__((packed));
#define EXPECTED_VB2_KEYBLOCK_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 16) #define EXPECTED_VB21_KEYBLOCK_SIZE (EXPECTED_VB21_STRUCT_COMMON_SIZE + 16)
/* Current version of vb2_fw_preamble struct */ /* Current version of vb21_fw_preamble struct */
#define VB2_FW_PREAMBLE_VERSION_MAJOR 3 #define VB21_FW_PREAMBLE_VERSION_MAJOR 3
#define VB2_FW_PREAMBLE_VERSION_MINOR 0 #define VB21_FW_PREAMBLE_VERSION_MINOR 0
/* Flags for vb2_fw_preamble.flags */ /* Flags for vb21_fw_preamble.flags */
/* Reserved; do not use */ /* Reserved; do not use */
#define VB2_FIRMWARE_PREAMBLE_RESERVED0 0x00000001 #define VB21_FIRMWARE_PREAMBLE_RESERVED0 0x00000001
/* Do not allow use of any hardware crypto accelerators. */ /* Do not allow use of any hardware crypto accelerators. */
#define VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO 0x00000002 #define VB21_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO 0x00000002
/* /*
* Firmware preamble * Firmware preamble
* *
* The preamble data must be arranged like this: * The preamble data must be arranged like this:
* 1) vb2_fw_preamble header struct h * 1) vb21_fw_preamble header struct h
* 2) Preamble description (pointed to by h.c.fixed_size) * 2) Preamble description (pointed to by h.c.fixed_size)
* 3) Hashes (pointed to by h.hash_offset) * 3) Hashes (pointed to by h.hash_offset)
* 4) Signature (pointed to by h.sig_offset) * 4) Signature (pointed to by h.sig_offset)
* *
* The signature 4) must cover all the data from 1), 2), 3). * The signature 4) must cover all the data from 1), 2), 3).
*/ */
struct vb2_fw_preamble { struct vb21_fw_preamble {
/* Common header fields */ /* Common header fields */
struct vb2_struct_common c; struct vb21_struct_common c;
/* Flags; see VB2_FIRMWARE_PREAMBLE_* */ /* Flags; see VB21_FIRMWARE_PREAMBLE_* */
uint32_t flags; uint32_t flags;
/* Firmware version */ /* Firmware version */
uint32_t fw_version; uint32_t fw_version;
/* Offset of signature (struct vb2_signature) for this preamble */ /* Offset of signature (struct vb21_signature) for this preamble */
uint32_t sig_offset; uint32_t sig_offset;
/* /*
* The preamble contains a list of hashes (struct vb2_signature) for * The preamble contains a list of hashes (struct vb21_signature) for
* the various firmware components. These have sig_alg=VB2_SIG_NONE, * the various firmware components. These have sig_alg=VB2_SIG_NONE,
* and the ID for each hash identifies the component being hashed. * and the ID for each hash identifies the component being hashed.
* The calling firmware is responsible for knowing where to find those * The calling firmware is responsible for knowing where to find those
@@ -337,6 +337,6 @@ struct vb2_fw_preamble {
uint32_t hash_offset; uint32_t hash_offset;
} __attribute__((packed)); } __attribute__((packed));
#define EXPECTED_VB2_FW_PREAMBLE_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 20) #define EXPECTED_VB21_FW_PREAMBLE_SIZE (EXPECTED_VB21_STRUCT_COMMON_SIZE + 20)
#endif /* VBOOT_REFERENCE_VB2_STRUCT_H_ */ #endif /* VBOOT_REFERENCE_VB21_STRUCT_H_ */

24
firmware/lib21/misc.c
View File

@@ -13,7 +13,7 @@
#include "2secdata.h" #include "2secdata.h"
#include "2sha.h" #include "2sha.h"
#include "2rsa.h" #include "2rsa.h"
#include "vb2_common.h" #include "vb21_common.h"
/** /**
* Read an object with a common struct header from a verified boot resource. * Read an object with a common struct header from a verified boot resource.
@@ -34,7 +34,7 @@ int vb2_read_resource_object(struct vb2_context *ctx,
struct vb2_workbuf *wb, struct vb2_workbuf *wb,
void **buf_ptr) void **buf_ptr)
{ {
struct vb2_struct_common c; struct vb21_struct_common c;
void *buf; void *buf;
int rv; int rv;
@@ -69,9 +69,9 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx)
uint8_t *key_data; uint8_t *key_data;
uint32_t key_size; uint32_t key_size;
struct vb2_packed_key *packed_key; struct vb21_packed_key *packed_key;
struct vb2_public_key root_key; struct vb2_public_key root_key;
struct vb2_keyblock *kb; struct vb21_keyblock *kb;
int rv; int rv;
@@ -89,7 +89,7 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx)
return rv; return rv;
/* Unpack the root key */ /* Unpack the root key */
rv = vb2_unpack_key(&root_key, key_data, key_size); rv = vb21_unpack_key(&root_key, key_data, key_size);
if (rv) if (rv)
return rv; return rv;
@@ -103,7 +103,7 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx)
return rv; return rv;
/* Verify the keyblock */ /* Verify the keyblock */
rv = vb2_verify_keyblock(kb, kb->c.total_size, &root_key, &wb); rv = vb21_verify_keyblock(kb, kb->c.total_size, &root_key, &wb);
if (rv) { if (rv) {
vb2_fail(ctx, VB2_RECOVERY_FW_KEYBLOCK, rv); vb2_fail(ctx, VB2_RECOVERY_FW_KEYBLOCK, rv);
return rv; return rv;
@@ -112,7 +112,7 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx)
/* Preamble follows the keyblock in the vblock */ /* Preamble follows the keyblock in the vblock */
sd->vblock_preamble_offset = kb->c.total_size; sd->vblock_preamble_offset = kb->c.total_size;
packed_key = (struct vb2_packed_key *)((uint8_t *)kb + kb->key_offset); packed_key = (struct vb21_packed_key *)((uint8_t *)kb + kb->key_offset);
/* Key version is the upper 16 bits of the composite firmware version */ /* Key version is the upper 16 bits of the composite firmware version */
if (packed_key->key_version > 0xffff) if (packed_key->key_version > 0xffff)
@@ -141,7 +141,7 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx)
* paranoid. * paranoid.
*/ */
memmove(key_data, packed_key, packed_key->c.total_size); memmove(key_data, packed_key, packed_key->c.total_size);
packed_key = (struct vb2_packed_key *)key_data; packed_key = (struct vb21_packed_key *)key_data;
/* Save the packed key offset and size */ /* Save the packed key offset and size */
sd->workbuf_data_key_offset = vb2_offset_of(ctx->workbuf, key_data); sd->workbuf_data_key_offset = vb2_offset_of(ctx->workbuf, key_data);
@@ -164,7 +164,7 @@ int vb2_load_fw_preamble(struct vb2_context *ctx)
struct vb2_public_key data_key; struct vb2_public_key data_key;
/* Preamble goes in the next unused chunk of work buffer */ /* Preamble goes in the next unused chunk of work buffer */
struct vb2_fw_preamble *pre; struct vb21_fw_preamble *pre;
int rv; int rv;
@@ -174,7 +174,7 @@ int vb2_load_fw_preamble(struct vb2_context *ctx)
if (!sd->workbuf_data_key_size) if (!sd->workbuf_data_key_size)
return VB2_ERROR_FW_PREAMBLE2_DATA_KEY; return VB2_ERROR_FW_PREAMBLE2_DATA_KEY;
rv = vb2_unpack_key(&data_key, key_data, key_size); rv = vb21_unpack_key(&data_key, key_data, key_size);
if (rv) if (rv)
return rv; return rv;
@@ -188,7 +188,7 @@ int vb2_load_fw_preamble(struct vb2_context *ctx)
/* Work buffer now contains the data subkey data and the preamble */ /* Work buffer now contains the data subkey data and the preamble */
/* Verify the preamble */ /* Verify the preamble */
rv = vb2_verify_fw_preamble(pre, pre->c.total_size, &data_key, &wb); rv = vb21_verify_fw_preamble(pre, pre->c.total_size, &data_key, &wb);
if (rv) { if (rv) {
vb2_fail(ctx, VB2_RECOVERY_FW_PREAMBLE, rv); vb2_fail(ctx, VB2_RECOVERY_FW_PREAMBLE, rv);
return rv; return rv;
@@ -196,7 +196,7 @@ int vb2_load_fw_preamble(struct vb2_context *ctx)
/* Move the preamble down now that the data key is no longer used */ /* Move the preamble down now that the data key is no longer used */
memmove(key_data, pre, pre->c.total_size); memmove(key_data, pre, pre->c.total_size);
pre = (struct vb2_fw_preamble *)key_data; pre = (struct vb21_fw_preamble *)key_data;
/* Data key is now gone */ /* Data key is now gone */
sd->workbuf_data_key_offset = sd->workbuf_data_key_size = 0; sd->workbuf_data_key_offset = sd->workbuf_data_key_size = 0;

24
firmware/lib21/packed_key.c
View File

@@ -8,11 +8,11 @@
#include "2sysincludes.h" #include "2sysincludes.h"
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "vb2_common.h" #include "vb21_common.h"
int vb2_unpack_key_data(struct vb2_public_key *key, int vb2_unpack_key_data(struct vb2_public_key *key,
const uint8_t *key_data, const uint8_t *key_data,
uint32_t key_size) uint32_t key_size)
{ {
const uint32_t *buf32 = (const uint32_t *)key_data; const uint32_t *buf32 = (const uint32_t *)key_data;
uint32_t expected_key_size = vb2_packed_key_size(key->sig_alg); uint32_t expected_key_size = vb2_packed_key_size(key->sig_alg);
@@ -42,27 +42,27 @@ int vb2_unpack_key_data(struct vb2_public_key *key,
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_unpack_key(struct vb2_public_key *key, int vb21_unpack_key(struct vb2_public_key *key,
const uint8_t *buf, const uint8_t *buf,
uint32_t size) uint32_t size)
{ {
const struct vb2_packed_key *pkey = const struct vb21_packed_key *pkey =
(const struct vb2_packed_key *)buf; (const struct vb21_packed_key *)buf;
uint32_t sig_size; uint32_t sig_size;
uint32_t min_offset = 0; uint32_t min_offset = 0;
int rv; int rv;
/* Check magic number */ /* Check magic number */
if (pkey->c.magic != VB2_MAGIC_PACKED_KEY) if (pkey->c.magic != VB21_MAGIC_PACKED_KEY)
return VB2_ERROR_UNPACK_KEY_MAGIC; return VB2_ERROR_UNPACK_KEY_MAGIC;
rv = vb2_verify_common_header(buf, size); rv = vb21_verify_common_header(buf, size);
if (rv) if (rv)
return rv; return rv;
/* Make sure key data is inside */ /* Make sure key data is inside */
rv = vb2_verify_common_member(pkey, &min_offset, rv = vb21_verify_common_member(pkey, &min_offset,
pkey->key_offset, pkey->key_size); pkey->key_offset, pkey->key_size);
if (rv) if (rv)
return rv; return rv;
@@ -71,7 +71,7 @@ int vb2_unpack_key(struct vb2_public_key *key,
* that's compatible across readers matching the major version, and we * that's compatible across readers matching the major version, and we
* haven't added any new fields. * haven't added any new fields.
*/ */
if (pkey->c.struct_version_major != VB2_PACKED_KEY_VERSION_MAJOR) if (pkey->c.struct_version_major != VB21_PACKED_KEY_VERSION_MAJOR)
return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION; return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION;
/* Copy key algorithms */ /* Copy key algorithms */
@@ -93,7 +93,7 @@ int vb2_unpack_key(struct vb2_public_key *key,
} }
/* Key description */ /* Key description */
key->desc = vb2_common_desc(pkey); key->desc = vb21_common_desc(pkey);
key->version = pkey->key_version; key->version = pkey->key_version;
key->id = &pkey->id; key->id = &pkey->id;

7
futility/cmd_create.c
View File

@@ -15,8 +15,7 @@
#include "2rsa.h" #include "2rsa.h"
#include "2sha.h" #include "2sha.h"
#include "util_misc.h" #include "util_misc.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "vb2_struct.h"
#include "host_key.h" #include "host_key.h"
#include "host_key2.h" #include "host_key2.h"
@@ -265,7 +264,7 @@ static int vb2_make_keypair()
if (has_priv) { if (has_priv) {
privkey->id = opt_id; privkey->id = opt_id;
strcpy(outext, ".vbprik2"); strcpy(outext, ".vbprik2");
if (vb2_private_key_write(privkey, outfile)) { if (vb21_private_key_write(privkey, outfile)) {
fprintf(stderr, "unable to write private key\n"); fprintf(stderr, "unable to write private key\n");
goto done; goto done;
} }
@@ -273,7 +272,7 @@ static int vb2_make_keypair()
} }
strcpy(outext, ".vbpubk2"); strcpy(outext, ".vbpubk2");
if (vb2_public_key_write(pubkey, outfile)) { if (vb21_public_key_write(pubkey, outfile)) {
fprintf(stderr, "unable to write public key\n"); fprintf(stderr, "unable to write public key\n");
goto done; goto done;
} }

2
futility/cmd_show.c
View File

@@ -533,7 +533,7 @@ static int do_show(int argc, char *argv[])
type_override = 1; type_override = 1;
break; break;
case OPT_PUBKEY: case OPT_PUBKEY:
if (vb2_packed_key_read(&show_option.pkey, optarg)) { if (vb21_packed_key_read(&show_option.pkey, optarg)) {
fprintf(stderr, "Error reading %s\n", optarg); fprintf(stderr, "Error reading %s\n", optarg);
errorcnt++; errorcnt++;
} }

10
futility/cmd_sign.c
View File

@@ -27,7 +27,7 @@
#include "kernel_blob.h" #include "kernel_blob.h"
#include "util_misc.h" #include "util_misc.h"
#include "vb1_helper.h" #include "vb1_helper.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_key2.h" #include "host_key2.h"
#include "vboot_common.h" #include "vboot_common.h"
@@ -472,11 +472,11 @@ static void print_help_rwsig(int argc, char *argv[])
"\n" "\n"
"The INFILE is a binary blob of arbitrary size." "The INFILE is a binary blob of arbitrary size."
" It is signed using the\n" " It is signed using the\n"
"private key and the vb2_signature blob emitted.\n" "private key and the vb21_signature blob emitted.\n"
"\n" "\n"
"If no OUTFILE is specified, the INFILE should contain" "If no OUTFILE is specified, the INFILE should contain"
" an existing\n" " an existing\n"
"vb2_signature blob near its end. The data_size from that" "vb21_signature blob near its end. The data_size from that"
" signature is\n" " signature is\n"
"used to re-sign a portion of the INFILE, and the old" "used to re-sign a portion of the INFILE, and the old"
" signature blob is\n" " signature blob is\n"
@@ -818,8 +818,8 @@ static int do_sign(int argc, char *argv[])
} }
break; break;
case OPT_PRIKEY: case OPT_PRIKEY:
if (vb2_private_key_read(&sign_option.prikey, if (vb21_private_key_read(&sign_option.prikey,
optarg)) { optarg)) {
fprintf(stderr, "Error reading %s\n", optarg); fprintf(stderr, "Error reading %s\n", optarg);
errorcnt++; errorcnt++;
} }

8
futility/file_type.inc
View File

@@ -48,12 +48,12 @@ FILE_TYPE(PRIVKEY, "prikey", "VbPrivateKey (.vbprivk)",
S_(ft_show_privkey), S_(ft_show_privkey),
NONE) NONE)
FILE_TYPE(VB2_PUBKEY, "pubkey21", "vb21 public key (.vbpubk2)", FILE_TYPE(VB2_PUBKEY, "pubkey21", "vb21 public key (.vbpubk2)",
R_(ft_recognize_vb2_key), R_(ft_recognize_vb21_key),
S_(ft_show_vb2_pubkey), S_(ft_show_vb21_pubkey),
NONE) NONE)
FILE_TYPE(VB2_PRIVKEY, "prikey21", "vb21 private key (.vbprik2)", FILE_TYPE(VB2_PRIVKEY, "prikey21", "vb21 private key (.vbprik2)",
R_(ft_recognize_vb2_key), R_(ft_recognize_vb21_key),
S_(ft_show_vb2_privkey), S_(ft_show_vb21_privkey),
NONE) NONE)
FILE_TYPE(PEM, "pem", "RSA private key (.pem)", FILE_TYPE(PEM, "pem", "RSA private key (.pem)",
R_(ft_recognize_pem), R_(ft_recognize_pem),

48
futility/file_type_rwsig.c
View File

@@ -8,7 +8,7 @@
* Some instances of the Chrome OS embedded controller firmware can't do a * Some instances of the Chrome OS embedded controller firmware can't do a
* normal software sync handshake at boot, but will verify their own RW images * normal software sync handshake at boot, but will verify their own RW images
* instead. This is typically done by putting a struct vb2_packed_key in the RO * instead. This is typically done by putting a struct vb2_packed_key in the RO
* image and a corresponding struct vb2_signature in the RW image. * image and a corresponding struct vb21_signature in the RW image.
* *
* This file provides the basic implementation for that approach. * This file provides the basic implementation for that approach.
*/ */
@@ -24,7 +24,7 @@
#include "file_type.h" #include "file_type.h"
#include "futility.h" #include "futility.h"
#include "futility_options.h" #include "futility_options.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_key2.h" #include "host_key2.h"
#include "host_signature2.h" #include "host_signature2.h"
@@ -40,12 +40,12 @@ static inline void vb2_print_bytes(const void *ptr, uint32_t len)
printf("%02x", *buf++); printf("%02x", *buf++);
} }
static void show_sig(const char *name, const struct vb2_signature *sig) static void show_sig(const char *name, const struct vb21_signature *sig)
{ {
const struct vb2_text_vs_enum *entry; const struct vb2_text_vs_enum *entry;
printf("Signature: %s\n", name); printf("Signature: %s\n", name);
printf(" Vboot API: 2.1\n"); printf(" Vboot API: 2.1\n");
printf(" Desc: \"%s\"\n", vb2_common_desc(sig)); printf(" Desc: \"%s\"\n", vb21_common_desc(sig));
entry = vb2_lookup_by_num(vb2_text_vs_sig, sig->sig_alg); entry = vb2_lookup_by_num(vb2_text_vs_sig, sig->sig_alg);
printf(" Signature Algorithm: %d %s\n", sig->sig_alg, printf(" Signature Algorithm: %d %s\n", sig->sig_alg,
entry ? entry->name : "(invalid)"); entry ? entry->name : "(invalid)");
@@ -63,7 +63,7 @@ static void show_sig(const char *name, const struct vb2_signature *sig)
int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin)
{ {
const struct vb2_signature *sig = 0; const struct vb21_signature *sig = 0;
struct vb2_public_key key; struct vb2_public_key key;
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES] uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]
__attribute__ ((aligned (VB2_WORKBUF_ALIGN))); __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
@@ -76,8 +76,8 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin)
/* Am I just looking at a signature file? */ /* Am I just looking at a signature file? */
Debug("Looking for signature at 0x0\n"); Debug("Looking for signature at 0x0\n");
sig = (const struct vb2_signature *)buf; sig = (const struct vb21_signature *)buf;
if (VB2_SUCCESS == vb2_verify_signature(sig, len)) { if (VB2_SUCCESS == vb21_verify_signature(sig, len)) {
show_sig(name, sig); show_sig(name, sig);
if (!show_option.fv) { if (!show_option.fv) {
printf("No data available to verify\n"); printf("No data available to verify\n");
@@ -97,8 +97,8 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin)
return 1; return 1;
} }
sig = (const struct vb2_signature *)(buf + len - sig_size); sig = (const struct vb21_signature *)(buf + len - sig_size);
if (VB2_SUCCESS == vb2_verify_signature(sig, sig_size)) { if (VB2_SUCCESS == vb21_verify_signature(sig, sig_size)) {
show_sig(name, sig); show_sig(name, sig);
data = buf; data = buf;
data_size = sig->data_size; data_size = sig->data_size;
@@ -113,9 +113,9 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin)
} }
/* We already did this once, so it should work again */ /* We already did this once, so it should work again */
if (vb2_unpack_key(&key, if (vb21_unpack_key(&key,
(const uint8_t *)show_option.pkey, (const uint8_t *)show_option.pkey,
show_option.pkey->c.total_size)) { show_option.pkey->c.total_size)) {
Debug("Can't unpack pubkey\n"); Debug("Can't unpack pubkey\n");
return 1; return 1;
} }
@@ -127,10 +127,10 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin)
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
if (vb2_verify_data(data, data_size, if (vb21_verify_data(data, data_size,
(struct vb2_signature *)sigbuf, (struct vb21_signature *)sigbuf,
(const struct vb2_public_key *)&key, (const struct vb2_public_key *)&key,
&wb)) { &wb)) {
printf("Signature verification failed\n"); printf("Signature verification failed\n");
return 1; return 1;
} }
@@ -142,7 +142,7 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin)
int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data) int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data)
{ {
struct vb2_signature *sig = 0; struct vb21_signature *sig = 0;
uint32_t r, data_size = len, sig_size = SIGNATURE_RSVD_SIZE; uint32_t r, data_size = len, sig_size = SIGNATURE_RSVD_SIZE;
int retval = 1; int retval = 1;
@@ -151,7 +151,7 @@ int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data)
/* If we don't have a distinct OUTFILE, look for an existing sig */ /* If we don't have a distinct OUTFILE, look for an existing sig */
if (sign_option.inout_file_count < 2) { if (sign_option.inout_file_count < 2) {
const struct vb2_signature *old_sig; const struct vb21_signature *old_sig;
/* Where would it be? */ /* Where would it be? */
if (sign_option.sig_size) if (sign_option.sig_size)
@@ -165,8 +165,8 @@ int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data)
} }
/* Take a look */ /* Take a look */
old_sig = (const struct vb2_signature *)(buf + len - sig_size); old_sig = (const struct vb21_signature *)(buf + len - sig_size);
if (vb2_verify_signature(old_sig, sig_size)) { if (vb21_verify_signature(old_sig, sig_size)) {
fprintf(stderr, "Can't find a valid signature\n"); fprintf(stderr, "Can't find a valid signature\n");
return 1; return 1;
} }
@@ -183,7 +183,7 @@ int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data)
data_size = sign_option.data_size; data_size = sign_option.data_size;
/* Sign the blob */ /* Sign the blob */
r = vb2_sign_data(&sig, buf, data_size, sign_option.prikey, 0); r = vb21_sign_data(&sig, buf, data_size, sign_option.prikey, 0);
if (r) { if (r) {
fprintf(stderr, fprintf(stderr,
"Unable to sign data (error 0x%08x, if that helps)\n", "Unable to sign data (error 0x%08x, if that helps)\n",
@@ -202,7 +202,7 @@ int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *data)
memcpy(buf + len - sig_size, sig, sig->c.total_size); memcpy(buf + len - sig_size, sig, sig->c.total_size);
} else { } else {
/* Write the signature to a new file */ /* Write the signature to a new file */
r = vb2_write_object(sign_option.outfile, sig); r = vb21_write_object(sign_option.outfile, sig);
if (r) { if (r) {
fprintf(stderr, "Unable to write sig" fprintf(stderr, "Unable to write sig"
" (error 0x%08x, if that helps)\n", r); " (error 0x%08x, if that helps)\n", r);
@@ -223,11 +223,11 @@ done:
enum futil_file_type ft_recognize_rwsig(uint8_t *buf, uint32_t len) enum futil_file_type ft_recognize_rwsig(uint8_t *buf, uint32_t len)
{ {
if (!vb2_verify_signature((const struct vb2_signature *)buf, len)) if (!vb21_verify_signature((const struct vb21_signature *)buf, len))
return FILE_TYPE_RWSIG; return FILE_TYPE_RWSIG;
if (len >= SIGNATURE_RSVD_SIZE && if (len >= SIGNATURE_RSVD_SIZE &&
!vb2_verify_signature((const struct vb2_signature *) !vb21_verify_signature((const struct vb21_signature *)
(buf + len - SIGNATURE_RSVD_SIZE), (buf + len - SIGNATURE_RSVD_SIZE),
SIGNATURE_RSVD_SIZE)) SIGNATURE_RSVD_SIZE))
return FILE_TYPE_RWSIG; return FILE_TYPE_RWSIG;

40
futility/file_type_usbpd1.c
View File

@@ -26,7 +26,7 @@
#include "file_type.h" #include "file_type.h"
#include "futility.h" #include "futility.h"
#include "futility_options.h" #include "futility_options.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_key2.h" #include "host_key2.h"
#include "host_signature2.h" #include "host_signature2.h"
@@ -84,7 +84,7 @@ static int parse_size_opts(uint32_t len,
int ft_sign_usbpd1(const char *name, uint8_t *buf, uint32_t len, void *data) int ft_sign_usbpd1(const char *name, uint8_t *buf, uint32_t len, void *data)
{ {
struct vb2_private_key *key_ptr = 0; struct vb2_private_key *key_ptr = 0;
struct vb2_signature *sig_ptr = 0; struct vb21_signature *sig_ptr = 0;
uint8_t *keyb_data = 0; uint8_t *keyb_data = 0;
uint32_t keyb_size; uint32_t keyb_size;
int retval = 1; int retval = 1;
@@ -137,7 +137,7 @@ int ft_sign_usbpd1(const char *name, uint8_t *buf, uint32_t len, void *data)
Debug("sig_offset 0x%08x\n", sig_offset); Debug("sig_offset 0x%08x\n", sig_offset);
/* Sign the blob */ /* Sign the blob */
r = vb2_sign_data(&sig_ptr, buf + rw_offset, rw_size, key_ptr, "Bah"); r = vb21_sign_data(&sig_ptr, buf + rw_offset, rw_size, key_ptr, "Bah");
if (r) { if (r) {
fprintf(stderr, fprintf(stderr,
"Unable to sign data (error 0x%08x, if that helps)\n", "Unable to sign data (error 0x%08x, if that helps)\n",
@@ -303,17 +303,17 @@ static void vb2_pubkey_from_usbpd1(struct vb2_public_key *key,
key->id = vb2_hash_id(hash_alg); key->id = vb2_hash_id(hash_alg);
} }
static int vb2_sig_from_usbpd1(struct vb2_signature **sig, static int vb21_sig_from_usbpd1(struct vb21_signature **sig,
enum vb2_signature_algorithm sig_alg, enum vb2_signature_algorithm sig_alg,
enum vb2_hash_algorithm hash_alg, enum vb2_hash_algorithm hash_alg,
const uint8_t *o_sig, const uint8_t *o_sig,
uint32_t o_sig_size, uint32_t o_sig_size,
uint32_t data_size) uint32_t data_size)
{ {
struct vb2_signature s = { struct vb21_signature s = {
.c.magic = VB2_MAGIC_SIGNATURE, .c.magic = VB21_MAGIC_SIGNATURE,
.c.struct_version_major = VB2_SIGNATURE_VERSION_MAJOR, .c.struct_version_major = VB21_SIGNATURE_VERSION_MAJOR,
.c.struct_version_minor = VB2_SIGNATURE_VERSION_MINOR, .c.struct_version_minor = VB21_SIGNATURE_VERSION_MINOR,
.c.fixed_size = sizeof(s), .c.fixed_size = sizeof(s),
.sig_alg = sig_alg, .sig_alg = sig_alg,
.hash_alg = hash_alg, .hash_alg = hash_alg,
@@ -329,7 +329,7 @@ static int vb2_sig_from_usbpd1(struct vb2_signature **sig,
memcpy(buf, &s, sizeof(s)); memcpy(buf, &s, sizeof(s));
memcpy(buf + sizeof(s), o_sig, o_sig_size); memcpy(buf + sizeof(s), o_sig, o_sig_size);
*sig = (struct vb2_signature *)buf; *sig = (struct vb21_signature *)buf;
return VB2_SUCCESS; return VB2_SUCCESS;
} }
@@ -339,14 +339,14 @@ static void show_usbpd1_stuff(const char *name,
const uint8_t *o_pubkey, uint32_t o_pubkey_size) const uint8_t *o_pubkey, uint32_t o_pubkey_size)
{ {
struct vb2_public_key key; struct vb2_public_key key;
struct vb2_packed_key *pkey; struct vb21_packed_key *pkey;
uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE]; uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE];
int i; int i;
vb2_pubkey_from_usbpd1(&key, sig_alg, hash_alg, vb2_pubkey_from_usbpd1(&key, sig_alg, hash_alg,
o_pubkey, o_pubkey_size); o_pubkey, o_pubkey_size);
if (vb2_public_key_pack(&pkey, &key)) if (vb21_public_key_pack(&pkey, &key))
return; return;
vb2_digest_buffer((uint8_t *)pkey + pkey->key_offset, pkey->key_size, vb2_digest_buffer((uint8_t *)pkey + pkey->key_offset, pkey->key_size,
@@ -373,7 +373,7 @@ static int try_our_own(enum vb2_signature_algorithm sig_alg,
const uint8_t *data, uint32_t data_size) const uint8_t *data, uint32_t data_size)
{ {
struct vb2_public_key pubkey; struct vb2_public_key pubkey;
struct vb2_signature *sig; struct vb21_signature *sig;
uint8_t buf[VB2_WORKBUF_RECOMMENDED_SIZE] uint8_t buf[VB2_WORKBUF_RECOMMENDED_SIZE]
__attribute__ ((aligned (VB2_WORKBUF_ALIGN))); __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
struct vb2_workbuf wb = { struct vb2_workbuf wb = {
@@ -385,11 +385,11 @@ static int try_our_own(enum vb2_signature_algorithm sig_alg,
vb2_pubkey_from_usbpd1(&pubkey, sig_alg, hash_alg, vb2_pubkey_from_usbpd1(&pubkey, sig_alg, hash_alg,
o_pubkey, o_pubkey_size); o_pubkey, o_pubkey_size);
if ((rv = vb2_sig_from_usbpd1(&sig, sig_alg, hash_alg, if ((rv = vb21_sig_from_usbpd1(&sig, sig_alg, hash_alg,
o_sig, o_sig_size, data_size))) o_sig, o_sig_size, data_size)))
return rv; return rv;
rv = vb2_verify_data(data, data_size, sig, &pubkey, &wb); rv = vb21_verify_data(data, data_size, sig, &pubkey, &wb);
free(sig); free(sig);

4
futility/futility_options.h
View File

@@ -17,7 +17,7 @@
#include "2rsa.h" #include "2rsa.h"
struct vb2_private_key; struct vb2_private_key;
struct vb2_packed_key; struct vb21_packed_key;
struct show_option_s { struct show_option_s {
VbPublicKey *k; VbPublicKey *k;
@@ -27,7 +27,7 @@ struct show_option_s {
int strict; int strict;
int t_flag; int t_flag;
enum futil_file_type type; enum futil_file_type type;
struct vb2_packed_key *pkey; struct vb21_packed_key *pkey;
uint32_t sig_size; uint32_t sig_size;
}; };
extern struct show_option_s show_option; extern struct show_option_s show_option;

24
futility/vb2_helper.c
View File

@@ -13,8 +13,7 @@
#include "2rsa.h" #include "2rsa.h"
#include "2sha.h" #include "2sha.h"
#include "util_misc.h" #include "util_misc.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "vb2_struct.h"
#include "host_common.h" #include "host_common.h"
#include "host_key2.h" #include "host_key2.h"
@@ -50,17 +49,17 @@ int vb2_lookup_hash_alg(const char *str, enum vb2_hash_algorithm *alg)
return 1; return 1;
} }
enum futil_file_type ft_recognize_vb2_key(uint8_t *buf, uint32_t len) enum futil_file_type ft_recognize_vb21_key(uint8_t *buf, uint32_t len)
{ {
struct vb2_public_key pubkey; struct vb2_public_key pubkey;
struct vb2_private_key *privkey = 0; struct vb2_private_key *privkey = 0;
/* The pubkey points into buf, so nothing to free */ /* The pubkey points into buf, so nothing to free */
if (VB2_SUCCESS == vb2_unpack_key(&pubkey, buf, len)) if (VB2_SUCCESS == vb21_unpack_key(&pubkey, buf, len))
return FILE_TYPE_VB2_PUBKEY; return FILE_TYPE_VB2_PUBKEY;
/* The private key unpacks into new structs */ /* The private key unpacks into new structs */
if (VB2_SUCCESS == vb2_private_key_unpack(&privkey, buf, len)) { if (VB2_SUCCESS == vb21_private_key_unpack(&privkey, buf, len)) {
vb2_private_key_free(privkey); vb2_private_key_free(privkey);
return FILE_TYPE_VB2_PRIVKEY; return FILE_TYPE_VB2_PRIVKEY;
} }
@@ -78,9 +77,9 @@ static inline void vb2_print_bytes(const void *ptr, uint32_t len)
static int vb2_public_key_sha1sum(struct vb2_public_key *key, uint8_t *digest) static int vb2_public_key_sha1sum(struct vb2_public_key *key, uint8_t *digest)
{ {
struct vb2_packed_key *pkey; struct vb21_packed_key *pkey;
if (vb2_public_key_pack(&pkey, key)) if (vb21_public_key_pack(&pkey, key))
return 0; return 0;
vb2_digest_buffer((uint8_t *)pkey + pkey->key_offset, pkey->key_size, vb2_digest_buffer((uint8_t *)pkey + pkey->key_offset, pkey->key_size,
@@ -90,7 +89,8 @@ static int vb2_public_key_sha1sum(struct vb2_public_key *key, uint8_t *digest)
return 1; return 1;
} }
int ft_show_vb2_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data) int ft_show_vb21_pubkey(const char *name, uint8_t *buf, uint32_t len,
void *data)
{ {
struct vb2_public_key key; struct vb2_public_key key;
const struct vb2_text_vs_enum *entry; const struct vb2_text_vs_enum *entry;
@@ -98,7 +98,7 @@ int ft_show_vb2_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data)
/* The key's members will point into the state buffer after this. Don't /* The key's members will point into the state buffer after this. Don't
* free anything. */ * free anything. */
if (VB2_SUCCESS != vb2_unpack_key(&key, buf, len)) if (VB2_SUCCESS != vb21_unpack_key(&key, buf, len))
return 1; return 1;
printf("Public Key file: %s\n", name); printf("Public Key file: %s\n", name);
@@ -138,14 +138,14 @@ static int vb2_private_key_sha1sum(struct vb2_private_key *key, uint8_t *digest)
return 1; return 1;
} }
int ft_show_vb2_privkey(const char *name, uint8_t *buf, uint32_t len, int ft_show_vb21_privkey(const char *name, uint8_t *buf, uint32_t len,
void *data) void *data)
{ {
struct vb2_private_key *key = 0; struct vb2_private_key *key = 0;
const struct vb2_text_vs_enum *entry; const struct vb2_text_vs_enum *entry;
uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE]; uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE];
if (VB2_SUCCESS != vb2_private_key_unpack(&key, buf, len)) if (VB2_SUCCESS != vb21_private_key_unpack(&key, buf, len))
return 1; return 1;
printf("Private key file: %s\n", name); printf("Private key file: %s\n", name);

4
host/lib/include/host_misc.h
View File

@@ -66,7 +66,7 @@ int vb2_read_file(const char *filename, uint8_t **data_ptr, uint32_t *size_ptr);
int vb2_write_file(const char *filename, const void *buf, uint32_t size); int vb2_write_file(const char *filename, const void *buf, uint32_t size);
/** /**
* Write a buffer which starts with a standard vb2_struct_common header. * Write a buffer which starts with a standard vb21_struct_common header.
* *
* Determines the buffer size from the common header total size field. * Determines the buffer size from the common header total size field.
* *
@@ -74,7 +74,7 @@ int vb2_write_file(const char *filename, const void *buf, uint32_t size);
* @param buf Buffer to write * @param buf Buffer to write
* @return VB2_SUCCESS, or non-zero if error. * @return VB2_SUCCESS, or non-zero if error.
*/ */
int vb2_write_object(const char *filename, const void *buf); int vb21_write_object(const char *filename, const void *buf);
/** /**
* Round up a size to a multiple of 32 bits (4 bytes). * Round up a size to a multiple of 32 bits (4 bytes).

2
host/lib/include/util_misc.h
View File

@@ -20,7 +20,7 @@ void PrintPrivKeySha1Sum(VbPrivateKey *key);
/* /*
* Our packed RSBPublicKey buffer (historically in files ending with ".keyb", * Our packed RSBPublicKey buffer (historically in files ending with ".keyb",
* but also the part of VbPublicKey and struct vb2_packed_key that is * but also the part of VbPublicKey and struct vb21_packed_key that is
* referenced by .key_offset) has this binary format: * referenced by .key_offset) has this binary format:
* *
* struct { * struct {

30
host/lib21/host_fw_preamble.c
View File

@@ -14,20 +14,20 @@
#include "host_keyblock2.h" #include "host_keyblock2.h"
#include "host_misc.h" #include "host_misc.h"
#include "host_signature2.h" #include "host_signature2.h"
#include "vb2_common.h" #include "vb21_common.h"
int vb2_fw_preamble_create(struct vb2_fw_preamble **fp_ptr, int vb21_fw_preamble_create(struct vb21_fw_preamble **fp_ptr,
const struct vb2_private_key *signing_key, const struct vb2_private_key *signing_key,
const struct vb2_signature **hash_list, const struct vb21_signature **hash_list,
uint32_t hash_count, uint32_t hash_count,
uint32_t fw_version, uint32_t fw_version,
uint32_t flags, uint32_t flags,
const char *desc) const char *desc)
{ {
struct vb2_fw_preamble fp = { struct vb21_fw_preamble fp = {
.c.magic = VB2_MAGIC_FW_PREAMBLE, .c.magic = VB21_MAGIC_FW_PREAMBLE,
.c.struct_version_major = VB2_FW_PREAMBLE_VERSION_MAJOR, .c.struct_version_major = VB21_FW_PREAMBLE_VERSION_MAJOR,
.c.struct_version_minor = VB2_FW_PREAMBLE_VERSION_MAJOR, .c.struct_version_minor = VB21_FW_PREAMBLE_VERSION_MAJOR,
.c.fixed_size = sizeof(fp), .c.fixed_size = sizeof(fp),
.c.desc_size = vb2_desc_size(desc), .c.desc_size = vb2_desc_size(desc),
.flags = flags, .flags = flags,
@@ -50,7 +50,7 @@ int vb2_fw_preamble_create(struct vb2_fw_preamble **fp_ptr,
fp.sig_offset = hash_next; fp.sig_offset = hash_next;
if (vb2_sig_size_for_key(&sig_size, signing_key, NULL)) if (vb21_sig_size_for_key(&sig_size, signing_key, NULL))
return VB2_FW_PREAMBLE_CREATE_SIG_SIZE; return VB2_FW_PREAMBLE_CREATE_SIG_SIZE;
fp.c.total_size = fp.sig_offset + sig_size; fp.c.total_size = fp.sig_offset + sig_size;
@@ -72,11 +72,11 @@ int vb2_fw_preamble_create(struct vb2_fw_preamble **fp_ptr,
} }
/* Sign the preamble */ /* Sign the preamble */
if (vb2_sign_object(buf, fp.sig_offset, signing_key, NULL)) { if (vb21_sign_object(buf, fp.sig_offset, signing_key, NULL)) {
free(buf); free(buf);
return VB2_FW_PREAMBLE_CREATE_SIGN; return VB2_FW_PREAMBLE_CREATE_SIGN;
} }
*fp_ptr = (struct vb2_fw_preamble *)buf; *fp_ptr = (struct vb21_fw_preamble *)buf;
return VB2_SUCCESS; return VB2_SUCCESS;
} }

72
host/lib21/host_key.c
View File

@@ -13,7 +13,7 @@
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "2sha.h" #include "2sha.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_key2.h" #include "host_key2.h"
#include "host_misc.h" #include "host_misc.h"
@@ -83,12 +83,12 @@ void vb2_private_key_free(struct vb2_private_key *key)
free(key); free(key);
} }
int vb2_private_key_unpack(struct vb2_private_key **key_ptr, int vb21_private_key_unpack(struct vb2_private_key **key_ptr,
const uint8_t *buf, const uint8_t *buf,
uint32_t size) uint32_t size)
{ {
const struct vb2_packed_private_key *pkey = const struct vb21_packed_private_key *pkey =
(const struct vb2_packed_private_key *)buf; (const struct vb21_packed_private_key *)buf;
struct vb2_private_key *key; struct vb2_private_key *key;
const unsigned char *start; const unsigned char *start;
uint32_t min_offset = 0; uint32_t min_offset = 0;
@@ -100,14 +100,14 @@ int vb2_private_key_unpack(struct vb2_private_key **key_ptr,
* *
* TODO: If it doesn't match, pass through to the old packed key format. * TODO: If it doesn't match, pass through to the old packed key format.
*/ */
if (pkey->c.magic != VB2_MAGIC_PACKED_PRIVATE_KEY) if (pkey->c.magic != VB21_MAGIC_PACKED_PRIVATE_KEY)
return VB2_ERROR_UNPACK_PRIVATE_KEY_MAGIC; return VB2_ERROR_UNPACK_PRIVATE_KEY_MAGIC;
if (vb2_verify_common_header(buf, size)) if (vb21_verify_common_header(buf, size))
return VB2_ERROR_UNPACK_PRIVATE_KEY_HEADER; return VB2_ERROR_UNPACK_PRIVATE_KEY_HEADER;
/* Make sure key data is inside */ /* Make sure key data is inside */
if (vb2_verify_common_member(pkey, &min_offset, if (vb21_verify_common_member(pkey, &min_offset,
pkey->key_offset, pkey->key_size)) pkey->key_offset, pkey->key_size))
return VB2_ERROR_UNPACK_PRIVATE_KEY_DATA; return VB2_ERROR_UNPACK_PRIVATE_KEY_DATA;
@@ -117,7 +117,7 @@ int vb2_private_key_unpack(struct vb2_private_key **key_ptr,
* haven't added any new fields. * haven't added any new fields.
*/ */
if (pkey->c.struct_version_major != if (pkey->c.struct_version_major !=
VB2_PACKED_PRIVATE_KEY_VERSION_MAJOR) VB21_PACKED_PRIVATE_KEY_VERSION_MAJOR)
return VB2_ERROR_UNPACK_PRIVATE_KEY_STRUCT_VERSION; return VB2_ERROR_UNPACK_PRIVATE_KEY_STRUCT_VERSION;
/* Allocate the new key */ /* Allocate the new key */
@@ -159,8 +159,8 @@ int vb2_private_key_unpack(struct vb2_private_key **key_ptr,
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_private_key_read(struct vb2_private_key **key_ptr, int vb21_private_key_read(struct vb2_private_key **key_ptr,
const char *filename) const char *filename)
{ {
uint32_t size = 0; uint32_t size = 0;
uint8_t *buf; uint8_t *buf;
@@ -172,7 +172,7 @@ int vb2_private_key_read(struct vb2_private_key **key_ptr,
if (rv) if (rv)
return rv; return rv;
rv = vb2_private_key_unpack(key_ptr, buf, size); rv = vb21_private_key_unpack(key_ptr, buf, size);
free(buf); free(buf);
@@ -227,13 +227,13 @@ int vb2_private_key_set_desc(struct vb2_private_key *key, const char *desc)
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_private_key_write(const struct vb2_private_key *key, int vb21_private_key_write(const struct vb2_private_key *key,
const char *filename) const char *filename)
{ {
struct vb2_packed_private_key pkey = { struct vb21_packed_private_key pkey = {
.c.magic = VB2_MAGIC_PACKED_PRIVATE_KEY, .c.magic = VB21_MAGIC_PACKED_PRIVATE_KEY,
.c.struct_version_major = VB2_PACKED_PRIVATE_KEY_VERSION_MAJOR, .c.struct_version_major = VB21_PACKED_PRIVATE_KEY_VERSION_MAJOR,
.c.struct_version_minor = VB2_PACKED_PRIVATE_KEY_VERSION_MINOR, .c.struct_version_minor = VB21_PACKED_PRIVATE_KEY_VERSION_MINOR,
.c.fixed_size = sizeof(pkey), .c.fixed_size = sizeof(pkey),
.sig_alg = key->sig_alg, .sig_alg = key->sig_alg,
.hash_alg = key->hash_alg, .hash_alg = key->hash_alg,
@@ -277,7 +277,7 @@ int vb2_private_key_write(const struct vb2_private_key *key,
free(rsabuf); free(rsabuf);
} }
rv = vb2_write_object(filename, buf); rv = vb21_write_object(filename, buf);
free(buf); free(buf);
return rv ? VB2_ERROR_PRIVATE_KEY_WRITE_FILE : VB2_SUCCESS; return rv ? VB2_ERROR_PRIVATE_KEY_WRITE_FILE : VB2_SUCCESS;
@@ -433,8 +433,8 @@ int vb2_public_key_set_desc(struct vb2_public_key *key, const char *desc)
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_packed_key_read(struct vb2_packed_key **key_ptr, int vb21_packed_key_read(struct vb21_packed_key **key_ptr,
const char *filename) const char *filename)
{ {
struct vb2_public_key key; struct vb2_public_key key;
uint8_t *buf; uint8_t *buf;
@@ -446,21 +446,21 @@ int vb2_packed_key_read(struct vb2_packed_key **key_ptr,
return VB2_ERROR_READ_PACKED_KEY_DATA; return VB2_ERROR_READ_PACKED_KEY_DATA;
/* Sanity check: make sure key unpacks properly */ /* Sanity check: make sure key unpacks properly */
if (vb2_unpack_key(&key, buf, size)) if (vb21_unpack_key(&key, buf, size))
return VB2_ERROR_READ_PACKED_KEY; return VB2_ERROR_READ_PACKED_KEY;
*key_ptr = (struct vb2_packed_key *)buf; *key_ptr = (struct vb21_packed_key *)buf;
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_public_key_pack(struct vb2_packed_key **key_ptr, int vb21_public_key_pack(struct vb21_packed_key **key_ptr,
const struct vb2_public_key *pubk) const struct vb2_public_key *pubk)
{ {
struct vb2_packed_key key = { struct vb21_packed_key key = {
.c.magic = VB2_MAGIC_PACKED_KEY, .c.magic = VB21_MAGIC_PACKED_KEY,
.c.struct_version_major = VB2_PACKED_KEY_VERSION_MAJOR, .c.struct_version_major = VB21_PACKED_KEY_VERSION_MAJOR,
.c.struct_version_minor = VB2_PACKED_KEY_VERSION_MINOR, .c.struct_version_minor = VB21_PACKED_KEY_VERSION_MINOR,
}; };
uint8_t *buf; uint8_t *buf;
uint32_t *buf32; uint32_t *buf32;
@@ -508,7 +508,7 @@ int vb2_public_key_pack(struct vb2_packed_key **key_ptr,
pubk->arrsize * sizeof(uint32_t)); pubk->arrsize * sizeof(uint32_t));
} }
*key_ptr = (struct vb2_packed_key *)buf; *key_ptr = (struct vb21_packed_key *)buf;
return VB2_SUCCESS; return VB2_SUCCESS;
} }
@@ -561,17 +561,17 @@ enum vb2_signature_algorithm vb2_rsa_sig_alg(struct rsa_st *rsa)
return VB2_SIG_INVALID; return VB2_SIG_INVALID;
} }
int vb2_public_key_write(const struct vb2_public_key *key, int vb21_public_key_write(const struct vb2_public_key *key,
const char *filename) const char *filename)
{ {
struct vb2_packed_key *pkey; struct vb21_packed_key *pkey;
int ret; int ret;
ret = vb2_public_key_pack(&pkey, key); ret = vb21_public_key_pack(&pkey, key);
if (ret) if (ret)
return ret; return ret;
ret = vb2_write_object(filename, pkey); ret = vb21_write_object(filename, pkey);
free(pkey); free(pkey);
return ret; return ret;

34
host/lib21/host_keyblock.c
View File

@@ -8,30 +8,30 @@
#include "2sysincludes.h" #include "2sysincludes.h"
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_key2.h" #include "host_key2.h"
#include "host_keyblock2.h" #include "host_keyblock2.h"
#include "host_misc.h" #include "host_misc.h"
#include "host_signature2.h" #include "host_signature2.h"
int vb2_keyblock_create(struct vb2_keyblock **kb_ptr, int vb21_keyblock_create(struct vb21_keyblock **kb_ptr,
const struct vb2_public_key *data_key, const struct vb2_public_key *data_key,
const struct vb2_private_key **signing_keys, const struct vb2_private_key **signing_keys,
uint32_t signing_key_count, uint32_t signing_key_count,
uint32_t flags, uint32_t flags,
const char *desc) const char *desc)
{ {
struct vb2_keyblock kb = { struct vb21_keyblock kb = {
.c.magic = VB2_MAGIC_KEYBLOCK, .c.magic = VB21_MAGIC_KEYBLOCK,
.c.struct_version_major = VB2_KEYBLOCK_VERSION_MAJOR, .c.struct_version_major = VB21_KEYBLOCK_VERSION_MAJOR,
.c.struct_version_minor = VB2_KEYBLOCK_VERSION_MAJOR, .c.struct_version_minor = VB21_KEYBLOCK_VERSION_MAJOR,
.c.fixed_size = sizeof(kb), .c.fixed_size = sizeof(kb),
.flags = flags, .flags = flags,
.sig_count = signing_key_count, .sig_count = signing_key_count,
}; };
struct vb2_packed_key *key = NULL; struct vb21_packed_key *key = NULL;
uint32_t sig_size; uint32_t sig_size;
uint8_t *buf; uint8_t *buf;
@@ -43,10 +43,10 @@ int vb2_keyblock_create(struct vb2_keyblock **kb_ptr,
kb.c.desc_size = vb2_desc_size(desc); kb.c.desc_size = vb2_desc_size(desc);
kb.key_offset = kb.c.fixed_size + kb.c.desc_size; kb.key_offset = kb.c.fixed_size + kb.c.desc_size;
if (vb2_sig_size_for_keys(&sig_size, signing_keys, signing_key_count)) if (vb21_sig_size_for_keys(&sig_size, signing_keys, signing_key_count))
return VB2_KEYBLOCK_CREATE_SIG_SIZE; return VB2_KEYBLOCK_CREATE_SIG_SIZE;
if (vb2_public_key_pack(&key, data_key)) if (vb21_public_key_pack(&key, data_key))
return VB2_KEYBLOCK_CREATE_DATA_KEY; return VB2_KEYBLOCK_CREATE_DATA_KEY;
kb.sig_offset = kb.key_offset + key->c.total_size; kb.sig_offset = kb.key_offset + key->c.total_size;
@@ -66,12 +66,12 @@ int vb2_keyblock_create(struct vb2_keyblock **kb_ptr,
free(key); free(key);
/* Sign the keyblock */ /* Sign the keyblock */
if (vb2_sign_object_multiple(buf, kb.sig_offset, signing_keys, if (vb21_sign_object_multiple(buf, kb.sig_offset, signing_keys,
signing_key_count)) { signing_key_count)) {
free(buf); free(buf);
return VB2_KEYBLOCK_CREATE_SIGN; return VB2_KEYBLOCK_CREATE_SIGN;
} }
*kb_ptr = (struct vb2_keyblock *)buf; *kb_ptr = (struct vb21_keyblock *)buf;
return VB2_SUCCESS; return VB2_SUCCESS;
} }

6
host/lib21/host_misc.c
View File

@@ -13,7 +13,7 @@
#include "2sysincludes.h" #include "2sysincludes.h"
#include "2common.h" #include "2common.h"
#include "2sha.h" #include "2sha.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_misc2.h" #include "host_misc2.h"
@@ -81,9 +81,9 @@ int vb2_write_file(const char *filename, const void *buf, uint32_t size)
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_write_object(const char *filename, const void *buf) int vb21_write_object(const char *filename, const void *buf)
{ {
const struct vb2_struct_common *cptr = buf; const struct vb21_struct_common *cptr = buf;
return vb2_write_file(filename, buf, cptr->total_size); return vb2_write_file(filename, buf, cptr->total_size);
} }

66
host/lib21/host_signature.c
View File

@@ -11,7 +11,7 @@
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "2sha.h" #include "2sha.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_key2.h" #include "host_key2.h"
#include "host_signature2.h" #include "host_signature2.h"
@@ -76,16 +76,16 @@ static int vb2_digest_info(enum vb2_hash_algorithm hash_alg,
} }
} }
int vb2_sign_data(struct vb2_signature **sig_ptr, int vb21_sign_data(struct vb21_signature **sig_ptr,
const uint8_t *data, const uint8_t *data,
uint32_t size, uint32_t size,
const struct vb2_private_key *key, const struct vb2_private_key *key,
const char *desc) const char *desc)
{ {
struct vb2_signature s = { struct vb21_signature s = {
.c.magic = VB2_MAGIC_SIGNATURE, .c.magic = VB21_MAGIC_SIGNATURE,
.c.struct_version_major = VB2_SIGNATURE_VERSION_MAJOR, .c.struct_version_major = VB21_SIGNATURE_VERSION_MAJOR,
.c.struct_version_minor = VB2_SIGNATURE_VERSION_MINOR, .c.struct_version_minor = VB21_SIGNATURE_VERSION_MINOR,
.c.fixed_size = sizeof(s), .c.fixed_size = sizeof(s),
.sig_alg = key->sig_alg, .sig_alg = key->sig_alg,
.hash_alg = key->hash_alg, .hash_alg = key->hash_alg,
@@ -176,29 +176,29 @@ int vb2_sign_data(struct vb2_signature **sig_ptr,
} }
free(sig_digest); free(sig_digest);
*sig_ptr = (struct vb2_signature *)buf; *sig_ptr = (struct vb21_signature *)buf;
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_sig_size_for_key(uint32_t *size_ptr, int vb21_sig_size_for_key(uint32_t *size_ptr,
const struct vb2_private_key *key, const struct vb2_private_key *key,
const char *desc) const char *desc)
{ {
uint32_t size = vb2_sig_size(key->sig_alg, key->hash_alg); uint32_t size = vb2_sig_size(key->sig_alg, key->hash_alg);
if (!size) if (!size)
return VB2_ERROR_SIG_SIZE_FOR_KEY; return VB2_ERROR_SIG_SIZE_FOR_KEY;
size += sizeof(struct vb2_signature); size += sizeof(struct vb21_signature);
size += vb2_desc_size(desc ? desc : key->desc); size += vb2_desc_size(desc ? desc : key->desc);
*size_ptr = size; *size_ptr = size;
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_sig_size_for_keys(uint32_t *size_ptr, int vb21_sig_size_for_keys(uint32_t *size_ptr,
const struct vb2_private_key **key_list, const struct vb2_private_key **key_list,
uint32_t key_count) uint32_t key_count)
{ {
uint32_t total = 0, size = 0; uint32_t total = 0, size = 0;
int rv, i; int rv, i;
@@ -206,7 +206,7 @@ int vb2_sig_size_for_keys(uint32_t *size_ptr,
*size_ptr = 0; *size_ptr = 0;
for (i = 0; i < key_count; i++) { for (i = 0; i < key_count; i++) {
rv = vb2_sig_size_for_key(&size, key_list[i], NULL); rv = vb21_sig_size_for_key(&size, key_list[i], NULL);
if (rv) if (rv)
return rv; return rv;
total += size; total += size;
@@ -216,16 +216,16 @@ int vb2_sig_size_for_keys(uint32_t *size_ptr,
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_sign_object(uint8_t *buf, int vb21_sign_object(uint8_t *buf,
uint32_t sig_offset, uint32_t sig_offset,
const struct vb2_private_key *key, const struct vb2_private_key *key,
const char *desc) const char *desc)
{ {
struct vb2_struct_common *c = (struct vb2_struct_common *)buf; struct vb21_struct_common *c = (struct vb21_struct_common *)buf;
struct vb2_signature *sig = NULL; struct vb21_signature *sig = NULL;
int rv; int rv;
rv = vb2_sign_data(&sig, buf, sig_offset, key, desc); rv = vb21_sign_data(&sig, buf, sig_offset, key, desc);
if (rv) if (rv)
return rv; return rv;
@@ -240,19 +240,19 @@ int vb2_sign_object(uint8_t *buf,
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_sign_object_multiple(uint8_t *buf, int vb21_sign_object_multiple(uint8_t *buf,
uint32_t sig_offset, uint32_t sig_offset,
const struct vb2_private_key **key_list, const struct vb2_private_key **key_list,
uint32_t key_count) uint32_t key_count)
{ {
struct vb2_struct_common *c = (struct vb2_struct_common *)buf; struct vb21_struct_common *c = (struct vb21_struct_common *)buf;
uint32_t sig_next = sig_offset; uint32_t sig_next = sig_offset;
int rv, i; int rv, i;
for (i = 0; i < key_count; i++) { for (i = 0; i < key_count; i++) {
struct vb2_signature *sig = NULL; struct vb21_signature *sig = NULL;
rv = vb2_sign_data(&sig, buf, sig_offset, key_list[i], NULL); rv = vb21_sign_data(&sig, buf, sig_offset, key_list[i], NULL);
if (rv) if (rv)
return rv; return rv;

19
host/lib21/include/host_fw_preamble2.h
View File

@@ -8,10 +8,9 @@
#ifndef VBOOT_REFERENCE_HOST_FW_PREAMBLE2_H_ #ifndef VBOOT_REFERENCE_HOST_FW_PREAMBLE2_H_
#define VBOOT_REFERENCE_HOST_FW_PREAMBLE2_H_ #define VBOOT_REFERENCE_HOST_FW_PREAMBLE2_H_
#include "vb2_struct.h"
struct vb2_private_key; struct vb2_private_key;
struct vb21_fw_preamble;
struct vb21_signature;
/** /**
* Create and sign a firmware preamble. * Create and sign a firmware preamble.
* *
@@ -25,12 +24,12 @@ struct vb2_private_key;
* @param desc Description for preamble, or NULL if none * @param desc Description for preamble, or NULL if none
* @return VB2_SUCCESS, or non-zero error code if failure. * @return VB2_SUCCESS, or non-zero error code if failure.
*/ */
int vb2_fw_preamble_create(struct vb2_fw_preamble **fp_ptr, int vb21_fw_preamble_create(struct vb21_fw_preamble **fp_ptr,
const struct vb2_private_key *signing_key, const struct vb2_private_key *signing_key,
const struct vb2_signature **hash_list, const struct vb21_signature **hash_list,
uint32_t hash_count, uint32_t hash_count,
uint32_t fw_version, uint32_t fw_version,
uint32_t flags, uint32_t flags,
const char *desc); const char *desc);
#endif /* VBOOT_REFERENCE_HOST_FW_PREAMBLE2_H_ */ #endif /* VBOOT_REFERENCE_HOST_FW_PREAMBLE2_H_ */

39
host/lib21/include/host_key2.h
View File

@@ -11,6 +11,7 @@
#include "2struct.h" #include "2struct.h"
struct vb2_public_key; struct vb2_public_key;
struct vb21_packed_key;
/* Private key data, in-memory format for use in signing calls. */ /* Private key data, in-memory format for use in signing calls. */
struct vb2_private_key { struct vb2_private_key {
@@ -57,7 +58,7 @@ extern struct vb2_text_vs_enum vb2_text_vs_hash[];
void vb2_private_key_free(struct vb2_private_key *key); void vb2_private_key_free(struct vb2_private_key *key);
/** /**
* Unpack a private key from vb2_packed_private_key format. * Unpack a private key from vb21_packed_private_key format.
* *
* @param key_ptr Destination for newly allocated key; this must be * @param key_ptr Destination for newly allocated key; this must be
* freed with vb2_private_key_free(). * freed with vb2_private_key_free().
@@ -65,20 +66,20 @@ void vb2_private_key_free(struct vb2_private_key *key);
* @param size Size of buffer in bytes * @param size Size of buffer in bytes
* @return VB2_SUCCESS, or non-zero error code if error. * @return VB2_SUCCESS, or non-zero error code if error.
*/ */
int vb2_private_key_unpack(struct vb2_private_key **key_ptr, int vb21_private_key_unpack(struct vb2_private_key **key_ptr,
const uint8_t *buf, const uint8_t *buf,
uint32_t size); uint32_t size);
/** /**
* Read a private key from vb2_packed_private_key format. * Read a private key from vb21_packed_private_key format.
* *
* @param key_ptr Destination for newly allocated key; this must be * @param key_ptr Destination for newly allocated key; this must be
* freed with vb2_private_key_free(). * freed with vb2_private_key_free().
* @param filename File to read key data from. * @param filename File to read key data from.
* @return VB2_SUCCESS, or non-zero error code if error. * @return VB2_SUCCESS, or non-zero error code if error.
*/ */
int vb2_private_key_read(struct vb2_private_key **key_ptr, int vb21_private_key_read(struct vb2_private_key **key_ptr,
const char *filename); const char *filename);
/** /**
* Read a private key from a .pem file. * Read a private key from a .pem file.
@@ -104,14 +105,14 @@ int vb2_private_key_read_pem(struct vb2_private_key **key_ptr,
int vb2_private_key_set_desc(struct vb2_private_key *key, const char *desc); int vb2_private_key_set_desc(struct vb2_private_key *key, const char *desc);
/** /**
* Write a private key to vb2_packed_private_key format. * Write a private key to vb21_packed_private_key format.
* *
* @param key Key to write * @param key Key to write
* @param filename File to write key data to. * @param filename File to write key data to.
* @return VB2_SUCCESS, or non-zero error code if error. * @return VB2_SUCCESS, or non-zero error code if error.
*/ */
int vb2_private_key_write(const struct vb2_private_key *key, int vb21_private_key_write(const struct vb2_private_key *key,
const char *filename); const char *filename);
/** /**
* Get a private key for an unsigned hash * Get a private key for an unsigned hash
@@ -150,7 +151,7 @@ uint8_t *vb2_public_key_packed_data(struct vb2_public_key *key);
* *
* Note that this should ONLY be called for public keys allocated via one * Note that this should ONLY be called for public keys allocated via one
* of those functions; public keys created or filled in other ways (such as * of those functions; public keys created or filled in other ways (such as
* vb2_unpack_key()) do not allocate memory for sub-fields in the same way. * vb21_unpack_key()) do not allocate memory for sub-fields in the same way.
* *
* @param key Key to free * @param key Key to free
*/ */
@@ -182,17 +183,17 @@ int vb2_public_key_read_keyb(struct vb2_public_key **key_ptr,
int vb2_public_key_set_desc(struct vb2_public_key *key, const char *desc); int vb2_public_key_set_desc(struct vb2_public_key *key, const char *desc);
/** /**
* Read a public key in vb2_packed_key format. * Read a public key in vb21_packed_key format.
* *
* @param key_ptr On success, points to the newly allocated key buffer. * @param key_ptr On success, points to the newly allocated key buffer.
* Caller is responsible for calling free() on this. * Caller is responsible for calling free() on this.
* @return VB2_SUCCESS, or non-zero if error. * @return VB2_SUCCESS, or non-zero if error.
*/ */
int vb2_packed_key_read(struct vb2_packed_key **key_ptr, int vb21_packed_key_read(struct vb21_packed_key **key_ptr,
const char *filename); const char *filename);
/** /**
* Pack a public key into vb2_packed_key format. * Pack a public key into vb21_packed_key format.
* *
* @param pubk Public key to pack * @param pubk Public key to pack
* @param key_ptr On success, points to a newly allocated packed key * @param key_ptr On success, points to a newly allocated packed key
@@ -200,8 +201,8 @@ int vb2_packed_key_read(struct vb2_packed_key **key_ptr,
* this. * this.
* @return VB2_SUCCESS, or non-zero if error. * @return VB2_SUCCESS, or non-zero if error.
*/ */
int vb2_public_key_pack(struct vb2_packed_key **key_ptr, int vb21_public_key_pack(struct vb21_packed_key **key_ptr,
const struct vb2_public_key *pubk); const struct vb2_public_key *pubk);
/** /**
* Get a public key for an unsigned hash. * Get a public key for an unsigned hash.
@@ -223,13 +224,13 @@ int vb2_public_key_hash(struct vb2_public_key *key,
enum vb2_signature_algorithm vb2_rsa_sig_alg(struct rsa_st *rsa); enum vb2_signature_algorithm vb2_rsa_sig_alg(struct rsa_st *rsa);
/** /**
* Write a public key to the vb2_packed_key format. * Write a public key to the vb21_packed_key format.
* *
* @param key Key to write * @param key Key to write
* @param filename File to write key data to. * @param filename File to write key data to.
* @return VB2_SUCCESS, or non-zero error code if error. * @return VB2_SUCCESS, or non-zero error code if error.
*/ */
int vb2_public_key_write(const struct vb2_public_key *key, int vb21_public_key_write(const struct vb2_public_key *key,
const char *filename); const char *filename);
#endif /* VBOOT_REFERENCE_HOST_KEY2_H_ */ #endif /* VBOOT_REFERENCE_HOST_KEY2_H_ */

15
host/lib21/include/host_keyblock2.h
View File

@@ -8,10 +8,9 @@
#ifndef VBOOT_REFERENCE_HOST_KEYBLOCK2_H_ #ifndef VBOOT_REFERENCE_HOST_KEYBLOCK2_H_
#define VBOOT_REFERENCE_HOST_KEYBLOCK2_H_ #define VBOOT_REFERENCE_HOST_KEYBLOCK2_H_
#include "2struct.h"
struct vb2_private_key; struct vb2_private_key;
struct vb2_public_key; struct vb2_public_key;
struct vb21_keyblock;
/** /**
* Create and sign a keyblock. * Create and sign a keyblock.
@@ -26,11 +25,11 @@ struct vb2_public_key;
* taken from the data key. * taken from the data key.
* @return VB2_SUCCESS, or non-zero error code if failure. * @return VB2_SUCCESS, or non-zero error code if failure.
*/ */
int vb2_keyblock_create(struct vb2_keyblock **kb_ptr, int vb21_keyblock_create(struct vb21_keyblock **kb_ptr,
const struct vb2_public_key *data_key, const struct vb2_public_key *data_key,
const struct vb2_private_key **signing_keys, const struct vb2_private_key **signing_keys,
uint32_t signing_key_count, uint32_t signing_key_count,
uint32_t flags, uint32_t flags,
const char *desc); const char *desc);
#endif /* VBOOT_REFERENCE_HOST_KEYBLOCK2_H_ */ #endif /* VBOOT_REFERENCE_HOST_KEYBLOCK2_H_ */

38
host/lib21/include/host_signature2.h
View File

@@ -24,11 +24,11 @@ struct vb2_private_key;
* key description will be used. * key description will be used.
* @return VB2_SUCCESS, or non-zero error code on failure. * @return VB2_SUCCESS, or non-zero error code on failure.
*/ */
int vb2_sign_data(struct vb2_signature **sig_ptr, int vb21_sign_data(struct vb21_signature **sig_ptr,
const uint8_t *data, const uint8_t *data,
uint32_t size, uint32_t size,
const struct vb2_private_key *key, const struct vb2_private_key *key,
const char *desc); const char *desc);
/** /**
* Calculate the signature size for a private key. * Calculate the signature size for a private key.
@@ -39,9 +39,9 @@ int vb2_sign_data(struct vb2_signature **sig_ptr,
* key description will be used. * key description will be used.
* @return VB2_SUCCESS, or non-zero error code on failure. * @return VB2_SUCCESS, or non-zero error code on failure.
*/ */
int vb2_sig_size_for_key(uint32_t *size_ptr, int vb21_sig_size_for_key(uint32_t *size_ptr,
const struct vb2_private_key *key, const struct vb2_private_key *key,
const char *desc); const char *desc);
/** /**
* Calculate the total signature size for a list of keys. * Calculate the total signature size for a list of keys.
@@ -51,9 +51,9 @@ int vb2_sig_size_for_key(uint32_t *size_ptr,
* @param key_count Number of keys. * @param key_count Number of keys.
* @return VB2_SUCCESS, or non-zero error code on failure. * @return VB2_SUCCESS, or non-zero error code on failure.
*/ */
int vb2_sig_size_for_keys(uint32_t *size_ptr, int vb21_sig_size_for_keys(uint32_t *size_ptr,
const struct vb2_private_key **key_list, const struct vb2_private_key **key_list,
uint32_t key_count); uint32_t key_count);
/** /**
* Sign object with a key. * Sign object with a key.
@@ -65,10 +65,10 @@ int vb2_sig_size_for_keys(uint32_t *size_ptr,
* @param key Key to sign object with * @param key Key to sign object with
* @param desc If non-null, description to use for signature * @param desc If non-null, description to use for signature
*/ */
int vb2_sign_object(uint8_t *buf, int vb21_sign_object(uint8_t *buf,
uint32_t sig_offset, uint32_t sig_offset,
const struct vb2_private_key *key, const struct vb2_private_key *key,
const char *desc); const char *desc);
/** /**
* Sign object with list of keys. * Sign object with list of keys.
@@ -80,9 +80,9 @@ int vb2_sign_object(uint8_t *buf,
* @param key_list List of keys to sign object with * @param key_list List of keys to sign object with
* @param key_count Number of keys in list * @param key_count Number of keys in list
*/ */
int vb2_sign_object_multiple(uint8_t *buf, int vb21_sign_object_multiple(uint8_t *buf,
uint32_t sig_offset, uint32_t sig_offset,
const struct vb2_private_key **key_list, const struct vb2_private_key **key_list,
uint32_t key_count); uint32_t key_count);
#endif /* VBOOT_REFERENCE_HOST_SIGNATURE2_H_ */ #endif /* VBOOT_REFERENCE_HOST_SIGNATURE2_H_ */

30
tests/vb21_api_tests.c
View File

@@ -15,7 +15,7 @@
#include "2rsa.h" #include "2rsa.h"
#include "2secdata.h" #include "2secdata.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_key2.h" #include "host_key2.h"
#include "host_signature2.h" #include "host_signature2.h"
@@ -64,8 +64,8 @@ enum reset_type {
static void reset_common_data(enum reset_type t) static void reset_common_data(enum reset_type t)
{ {
const struct vb2_private_key *hash_key; const struct vb2_private_key *hash_key;
struct vb2_fw_preamble *pre; struct vb21_fw_preamble *pre;
struct vb2_signature *sig; struct vb21_signature *sig;
uint32_t sig_offset; uint32_t sig_offset;
int i; int i;
@@ -92,18 +92,18 @@ static void reset_common_data(enum reset_type t)
vb2_private_key_hash(&hash_key, mock_hash_alg); vb2_private_key_hash(&hash_key, mock_hash_alg);
sd->workbuf_preamble_offset = ctx.workbuf_used; sd->workbuf_preamble_offset = ctx.workbuf_used;
pre = (struct vb2_fw_preamble *) pre = (struct vb21_fw_preamble *)
(ctx.workbuf + sd->workbuf_preamble_offset); (ctx.workbuf + sd->workbuf_preamble_offset);
pre->hash_count = 3; pre->hash_count = 3;
pre->hash_offset = sig_offset = sizeof(*pre); pre->hash_offset = sig_offset = sizeof(*pre);
if (hwcrypto_state == HWCRYPTO_FORBIDDEN) if (hwcrypto_state == HWCRYPTO_FORBIDDEN)
pre->flags = VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO; pre->flags = VB21_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO;
else else
pre->flags = 0; pre->flags = 0;
for (i = 0; i < 3; i++) { for (i = 0; i < 3; i++) {
vb2_sign_data(&sig, mock_body, mock_body_size - 16 * i, vb21_sign_data(&sig, mock_body, mock_body_size - 16 * i,
hash_key, NULL); hash_key, NULL);
memcpy(&sig->id, test_id + i, sizeof(sig->id)); memcpy(&sig->id, test_id + i, sizeof(sig->id));
memcpy((uint8_t *)pre + sig_offset, sig, sig->c.total_size); memcpy((uint8_t *)pre + sig_offset, sig, sig->c.total_size);
sig_offset += sig->c.total_size; sig_offset += sig->c.total_size;
@@ -197,15 +197,15 @@ static void phase3_tests(void)
static void init_hash_tests(void) static void init_hash_tests(void)
{ {
struct vb2_fw_preamble *pre; struct vb21_fw_preamble *pre;
struct vb2_signature *sig; struct vb21_signature *sig;
int wb_used_before; int wb_used_before;
uint32_t size; uint32_t size;
reset_common_data(FOR_MISC); reset_common_data(FOR_MISC);
pre = (struct vb2_fw_preamble *) pre = (struct vb21_fw_preamble *)
(ctx.workbuf + sd->workbuf_preamble_offset); (ctx.workbuf + sd->workbuf_preamble_offset);
sig = (struct vb2_signature *)((uint8_t *)pre + pre->hash_offset); sig = (struct vb21_signature *)((uint8_t *)pre + pre->hash_offset);
wb_used_before = ctx.workbuf_used; wb_used_before = ctx.workbuf_used;
TEST_SUCC(vb2api_init_hash2(&ctx, test_id, &size), TEST_SUCC(vb2api_init_hash2(&ctx, test_id, &size),
@@ -304,14 +304,14 @@ static void extend_hash_tests(void)
static void check_hash_tests(void) static void check_hash_tests(void)
{ {
struct vb2_fw_preamble *pre; struct vb21_fw_preamble *pre;
struct vb2_signature *sig; struct vb21_signature *sig;
struct vb2_digest_context *dc; struct vb2_digest_context *dc;
reset_common_data(FOR_CHECK_HASH); reset_common_data(FOR_CHECK_HASH);
pre = (struct vb2_fw_preamble *) pre = (struct vb21_fw_preamble *)
(ctx.workbuf + sd->workbuf_preamble_offset); (ctx.workbuf + sd->workbuf_preamble_offset);
sig = (struct vb2_signature *)((uint8_t *)pre + pre->hash_offset); sig = (struct vb21_signature *)((uint8_t *)pre + pre->hash_offset);
dc = (struct vb2_digest_context *) dc = (struct vb2_digest_context *)
(ctx.workbuf + sd->workbuf_hash_offset); (ctx.workbuf + sd->workbuf_hash_offset);

128
tests/vb21_common2_tests.c
View File

@@ -12,7 +12,7 @@
#include "2sysincludes.h" #include "2sysincludes.h"
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_key2.h" #include "host_key2.h"
#include "host_signature2.h" #include "host_signature2.h"
@@ -22,48 +22,48 @@
static const uint8_t test_data[] = "This is some test data to sign."; static const uint8_t test_data[] = "This is some test data to sign.";
static const uint32_t test_size = sizeof(test_data); static const uint32_t test_size = sizeof(test_data);
static void test_unpack_key(const struct vb2_packed_key *key) static void test_unpack_key(const struct vb21_packed_key *key)
{ {
struct vb2_public_key pubk; struct vb2_public_key pubk;
struct vb2_packed_key *key2; struct vb21_packed_key *key2;
uint32_t size = key->c.total_size; uint32_t size = key->c.total_size;
/* Make a copy of the key for testing */ /* Make a copy of the key for testing */
key2 = (struct vb2_packed_key *)malloc(size); key2 = (struct vb21_packed_key *)malloc(size);
memcpy(key2, key, size); memcpy(key2, key, size);
TEST_SUCC(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_SUCC(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
"vb2_unpack_key() ok"); "vb21_unpack_key() ok");
memcpy(key2, key, size); memcpy(key2, key, size);
key2->key_offset += 4; key2->key_offset += 4;
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
VB2_ERROR_COMMON_MEMBER_SIZE, VB2_ERROR_COMMON_MEMBER_SIZE,
"vb2_unpack_key() buffer too small"); "vb21_unpack_key() buffer too small");
memcpy(key2, key, size); memcpy(key2, key, size);
key2->c.fixed_size += size; key2->c.fixed_size += size;
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
VB2_ERROR_COMMON_FIXED_SIZE, VB2_ERROR_COMMON_FIXED_SIZE,
"vb2_unpack_key() buffer too small for desc"); "vb21_unpack_key() buffer too small for desc");
memcpy(key2, key, size); memcpy(key2, key, size);
key2->c.desc_size = 0; key2->c.desc_size = 0;
TEST_SUCC(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_SUCC(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
"vb2_unpack_key() no desc"); "vb21_unpack_key() no desc");
TEST_EQ(strcmp(pubk.desc, ""), 0, " empty desc string"); TEST_EQ(strcmp(pubk.desc, ""), 0, " empty desc string");
memcpy(key2, key, size); memcpy(key2, key, size);
key2->c.magic++; key2->c.magic++;
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
VB2_ERROR_UNPACK_KEY_MAGIC, VB2_ERROR_UNPACK_KEY_MAGIC,
"vb2_unpack_key() bad magic"); "vb21_unpack_key() bad magic");
memcpy(key2, key, size); memcpy(key2, key, size);
key2->c.struct_version_major++; key2->c.struct_version_major++;
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
VB2_ERROR_UNPACK_KEY_STRUCT_VERSION, VB2_ERROR_UNPACK_KEY_STRUCT_VERSION,
"vb2_unpack_key() bad major version"); "vb21_unpack_key() bad major version");
/* /*
* Minor version changes are ok. Note that this test assumes that the * Minor version changes are ok. Note that this test assumes that the
@@ -76,105 +76,105 @@ static void test_unpack_key(const struct vb2_packed_key *key)
*/ */
memcpy(key2, key, size); memcpy(key2, key, size);
key2->c.struct_version_minor++; key2->c.struct_version_minor++;
TEST_SUCC(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_SUCC(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
"vb2_unpack_key() minor version change ok"); "vb21_unpack_key() minor version change ok");
memcpy(key2, key, size); memcpy(key2, key, size);
key2->sig_alg = VB2_SIG_INVALID; key2->sig_alg = VB2_SIG_INVALID;
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM, VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
"vb2_unpack_key() bad sig algorithm"); "vb21_unpack_key() bad sig algorithm");
memcpy(key2, key, size); memcpy(key2, key, size);
key2->hash_alg = VB2_HASH_INVALID; key2->hash_alg = VB2_HASH_INVALID;
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM, VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
"vb2_unpack_key() bad hash algorithm"); "vb21_unpack_key() bad hash algorithm");
memcpy(key2, key, size); memcpy(key2, key, size);
key2->key_size -= 4; key2->key_size -= 4;
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
VB2_ERROR_UNPACK_KEY_SIZE, VB2_ERROR_UNPACK_KEY_SIZE,
"vb2_unpack_key() invalid size"); "vb21_unpack_key() invalid size");
memcpy(key2, key, size); memcpy(key2, key, size);
key2->key_offset--; key2->key_offset--;
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
VB2_ERROR_COMMON_MEMBER_UNALIGNED, VB2_ERROR_COMMON_MEMBER_UNALIGNED,
"vb2_unpack_key() unaligned data"); "vb21_unpack_key() unaligned data");
memcpy(key2, key, size); memcpy(key2, key, size);
*(uint32_t *)((uint8_t *)key2 + key2->key_offset) /= 2; *(uint32_t *)((uint8_t *)key2 + key2->key_offset) /= 2;
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
VB2_ERROR_UNPACK_KEY_ARRAY_SIZE, VB2_ERROR_UNPACK_KEY_ARRAY_SIZE,
"vb2_unpack_key() invalid key array size"); "vb21_unpack_key() invalid key array size");
free(key2); free(key2);
} }
static void test_verify_signature(const struct vb2_signature *sig) static void test_verify_signature(const struct vb21_signature *sig)
{ {
struct vb2_signature *sig2; struct vb21_signature *sig2;
uint8_t *buf2; uint8_t *buf2;
uint32_t size; uint32_t size;
/* Make a copy of the signature */ /* Make a copy of the signature */
size = sig->c.total_size; size = sig->c.total_size;
buf2 = malloc(size); buf2 = malloc(size);
sig2 = (struct vb2_signature *)buf2; sig2 = (struct vb21_signature *)buf2;
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
TEST_SUCC(vb2_verify_signature(sig2, size), "verify_sig ok"); TEST_SUCC(vb21_verify_signature(sig2, size), "verify_sig ok");
sig2->c.magic = VB2_MAGIC_PACKED_KEY; sig2->c.magic = VB21_MAGIC_PACKED_KEY;
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_MAGIC, TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_SIG_MAGIC,
"verify_sig magic"); "verify_sig magic");
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
sig2->c.total_size += 4; sig2->c.total_size += 4;
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_COMMON_TOTAL_SIZE, TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_COMMON_TOTAL_SIZE,
"verify_sig common header"); "verify_sig common header");
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
sig2->c.struct_version_minor++; sig2->c.struct_version_minor++;
TEST_SUCC(vb2_verify_signature(sig2, size), "verify_sig minor ver"); TEST_SUCC(vb21_verify_signature(sig2, size), "verify_sig minor ver");
sig2->c.struct_version_major++; sig2->c.struct_version_major++;
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_VERSION, TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_SIG_VERSION,
"verify_sig major ver"); "verify_sig major ver");
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
sig2->c.fixed_size -= 4; sig2->c.fixed_size -= 4;
sig2->c.desc_size += 4; sig2->c.desc_size += 4;
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_HEADER_SIZE, TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_SIG_HEADER_SIZE,
"verify_sig header size"); "verify_sig header size");
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
sig2->sig_size += 4; sig2->sig_size += 4;
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_COMMON_MEMBER_SIZE, TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_COMMON_MEMBER_SIZE,
"verify_sig sig size"); "verify_sig sig size");
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
sig2->sig_alg = VB2_SIG_INVALID; sig2->sig_alg = VB2_SIG_INVALID;
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_ALGORITHM, TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_SIG_ALGORITHM,
"verify_sig sig alg"); "verify_sig sig alg");
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
sig2->sig_alg = (sig2->sig_alg == VB2_SIG_NONE ? sig2->sig_alg = (sig2->sig_alg == VB2_SIG_NONE ?
VB2_SIG_RSA1024 : VB2_SIG_NONE); VB2_SIG_RSA1024 : VB2_SIG_NONE);
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_SIZE, TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_SIG_SIZE,
"verify_sig sig size"); "verify_sig sig size");
free(buf2); free(buf2);
} }
static void test_verify_data(const struct vb2_public_key *pubk_orig, static void test_verify_data(const struct vb2_public_key *pubk_orig,
const struct vb2_signature *sig) const struct vb21_signature *sig)
{ {
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES] uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]
__attribute__ ((aligned (VB2_WORKBUF_ALIGN))); __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
struct vb2_workbuf wb; struct vb2_workbuf wb;
struct vb2_public_key pubk; struct vb2_public_key pubk;
struct vb2_signature *sig2; struct vb21_signature *sig2;
uint8_t *buf2; uint8_t *buf2;
uint32_t size; uint32_t size;
@@ -185,53 +185,53 @@ static void test_verify_data(const struct vb2_public_key *pubk_orig,
/* Allocate signature copy for tests */ /* Allocate signature copy for tests */
size = sig->c.total_size; size = sig->c.total_size;
buf2 = malloc(size); buf2 = malloc(size);
sig2 = (struct vb2_signature *)buf2; sig2 = (struct vb21_signature *)buf2;
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
pubk.sig_alg = VB2_SIG_INVALID; pubk.sig_alg = VB2_SIG_INVALID;
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
VB2_ERROR_VDATA_ALGORITHM, "vb2_verify_data() bad sig alg"); VB2_ERROR_VDATA_ALGORITHM, "vb21_verify_data() bad sig alg");
pubk = *pubk_orig; pubk = *pubk_orig;
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
pubk.hash_alg = VB2_HASH_INVALID; pubk.hash_alg = VB2_HASH_INVALID;
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
VB2_ERROR_VDATA_DIGEST_SIZE, VB2_ERROR_VDATA_DIGEST_SIZE,
"vb2_verify_data() bad hash alg"); "vb21_verify_data() bad hash alg");
pubk = *pubk_orig; pubk = *pubk_orig;
vb2_workbuf_init(&wb, workbuf, 4); vb2_workbuf_init(&wb, workbuf, 4);
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
VB2_ERROR_VDATA_WORKBUF_DIGEST, VB2_ERROR_VDATA_WORKBUF_DIGEST,
"vb2_verify_data() workbuf too small"); "vb21_verify_data() workbuf too small");
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
0, "vb2_verify_data() ok"); 0, "vb21_verify_data() ok");
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
sig2->sig_size -= 16; sig2->sig_size -= 16;
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
VB2_ERROR_VDATA_SIG_SIZE, "vb2_verify_data() wrong sig size"); VB2_ERROR_VDATA_SIG_SIZE, "vb21_verify_data() wrong sig size");
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
TEST_EQ(vb2_verify_data(test_data, test_size - 1, sig2, &pubk, &wb), TEST_EQ(vb21_verify_data(test_data, test_size - 1, sig2, &pubk, &wb),
VB2_ERROR_VDATA_SIZE, "vb2_verify_data() wrong data size"); VB2_ERROR_VDATA_SIZE, "vb21_verify_data() wrong data size");
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
sig2->hash_alg = (sig2->hash_alg == VB2_HASH_SHA1 ? sig2->hash_alg = (sig2->hash_alg == VB2_HASH_SHA1 ?
VB2_HASH_SHA256 : VB2_HASH_SHA1); VB2_HASH_SHA256 : VB2_HASH_SHA1);
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
VB2_ERROR_VDATA_ALGORITHM_MISMATCH, VB2_ERROR_VDATA_ALGORITHM_MISMATCH,
"vb2_verify_data() alg mismatch"); "vb21_verify_data() alg mismatch");
memcpy(buf2, sig, size); memcpy(buf2, sig, size);
buf2[sig2->sig_offset] ^= 0x5A; buf2[sig2->sig_offset] ^= 0x5A;
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
VB2_ERROR_RSA_PADDING, "vb2_verify_data() wrong sig"); VB2_ERROR_RSA_PADDING, "vb21_verify_data() wrong sig");
free(buf2); free(buf2);
} }
@@ -246,9 +246,9 @@ int test_algorithm(int key_algorithm, const char *keys_dir)
enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(key_algorithm); enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(key_algorithm);
struct vb2_private_key *prik = NULL; struct vb2_private_key *prik = NULL;
struct vb2_signature *sig2 = NULL; struct vb21_signature *sig2 = NULL;
struct vb2_public_key *pubk = NULL; struct vb2_public_key *pubk = NULL;
struct vb2_packed_key *key2 = NULL; struct vb21_packed_key *key2 = NULL;
printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]); printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]);
@@ -264,10 +264,10 @@ int test_algorithm(int key_algorithm, const char *keys_dir)
"Read public key"); "Read public key");
pubk->hash_alg = hash_alg; pubk->hash_alg = hash_alg;
vb2_public_key_set_desc(pubk, "public key"); vb2_public_key_set_desc(pubk, "public key");
TEST_SUCC(vb2_public_key_pack(&key2, pubk), "Pack public key"); TEST_SUCC(vb21_public_key_pack(&key2, pubk), "Pack public key");
/* Calculate good signatures */ /* Calculate good signatures */
TEST_SUCC(vb2_sign_data(&sig2, test_data, test_size, prik, ""), TEST_SUCC(vb21_sign_data(&sig2, test_data, test_size, prik, ""),
"Make test signature"); "Make test signature");
test_unpack_key(key2); test_unpack_key(key2);

292
tests/vb21_common_tests.c
View File

@@ -8,7 +8,7 @@
#include "2sysincludes.h" #include "2sysincludes.h"
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_fw_preamble2.h" #include "host_fw_preamble2.h"
#include "host_key2.h" #include "host_key2.h"
#include "host_keyblock2.h" #include "host_keyblock2.h"
@@ -30,21 +30,21 @@ static void test_struct_packing(void)
TEST_EQ(EXPECTED_ID_SIZE, TEST_EQ(EXPECTED_ID_SIZE,
sizeof(struct vb2_id), sizeof(struct vb2_id),
"sizeof(vb2_id)"); "sizeof(vb2_id)");
TEST_EQ(EXPECTED_VB2_STRUCT_COMMON_SIZE, TEST_EQ(EXPECTED_VB21_STRUCT_COMMON_SIZE,
sizeof(struct vb2_struct_common), sizeof(struct vb21_struct_common),
"sizeof(vb2_struct_common)"); "sizeof(vb21_struct_common)");
TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE, TEST_EQ(EXPECTED_VB21_PACKED_KEY_SIZE,
sizeof(struct vb2_packed_key), sizeof(struct vb21_packed_key),
"sizeof(vb2_packed_key)"); "sizeof(vb21_packed_key)");
TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE, TEST_EQ(EXPECTED_VB21_SIGNATURE_SIZE,
sizeof(struct vb2_signature), sizeof(struct vb21_signature),
"sizeof(vb2_signature)"); "sizeof(vb21_signature)");
TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE, TEST_EQ(EXPECTED_VB21_KEYBLOCK_SIZE,
sizeof(struct vb2_keyblock), sizeof(struct vb21_keyblock),
"sizeof(vb2_keyblock)"); "sizeof(vb21_keyblock)");
TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE, TEST_EQ(EXPECTED_VB21_FW_PREAMBLE_SIZE,
sizeof(struct vb2_fw_preamble), sizeof(struct vb21_fw_preamble),
"sizeof(vb2_fw_preamble)"); "sizeof(vb21_fw_preamble)");
} }
/** /**
@@ -52,10 +52,10 @@ static void test_struct_packing(void)
*/ */
static void test_common_header_functions(void) static void test_common_header_functions(void)
{ {
uint8_t cbuf[sizeof(struct vb2_struct_common) + 128]; uint8_t cbuf[sizeof(struct vb21_struct_common) + 128];
uint8_t cbufgood[sizeof(cbuf)]; uint8_t cbufgood[sizeof(cbuf)];
struct vb2_struct_common *c = (struct vb2_struct_common *)cbuf; struct vb21_struct_common *c = (struct vb21_struct_common *)cbuf;
struct vb2_struct_common *c2; struct vb21_struct_common *c2;
const char test_desc[32] = "test desc"; const char test_desc[32] = "test desc";
uint32_t desc_end, m; uint32_t desc_end, m;
@@ -65,125 +65,125 @@ static void test_common_header_functions(void)
memcpy(cbuf + c->fixed_size, test_desc, sizeof(test_desc)); memcpy(cbuf + c->fixed_size, test_desc, sizeof(test_desc));
desc_end = c->fixed_size + c->desc_size; desc_end = c->fixed_size + c->desc_size;
c2 = (struct vb2_struct_common *)(cbuf + desc_end); c2 = (struct vb21_struct_common *)(cbuf + desc_end);
c2->total_size = c->total_size - desc_end; c2->total_size = c->total_size - desc_end;
c2->fixed_size = sizeof(*c2); c2->fixed_size = sizeof(*c2);
c2->desc_size = 0; c2->desc_size = 0;
/* Description helper */ /* Description helper */
TEST_EQ(0, strcmp(vb2_common_desc(c), test_desc), "vb2_common_desc()"); TEST_EQ(0, strcmp(vb21_common_desc(c), test_desc), "vb21_common_desc()");
TEST_EQ(0, strcmp(vb2_common_desc(c2), ""), "vb2_common_desc() empty"); TEST_EQ(0, strcmp(vb21_common_desc(c2), ""), "vb21_common_desc() empty");
TEST_SUCC(vb2_verify_common_header(cbuf, sizeof(cbuf)), TEST_SUCC(vb21_verify_common_header(cbuf, sizeof(cbuf)),
"vb2_verify_common_header() good"); "vb21_verify_common_header() good");
memcpy(cbufgood, cbuf, sizeof(cbufgood)); memcpy(cbufgood, cbuf, sizeof(cbufgood));
memcpy(cbuf, cbufgood, sizeof(cbuf)); memcpy(cbuf, cbufgood, sizeof(cbuf));
c->total_size += 4; c->total_size += 4;
TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), TEST_EQ(vb21_verify_common_header(cbuf, sizeof(cbuf)),
VB2_ERROR_COMMON_TOTAL_SIZE, VB2_ERROR_COMMON_TOTAL_SIZE,
"vb2_verify_common_header() total size"); "vb21_verify_common_header() total size");
memcpy(cbuf, cbufgood, sizeof(cbuf)); memcpy(cbuf, cbufgood, sizeof(cbuf));
c->fixed_size = c->total_size + 4; c->fixed_size = c->total_size + 4;
TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), TEST_EQ(vb21_verify_common_header(cbuf, sizeof(cbuf)),
VB2_ERROR_COMMON_FIXED_SIZE, VB2_ERROR_COMMON_FIXED_SIZE,
"vb2_verify_common_header() fixed size"); "vb21_verify_common_header() fixed size");
memcpy(cbuf, cbufgood, sizeof(cbuf)); memcpy(cbuf, cbufgood, sizeof(cbuf));
c->desc_size = c->total_size - c->fixed_size + 4; c->desc_size = c->total_size - c->fixed_size + 4;
TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), TEST_EQ(vb21_verify_common_header(cbuf, sizeof(cbuf)),
VB2_ERROR_COMMON_DESC_SIZE, VB2_ERROR_COMMON_DESC_SIZE,
"vb2_verify_common_header() desc size"); "vb21_verify_common_header() desc size");
memcpy(cbuf, cbufgood, sizeof(cbuf)); memcpy(cbuf, cbufgood, sizeof(cbuf));
c->total_size--; c->total_size--;
TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), TEST_EQ(vb21_verify_common_header(cbuf, sizeof(cbuf)),
VB2_ERROR_COMMON_TOTAL_UNALIGNED, VB2_ERROR_COMMON_TOTAL_UNALIGNED,
"vb2_verify_common_header() total unaligned"); "vb21_verify_common_header() total unaligned");
memcpy(cbuf, cbufgood, sizeof(cbuf)); memcpy(cbuf, cbufgood, sizeof(cbuf));
c->fixed_size++; c->fixed_size++;
TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), TEST_EQ(vb21_verify_common_header(cbuf, sizeof(cbuf)),
VB2_ERROR_COMMON_FIXED_UNALIGNED, VB2_ERROR_COMMON_FIXED_UNALIGNED,
"vb2_verify_common_header() fixed unaligned"); "vb21_verify_common_header() fixed unaligned");
memcpy(cbuf, cbufgood, sizeof(cbuf)); memcpy(cbuf, cbufgood, sizeof(cbuf));
c->desc_size--; c->desc_size--;
TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), TEST_EQ(vb21_verify_common_header(cbuf, sizeof(cbuf)),
VB2_ERROR_COMMON_DESC_UNALIGNED, VB2_ERROR_COMMON_DESC_UNALIGNED,
"vb2_verify_common_header() desc unaligned"); "vb21_verify_common_header() desc unaligned");
memcpy(cbuf, cbufgood, sizeof(cbuf)); memcpy(cbuf, cbufgood, sizeof(cbuf));
c->desc_size = -4; c->desc_size = -4;
TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), TEST_EQ(vb21_verify_common_header(cbuf, sizeof(cbuf)),
VB2_ERROR_COMMON_DESC_WRAPS, VB2_ERROR_COMMON_DESC_WRAPS,
"vb2_verify_common_header() desc wraps"); "vb21_verify_common_header() desc wraps");
memcpy(cbuf, cbufgood, sizeof(cbuf)); memcpy(cbuf, cbufgood, sizeof(cbuf));
cbuf[desc_end - 1] = 1; cbuf[desc_end - 1] = 1;
TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), TEST_EQ(vb21_verify_common_header(cbuf, sizeof(cbuf)),
VB2_ERROR_COMMON_DESC_TERMINATOR, VB2_ERROR_COMMON_DESC_TERMINATOR,
"vb2_verify_common_header() desc not terminated"); "vb21_verify_common_header() desc not terminated");
/* Member checking function */ /* Member checking function */
memcpy(cbuf, cbufgood, sizeof(cbuf)); memcpy(cbuf, cbufgood, sizeof(cbuf));
m = 0; m = 0;
TEST_SUCC(vb2_verify_common_member(cbuf, &m, c->total_size - 8, 4), TEST_SUCC(vb21_verify_common_member(cbuf, &m, c->total_size - 8, 4),
"vb2_verify_common_member()"); "vb21_verify_common_member()");
TEST_EQ(m, c->total_size - 4, " new minimum"); TEST_EQ(m, c->total_size - 4, " new minimum");
m = desc_end; m = desc_end;
TEST_SUCC(vb2_verify_common_member(cbuf, &m, desc_end, 4), TEST_SUCC(vb21_verify_common_member(cbuf, &m, desc_end, 4),
"vb2_verify_common_member() good offset"); "vb21_verify_common_member() good offset");
TEST_EQ(m, desc_end + 4, " new minimum"); TEST_EQ(m, desc_end + 4, " new minimum");
m = 0; m = 0;
TEST_EQ(vb2_verify_common_member(cbuf, &m, c->total_size - 8, -4), TEST_EQ(vb21_verify_common_member(cbuf, &m, c->total_size - 8, -4),
VB2_ERROR_COMMON_MEMBER_WRAPS, VB2_ERROR_COMMON_MEMBER_WRAPS,
"vb2_verify_common_member() wraps"); "vb21_verify_common_member() wraps");
m = 0; m = 0;
TEST_EQ(vb2_verify_common_member(cbuf, &m, c->total_size - 7, 4), TEST_EQ(vb21_verify_common_member(cbuf, &m, c->total_size - 7, 4),
VB2_ERROR_COMMON_MEMBER_UNALIGNED, VB2_ERROR_COMMON_MEMBER_UNALIGNED,
"vb2_verify_common_member() offset unaligned"); "vb21_verify_common_member() offset unaligned");
m = 0; m = 0;
TEST_EQ(vb2_verify_common_member(cbuf, &m, c->total_size - 8, 5), TEST_EQ(vb21_verify_common_member(cbuf, &m, c->total_size - 8, 5),
VB2_ERROR_COMMON_MEMBER_UNALIGNED, VB2_ERROR_COMMON_MEMBER_UNALIGNED,
"vb2_verify_common_member() size unaligned"); "vb21_verify_common_member() size unaligned");
m = 0; m = 0;
TEST_EQ(vb2_verify_common_member(cbuf, &m, desc_end - 4, 4), TEST_EQ(vb21_verify_common_member(cbuf, &m, desc_end - 4, 4),
VB2_ERROR_COMMON_MEMBER_OVERLAP, VB2_ERROR_COMMON_MEMBER_OVERLAP,
"vb2_verify_common_member() overlap"); "vb21_verify_common_member() overlap");
m = desc_end + 4; m = desc_end + 4;
TEST_EQ(vb2_verify_common_member(cbuf, &m, desc_end, 4), TEST_EQ(vb21_verify_common_member(cbuf, &m, desc_end, 4),
VB2_ERROR_COMMON_MEMBER_OVERLAP, VB2_ERROR_COMMON_MEMBER_OVERLAP,
"vb2_verify_common_member() overlap 2"); "vb21_verify_common_member() overlap 2");
m = 0; m = 0;
TEST_EQ(vb2_verify_common_member(cbuf, &m, c->total_size - 4, 8), TEST_EQ(vb21_verify_common_member(cbuf, &m, c->total_size - 4, 8),
VB2_ERROR_COMMON_MEMBER_SIZE, VB2_ERROR_COMMON_MEMBER_SIZE,
"vb2_verify_common_member() size"); "vb21_verify_common_member() size");
/* Subobject checking */ /* Subobject checking */
m = 0; m = 0;
TEST_SUCC(vb2_verify_common_subobject(cbuf, &m, desc_end), TEST_SUCC(vb21_verify_common_subobject(cbuf, &m, desc_end),
"vb2_verify_common_subobject() good offset"); "vb21_verify_common_subobject() good offset");
TEST_EQ(m, sizeof(cbuf), " new minimum"); TEST_EQ(m, sizeof(cbuf), " new minimum");
m = desc_end + 4; m = desc_end + 4;
TEST_EQ(vb2_verify_common_subobject(cbuf, &m, desc_end), TEST_EQ(vb21_verify_common_subobject(cbuf, &m, desc_end),
VB2_ERROR_COMMON_MEMBER_OVERLAP, VB2_ERROR_COMMON_MEMBER_OVERLAP,
"vb2_verify_common_subobject() overlap"); "vb21_verify_common_subobject() overlap");
m = 0; m = 0;
c2->total_size += 4; c2->total_size += 4;
TEST_EQ(vb2_verify_common_subobject(cbuf, &m, desc_end), TEST_EQ(vb21_verify_common_subobject(cbuf, &m, desc_end),
VB2_ERROR_COMMON_TOTAL_SIZE, VB2_ERROR_COMMON_TOTAL_SIZE,
"vb2_verify_common_subobject() size"); "vb21_verify_common_subobject() size");
} }
/** /**
@@ -217,7 +217,7 @@ static void test_sig_size(void)
*/ */
static void test_verify_hash(void) static void test_verify_hash(void)
{ {
struct vb2_signature *sig; struct vb21_signature *sig;
const struct vb2_private_key *prik; const struct vb2_private_key *prik;
struct vb2_public_key pubk; struct vb2_public_key pubk;
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES] uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]
@@ -232,16 +232,17 @@ static void test_verify_hash(void)
"create hash key"); "create hash key");
/* Create the signature */ /* Create the signature */
TEST_SUCC(vb2_sign_data(&sig, test_data, sizeof(test_data), prik, NULL), TEST_SUCC(vb21_sign_data(&sig, test_data, sizeof(test_data),
prik, NULL),
"create hash sig"); "create hash sig");
TEST_SUCC(vb2_verify_data(test_data, sizeof(test_data), TEST_SUCC(vb21_verify_data(test_data, sizeof(test_data),
sig, &pubk, &wb), sig, &pubk, &wb),
"vb2_verify_data() hash ok"); "vb21_verify_data() hash ok");
*((uint8_t *)sig + sig->sig_offset) ^= 0xab; *((uint8_t *)sig + sig->sig_offset) ^= 0xab;
TEST_EQ(vb2_verify_data(test_data, sizeof(test_data), sig, &pubk, &wb), TEST_EQ(vb21_verify_data(test_data, sizeof(test_data), sig, &pubk, &wb),
VB2_ERROR_VDATA_VERIFY_DIGEST, "vb2_verify_data() hash bad"); VB2_ERROR_VDATA_VERIFY_DIGEST, "vb21_verify_data() hash bad");
free(sig); free(sig);
} }
@@ -254,8 +255,8 @@ static void test_verify_keyblock(void)
const char desc[16] = "test keyblock"; const char desc[16] = "test keyblock";
const struct vb2_private_key *prik[2]; const struct vb2_private_key *prik[2];
struct vb2_public_key pubk, pubk2, pubk3; struct vb2_public_key pubk, pubk2, pubk3;
struct vb2_signature *sig; struct vb21_signature *sig;
struct vb2_keyblock *kbuf; struct vb21_keyblock *kbuf;
uint32_t buf_size; uint32_t buf_size;
uint8_t *buf, *buf2; uint8_t *buf, *buf2;
@@ -276,7 +277,7 @@ static void test_verify_keyblock(void)
"create private key 2"); "create private key 2");
/* Create the test keyblock */ /* Create the test keyblock */
TEST_SUCC(vb2_keyblock_create(&kbuf, &pubk3, prik, 2, 0x4321, desc), TEST_SUCC(vb21_keyblock_create(&kbuf, &pubk3, prik, 2, 0x4321, desc),
"create keyblock"); "create keyblock");
buf = (uint8_t *)kbuf; buf = (uint8_t *)kbuf;
@@ -287,86 +288,86 @@ static void test_verify_keyblock(void)
memcpy(buf2, buf, buf_size); memcpy(buf2, buf, buf_size);
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
kbuf = (struct vb2_keyblock *)buf; kbuf = (struct vb21_keyblock *)buf;
TEST_SUCC(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_SUCC(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
"vb2_verify_keyblock()"); "vb21_verify_keyblock()");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
TEST_SUCC(vb2_verify_keyblock(kbuf, buf_size, &pubk2, &wb), TEST_SUCC(vb21_verify_keyblock(kbuf, buf_size, &pubk2, &wb),
"vb2_verify_keyblock() key 2"); "vb21_verify_keyblock() key 2");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk3, &wb), TEST_EQ(vb21_verify_keyblock(kbuf, buf_size, &pubk3, &wb),
VB2_ERROR_KEYBLOCK_SIG_ID, VB2_ERROR_KEYBLOCK_SIG_ID,
"vb2_verify_keyblock() key not present"); "vb21_verify_keyblock() key not present");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
kbuf->c.magic = VB2_MAGIC_PACKED_KEY; kbuf->c.magic = VB21_MAGIC_PACKED_KEY;
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
VB2_ERROR_KEYBLOCK_MAGIC, VB2_ERROR_KEYBLOCK_MAGIC,
"vb2_verify_keyblock() magic"); "vb21_verify_keyblock() magic");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
kbuf->c.fixed_size++; kbuf->c.fixed_size++;
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
VB2_ERROR_COMMON_FIXED_UNALIGNED, VB2_ERROR_COMMON_FIXED_UNALIGNED,
"vb2_verify_keyblock() header"); "vb21_verify_keyblock() header");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
kbuf->c.struct_version_major++; kbuf->c.struct_version_major++;
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
VB2_ERROR_KEYBLOCK_HEADER_VERSION, VB2_ERROR_KEYBLOCK_HEADER_VERSION,
"vb2_verify_keyblock() major version"); "vb21_verify_keyblock() major version");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
kbuf->c.struct_version_minor++; kbuf->c.struct_version_minor++;
/* That changes the signature, so resign the keyblock */ /* That changes the signature, so resign the keyblock */
vb2_sign_data(&sig, buf, kbuf->sig_offset, prik[0], NULL); vb21_sign_data(&sig, buf, kbuf->sig_offset, prik[0], NULL);
memcpy(buf + kbuf->sig_offset, sig, sig->c.total_size); memcpy(buf + kbuf->sig_offset, sig, sig->c.total_size);
free(sig); free(sig);
TEST_SUCC(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_SUCC(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
"vb2_verify_keyblock() minor version"); "vb21_verify_keyblock() minor version");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
kbuf->c.fixed_size -= 4; kbuf->c.fixed_size -= 4;
kbuf->c.desc_size += 4; kbuf->c.desc_size += 4;
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
VB2_ERROR_KEYBLOCK_SIZE, VB2_ERROR_KEYBLOCK_SIZE,
"vb2_verify_keyblock() header size"); "vb21_verify_keyblock() header size");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
kbuf->key_offset = kbuf->c.total_size - 4; kbuf->key_offset = kbuf->c.total_size - 4;
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
VB2_ERROR_COMMON_MEMBER_SIZE, VB2_ERROR_COMMON_MEMBER_SIZE,
"vb2_verify_keyblock() data key outside"); "vb21_verify_keyblock() data key outside");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
sig = (struct vb2_signature *)(buf + kbuf->sig_offset); sig = (struct vb21_signature *)(buf + kbuf->sig_offset);
sig->data_size--; sig->data_size--;
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
VB2_ERROR_KEYBLOCK_SIGNED_SIZE, VB2_ERROR_KEYBLOCK_SIGNED_SIZE,
"vb2_verify_keyblock() signed wrong size"); "vb21_verify_keyblock() signed wrong size");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
sig = (struct vb2_signature *)(buf + kbuf->sig_offset); sig = (struct vb21_signature *)(buf + kbuf->sig_offset);
sig->c.total_size = kbuf->c.total_size - 4; sig->c.total_size = kbuf->c.total_size - 4;
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
VB2_ERROR_COMMON_TOTAL_SIZE, VB2_ERROR_COMMON_TOTAL_SIZE,
"vb2_verify_keyblock() key outside keyblock"); "vb21_verify_keyblock() key outside keyblock");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
sig = (struct vb2_signature *)(buf + kbuf->sig_offset); sig = (struct vb21_signature *)(buf + kbuf->sig_offset);
sig->c.struct_version_major++; sig->c.struct_version_major++;
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
VB2_ERROR_SIG_VERSION, VB2_ERROR_SIG_VERSION,
"vb2_verify_keyblock() corrupt key"); "vb21_verify_keyblock() corrupt key");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
kbuf->c.struct_version_minor++; kbuf->c.struct_version_minor++;
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_keyblock(kbuf, buf_size, &pubk, &wb),
VB2_ERROR_VDATA_VERIFY_DIGEST, VB2_ERROR_VDATA_VERIFY_DIGEST,
"vb2_verify_keyblock() corrupt"); "vb21_verify_keyblock() corrupt");
free(buf); free(buf);
free(buf2); free(buf2);
@@ -379,10 +380,10 @@ static void test_verify_fw_preamble(void)
{ {
const char desc[16] = "test preamble"; const char desc[16] = "test preamble";
const struct vb2_private_key *prikhash; const struct vb2_private_key *prikhash;
struct vb2_signature *hashes[3]; struct vb21_signature *hashes[3];
struct vb2_public_key pubk; struct vb2_public_key pubk;
struct vb2_signature *sig; struct vb21_signature *sig;
struct vb2_fw_preamble *pre; struct vb21_fw_preamble *pre;
uint32_t buf_size; uint32_t buf_size;
uint8_t *buf, *buf2; uint8_t *buf, *buf2;
@@ -392,7 +393,7 @@ static void test_verify_fw_preamble(void)
/* /*
* Preambles will usually be signed with a real key not a bare hash, * Preambles will usually be signed with a real key not a bare hash,
* but the call to vb2_verify_data() inside the preamble check is the * but the call to vb21_verify_data() inside the preamble check is the
* same (and its functionality is verified separately), and using a * same (and its functionality is verified separately), and using a
* bare hash here saves us from needing to have a private key to do * bare hash here saves us from needing to have a private key to do
* this test. * this test.
@@ -403,20 +404,21 @@ static void test_verify_fw_preamble(void)
"Create private hash key"); "Create private hash key");
/* Create some signatures */ /* Create some signatures */
TEST_SUCC(vb2_sign_data(hashes + 0, test_data, sizeof(test_data), TEST_SUCC(vb21_sign_data(hashes + 0, test_data, sizeof(test_data),
prikhash, "Hash 1"), prikhash, "Hash 1"),
"Hash 1"); "Hash 1");
TEST_SUCC(vb2_sign_data(hashes + 1, test_data2, sizeof(test_data2), TEST_SUCC(vb21_sign_data(hashes + 1, test_data2, sizeof(test_data2),
prikhash, "Hash 2"), prikhash, "Hash 2"),
"Hash 2"); "Hash 2");
TEST_SUCC(vb2_sign_data(hashes + 2, test_data3, sizeof(test_data3), TEST_SUCC(vb21_sign_data(hashes + 2, test_data3, sizeof(test_data3),
prikhash, "Hash 3"), prikhash, "Hash 3"),
"Hash 3"); "Hash 3");
/* Test good preamble */ /* Test good preamble */
TEST_SUCC(vb2_fw_preamble_create(&pre, prikhash, TEST_SUCC(vb21_fw_preamble_create(
(const struct vb2_signature **)hashes, &pre, prikhash,
3, 0x1234, 0x5678, desc), (const struct vb21_signature **)hashes,
3, 0x1234, 0x5678, desc),
"Create preamble good"); "Create preamble good");
buf = (uint8_t *)pre; buf = (uint8_t *)pre;
@@ -427,84 +429,84 @@ static void test_verify_fw_preamble(void)
memcpy(buf2, buf, buf_size); memcpy(buf2, buf, buf_size);
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
pre = (struct vb2_fw_preamble *)buf; pre = (struct vb21_fw_preamble *)buf;
TEST_SUCC(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_SUCC(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
"vb2_verify_fw_preamble()"); "vb21_verify_fw_preamble()");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
pre->c.magic = VB2_MAGIC_PACKED_KEY; pre->c.magic = VB21_MAGIC_PACKED_KEY;
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
VB2_ERROR_PREAMBLE_MAGIC, VB2_ERROR_PREAMBLE_MAGIC,
"vb2_verify_fw_preamble() magic"); "vb21_verify_fw_preamble() magic");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
pre->c.fixed_size++; pre->c.fixed_size++;
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
VB2_ERROR_COMMON_FIXED_UNALIGNED, VB2_ERROR_COMMON_FIXED_UNALIGNED,
"vb2_verify_fw_preamble() header"); "vb21_verify_fw_preamble() header");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
pre->c.struct_version_major++; pre->c.struct_version_major++;
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
VB2_ERROR_PREAMBLE_HEADER_VERSION, VB2_ERROR_PREAMBLE_HEADER_VERSION,
"vb2_verify_fw_preamble() major version"); "vb21_verify_fw_preamble() major version");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
pre->c.struct_version_minor++; pre->c.struct_version_minor++;
/* That changes the signature, so resign the fw_preamble */ /* That changes the signature, so resign the fw_preamble */
vb2_sign_data(&sig, buf, pre->sig_offset, prikhash, NULL); vb21_sign_data(&sig, buf, pre->sig_offset, prikhash, NULL);
memcpy(buf + pre->sig_offset, sig, sig->c.total_size); memcpy(buf + pre->sig_offset, sig, sig->c.total_size);
free(sig); free(sig);
TEST_SUCC(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_SUCC(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
"vb2_verify_fw_preamble() minor version"); "vb21_verify_fw_preamble() minor version");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
pre->c.fixed_size -= 4; pre->c.fixed_size -= 4;
pre->c.desc_size += 4; pre->c.desc_size += 4;
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
VB2_ERROR_PREAMBLE_SIZE, VB2_ERROR_PREAMBLE_SIZE,
"vb2_verify_fw_preamble() header size"); "vb21_verify_fw_preamble() header size");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
sig = (struct vb2_signature *)(buf + pre->hash_offset); sig = (struct vb21_signature *)(buf + pre->hash_offset);
sig->c.total_size += pre->c.total_size; sig->c.total_size += pre->c.total_size;
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
VB2_ERROR_COMMON_TOTAL_SIZE, VB2_ERROR_COMMON_TOTAL_SIZE,
"vb2_verify_fw_preamble() hash size"); "vb21_verify_fw_preamble() hash size");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
sig = (struct vb2_signature *)(buf + pre->hash_offset); sig = (struct vb21_signature *)(buf + pre->hash_offset);
sig->sig_size /= 2; sig->sig_size /= 2;
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
VB2_ERROR_SIG_SIZE, VB2_ERROR_SIG_SIZE,
"vb2_verify_fw_preamble() hash integrity"); "vb21_verify_fw_preamble() hash integrity");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
pre->hash_count++; pre->hash_count++;
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
VB2_ERROR_COMMON_MEMBER_OVERLAP, VB2_ERROR_COMMON_MEMBER_OVERLAP,
"vb2_verify_fw_preamble() hash count"); "vb21_verify_fw_preamble() hash count");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
sig = (struct vb2_signature *)(buf + pre->sig_offset); sig = (struct vb21_signature *)(buf + pre->sig_offset);
sig->c.total_size += 4; sig->c.total_size += 4;
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
VB2_ERROR_COMMON_TOTAL_SIZE, VB2_ERROR_COMMON_TOTAL_SIZE,
"vb2_verify_fw_preamble() sig inside"); "vb21_verify_fw_preamble() sig inside");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
sig = (struct vb2_signature *)(buf + pre->sig_offset); sig = (struct vb21_signature *)(buf + pre->sig_offset);
buf[pre->sig_offset + sig->sig_offset]++; buf[pre->sig_offset + sig->sig_offset]++;
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
VB2_ERROR_VDATA_VERIFY_DIGEST, VB2_ERROR_VDATA_VERIFY_DIGEST,
"vb2_verify_fw_preamble() sig corrupt"); "vb21_verify_fw_preamble() sig corrupt");
memcpy(buf, buf2, buf_size); memcpy(buf, buf2, buf_size);
pre->flags++; pre->flags++;
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), TEST_EQ(vb21_verify_fw_preamble(pre, buf_size, &pubk, &wb),
VB2_ERROR_VDATA_VERIFY_DIGEST, VB2_ERROR_VDATA_VERIFY_DIGEST,
"vb2_verify_fw_preamble() preamble corrupt"); "vb21_verify_fw_preamble() preamble corrupt");
free(buf); free(buf);
free(buf2); free(buf2);

37
tests/vb21_host_fw_preamble_tests.c
View File

@@ -12,7 +12,7 @@
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_fw_preamble2.h" #include "host_fw_preamble2.h"
@@ -29,9 +29,9 @@ static void preamble_tests(const char *keys_dir)
{ {
struct vb2_private_key *prik4096; struct vb2_private_key *prik4096;
struct vb2_public_key *pubk4096; struct vb2_public_key *pubk4096;
struct vb2_fw_preamble *fp; struct vb21_fw_preamble *fp;
const struct vb2_private_key *prikhash; const struct vb2_private_key *prikhash;
struct vb2_signature *hashes[3]; struct vb21_signature *hashes[3];
char fname[1024]; char fname[1024];
const char test_desc[] = "Test fw preamble"; const char test_desc[] = "Test fw preamble";
const uint32_t test_version = 2061; const uint32_t test_version = 2061;
@@ -63,26 +63,25 @@ static void preamble_tests(const char *keys_dir)
"Create private hash key"); "Create private hash key");
/* Create some signatures */ /* Create some signatures */
TEST_SUCC(vb2_sign_data(hashes + 0, test_data1, sizeof(test_data1), TEST_SUCC(vb21_sign_data(hashes + 0, test_data1, sizeof(test_data1),
prikhash, "Hash 1"), prikhash, "Hash 1"),
"Hash 1"); "Hash 1");
TEST_SUCC(vb2_sign_data(hashes + 1, test_data2, sizeof(test_data2), TEST_SUCC(vb21_sign_data(hashes + 1, test_data2, sizeof(test_data2),
prikhash, "Hash 2"), prikhash, "Hash 2"),
"Hash 2"); "Hash 2");
TEST_SUCC(vb2_sign_data(hashes + 2, test_data3, sizeof(test_data3), TEST_SUCC(vb21_sign_data(hashes + 2, test_data3, sizeof(test_data3),
prikhash, "Hash 3"), prikhash, "Hash 3"),
"Hash 3"); "Hash 3");
/* Test good preamble */ /* Test good preamble */
TEST_SUCC(vb2_fw_preamble_create(&fp, prik4096, TEST_SUCC(vb21_fw_preamble_create(
(const struct vb2_signature **)hashes, &fp, prik4096, (const struct vb21_signature **)hashes,
3, test_version, test_flags, 3, test_version, test_flags, test_desc),
test_desc),
"Create preamble good"); "Create preamble good");
TEST_PTR_NEQ(fp, NULL, " fp_ptr"); TEST_PTR_NEQ(fp, NULL, " fp_ptr");
TEST_SUCC(vb2_verify_fw_preamble(fp, fp->c.total_size, pubk4096, &wb), TEST_SUCC(vb21_verify_fw_preamble(fp, fp->c.total_size, pubk4096, &wb),
"Verify preamble good"); "Verify preamble good");
TEST_EQ(strcmp(vb2_common_desc(fp), test_desc), 0, " desc"); TEST_EQ(strcmp(vb21_common_desc(fp), test_desc), 0, " desc");
TEST_EQ(fp->fw_version, test_version, " fw_version"); TEST_EQ(fp->fw_version, test_version, " fw_version");
TEST_EQ(fp->flags, test_flags, " flags"); TEST_EQ(fp->flags, test_flags, " flags");
TEST_EQ(fp->hash_count, 3, " hash_count"); TEST_EQ(fp->hash_count, 3, " hash_count");
@@ -98,10 +97,10 @@ static void preamble_tests(const char *keys_dir)
/* Test errors */ /* Test errors */
prik4096->hash_alg = VB2_HASH_INVALID; prik4096->hash_alg = VB2_HASH_INVALID;
TEST_EQ(vb2_fw_preamble_create(&fp, prik4096, TEST_EQ(vb21_fw_preamble_create(&fp, prik4096,
(const struct vb2_signature **)hashes, (const struct vb21_signature **)hashes,
3, test_version, test_flags, 3, test_version, test_flags,
test_desc), test_desc),
VB2_FW_PREAMBLE_CREATE_SIG_SIZE, VB2_FW_PREAMBLE_CREATE_SIG_SIZE,
"Create preamble bad sig"); "Create preamble bad sig");
TEST_PTR_EQ(fp, NULL, " fp_ptr"); TEST_PTR_EQ(fp, NULL, " fp_ptr");

60
tests/vb21_host_key_tests.c
View File

@@ -11,7 +11,7 @@
#include "2sysincludes.h" #include "2sysincludes.h"
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_key2.h" #include "host_key2.h"
@@ -35,7 +35,7 @@ static void private_key_tests(const struct alg_combo *combo,
{ {
struct vb2_private_key *key, *k2; struct vb2_private_key *key, *k2;
const struct vb2_private_key *ckey; const struct vb2_private_key *ckey;
struct vb2_packed_private_key *pkey; struct vb21_packed_private_key *pkey;
char *testfile; char *testfile;
const char *notapem = "not_a_pem"; const char *notapem = "not_a_pem";
const char *testdesc = "test desc"; const char *testdesc = "test desc";
@@ -78,13 +78,13 @@ static void private_key_tests(const struct alg_combo *combo,
unlink(testfile); unlink(testfile);
TEST_EQ(vb2_private_key_read(&k2, testfile), TEST_EQ(vb21_private_key_read(&k2, testfile),
VB2_ERROR_READ_FILE_OPEN, "Read key no file"); VB2_ERROR_READ_FILE_OPEN, "Read key no file");
TEST_EQ(vb2_private_key_write(key, "no/such/dir"), TEST_EQ(vb21_private_key_write(key, "no/such/dir"),
VB2_ERROR_PRIVATE_KEY_WRITE_FILE, "Write key to bad path"); VB2_ERROR_PRIVATE_KEY_WRITE_FILE, "Write key to bad path");
TEST_SUCC(vb2_private_key_write(key, testfile), "Write key good"); TEST_SUCC(vb21_private_key_write(key, testfile), "Write key good");
TEST_SUCC(vb2_private_key_read(&k2, testfile), "Read key good"); TEST_SUCC(vb21_private_key_read(&k2, testfile), "Read key good");
TEST_PTR_NEQ(k2, NULL, " key_ptr"); TEST_PTR_NEQ(k2, NULL, " key_ptr");
TEST_EQ(k2->sig_alg, key->sig_alg, " sig alg"); TEST_EQ(k2->sig_alg, key->sig_alg, " sig alg");
TEST_EQ(k2->hash_alg, key->hash_alg, " hash alg"); TEST_EQ(k2->hash_alg, key->hash_alg, " hash alg");
@@ -93,56 +93,56 @@ static void private_key_tests(const struct alg_combo *combo,
vb2_private_key_free(k2); vb2_private_key_free(k2);
TEST_SUCC(vb2_read_file(testfile, &buf, &bufsize), "Read key raw"); TEST_SUCC(vb2_read_file(testfile, &buf, &bufsize), "Read key raw");
pkey = (struct vb2_packed_private_key *)buf; pkey = (struct vb21_packed_private_key *)buf;
/* Make a backup of the good buffer so we can mangle it */ /* Make a backup of the good buffer so we can mangle it */
buf2 = malloc(bufsize); buf2 = malloc(bufsize);
memcpy(buf2, buf, bufsize); memcpy(buf2, buf, bufsize);
TEST_SUCC(vb2_private_key_unpack(&k2, buf, bufsize), TEST_SUCC(vb21_private_key_unpack(&k2, buf, bufsize),
"Unpack private key good"); "Unpack private key good");
vb2_private_key_free(k2); vb2_private_key_free(k2);
memcpy(buf, buf2, bufsize); memcpy(buf, buf2, bufsize);
pkey->c.magic = VB2_MAGIC_PACKED_KEY; pkey->c.magic = VB21_MAGIC_PACKED_KEY;
TEST_EQ(vb2_private_key_unpack(&k2, buf, bufsize), TEST_EQ(vb21_private_key_unpack(&k2, buf, bufsize),
VB2_ERROR_UNPACK_PRIVATE_KEY_MAGIC, VB2_ERROR_UNPACK_PRIVATE_KEY_MAGIC,
"Unpack private key bad magic"); "Unpack private key bad magic");
TEST_PTR_EQ(k2, NULL, " key_ptr"); TEST_PTR_EQ(k2, NULL, " key_ptr");
memcpy(buf, buf2, bufsize); memcpy(buf, buf2, bufsize);
pkey->c.desc_size++; pkey->c.desc_size++;
TEST_EQ(vb2_private_key_unpack(&k2, buf, bufsize), TEST_EQ(vb21_private_key_unpack(&k2, buf, bufsize),
VB2_ERROR_UNPACK_PRIVATE_KEY_HEADER, VB2_ERROR_UNPACK_PRIVATE_KEY_HEADER,
"Unpack private key bad header"); "Unpack private key bad header");
memcpy(buf, buf2, bufsize); memcpy(buf, buf2, bufsize);
pkey->key_size += pkey->c.total_size; pkey->key_size += pkey->c.total_size;
TEST_EQ(vb2_private_key_unpack(&k2, buf, bufsize), TEST_EQ(vb21_private_key_unpack(&k2, buf, bufsize),
VB2_ERROR_UNPACK_PRIVATE_KEY_DATA, VB2_ERROR_UNPACK_PRIVATE_KEY_DATA,
"Unpack private key bad data size"); "Unpack private key bad data size");
memcpy(buf, buf2, bufsize); memcpy(buf, buf2, bufsize);
pkey->c.struct_version_major++; pkey->c.struct_version_major++;
TEST_EQ(vb2_private_key_unpack(&k2, buf, bufsize), TEST_EQ(vb21_private_key_unpack(&k2, buf, bufsize),
VB2_ERROR_UNPACK_PRIVATE_KEY_STRUCT_VERSION, VB2_ERROR_UNPACK_PRIVATE_KEY_STRUCT_VERSION,
"Unpack private key bad struct version"); "Unpack private key bad struct version");
memcpy(buf, buf2, bufsize); memcpy(buf, buf2, bufsize);
pkey->c.struct_version_minor++; pkey->c.struct_version_minor++;
TEST_SUCC(vb2_private_key_unpack(&k2, buf, bufsize), TEST_SUCC(vb21_private_key_unpack(&k2, buf, bufsize),
"Unpack private key minor version"); "Unpack private key minor version");
vb2_private_key_free(k2); vb2_private_key_free(k2);
memcpy(buf, buf2, bufsize); memcpy(buf, buf2, bufsize);
pkey->key_size -= 32; pkey->key_size -= 32;
TEST_EQ(vb2_private_key_unpack(&k2, buf, bufsize), TEST_EQ(vb21_private_key_unpack(&k2, buf, bufsize),
VB2_ERROR_UNPACK_PRIVATE_KEY_RSA, VB2_ERROR_UNPACK_PRIVATE_KEY_RSA,
"Unpack private key bad rsa data"); "Unpack private key bad rsa data");
memcpy(buf, buf2, bufsize); memcpy(buf, buf2, bufsize);
pkey->sig_alg = VB2_SIG_NONE; pkey->sig_alg = VB2_SIG_NONE;
TEST_EQ(vb2_private_key_unpack(&k2, buf, bufsize), TEST_EQ(vb21_private_key_unpack(&k2, buf, bufsize),
VB2_ERROR_UNPACK_PRIVATE_KEY_HASH, VB2_ERROR_UNPACK_PRIVATE_KEY_HASH,
"Unpack private key hash but has data"); "Unpack private key hash but has data");
@@ -162,8 +162,8 @@ static void private_key_tests(const struct alg_combo *combo,
TEST_EQ(memcmp(&ckey->id, vb2_hash_id(combo->hash_alg), TEST_EQ(memcmp(&ckey->id, vb2_hash_id(combo->hash_alg),
sizeof(ckey->id)), 0, " id"); sizeof(ckey->id)), 0, " id");
TEST_SUCC(vb2_private_key_write(ckey, testfile), "Write hash key"); TEST_SUCC(vb21_private_key_write(ckey, testfile), "Write hash key");
TEST_SUCC(vb2_private_key_read(&key, testfile), "Read hash key"); TEST_SUCC(vb21_private_key_read(&key, testfile), "Read hash key");
unlink(testfile); unlink(testfile);
} }
@@ -171,7 +171,7 @@ static void public_key_tests(const struct alg_combo *combo,
const char *keybfile, const char *temp_dir) const char *keybfile, const char *temp_dir)
{ {
struct vb2_public_key *key, k2; struct vb2_public_key *key, k2;
struct vb2_packed_key *pkey; struct vb21_packed_key *pkey;
char *testfile; char *testfile;
const char *testdesc = "test desc"; const char *testdesc = "test desc";
const struct vb2_id test_id = {.raw = {0xbb}}; const struct vb2_id test_id = {.raw = {0xbb}};
@@ -221,15 +221,15 @@ static void public_key_tests(const struct alg_combo *combo,
key->id = &test_id; key->id = &test_id;
key->version = test_version; key->version = test_version;
TEST_SUCC(vb2_public_key_pack(&pkey, key), "Pack public key"); TEST_SUCC(vb21_public_key_pack(&pkey, key), "Pack public key");
TEST_PTR_NEQ(pkey, NULL, " key_ptr"); TEST_PTR_NEQ(pkey, NULL, " key_ptr");
TEST_EQ(pkey->hash_alg, key->hash_alg, " hash_alg"); TEST_EQ(pkey->hash_alg, key->hash_alg, " hash_alg");
TEST_EQ(pkey->sig_alg, key->sig_alg, " sig_alg"); TEST_EQ(pkey->sig_alg, key->sig_alg, " sig_alg");
TEST_EQ(pkey->key_version, key->version, " version"); TEST_EQ(pkey->key_version, key->version, " version");
TEST_EQ(memcmp(&pkey->id, key->id, sizeof(pkey->id)), 0, TEST_EQ(memcmp(&pkey->id, key->id, sizeof(pkey->id)), 0,
" id"); " id");
TEST_EQ(strcmp(vb2_common_desc(pkey), key->desc), 0, " desc"); TEST_EQ(strcmp(vb21_common_desc(pkey), key->desc), 0, " desc");
TEST_SUCC(vb2_unpack_key(&k2, (uint8_t *)pkey, pkey->c.total_size), TEST_SUCC(vb21_unpack_key(&k2, (uint8_t *)pkey, pkey->c.total_size),
"Unpack public key"); "Unpack public key");
TEST_EQ(key->arrsize, k2.arrsize, " arrsize"); TEST_EQ(key->arrsize, k2.arrsize, " arrsize");
TEST_EQ(key->n0inv, k2.n0inv, " n0inv"); TEST_EQ(key->n0inv, k2.n0inv, " n0inv");
@@ -238,27 +238,27 @@ static void public_key_tests(const struct alg_combo *combo,
TEST_EQ(memcmp(key->rr, k2.rr, key->arrsize * sizeof(uint32_t)), 0, TEST_EQ(memcmp(key->rr, k2.rr, key->arrsize * sizeof(uint32_t)), 0,
" rr"); " rr");
TEST_SUCC(vb2_write_object(testfile, pkey), "Write packed key"); TEST_SUCC(vb21_write_object(testfile, pkey), "Write packed key");
free(pkey); free(pkey);
TEST_SUCC(vb2_packed_key_read(&pkey, testfile), "Read packed key"); TEST_SUCC(vb21_packed_key_read(&pkey, testfile), "Read packed key");
TEST_PTR_NEQ(pkey, NULL, " key_ptr"); TEST_PTR_NEQ(pkey, NULL, " key_ptr");
unlink(testfile); unlink(testfile);
pkey->hash_alg = VB2_HASH_INVALID; pkey->hash_alg = VB2_HASH_INVALID;
TEST_SUCC(vb2_write_object(testfile, pkey), "Write bad packed key"); TEST_SUCC(vb21_write_object(testfile, pkey), "Write bad packed key");
free(pkey); free(pkey);
TEST_EQ(vb2_packed_key_read(&pkey, testfile), TEST_EQ(vb21_packed_key_read(&pkey, testfile),
VB2_ERROR_READ_PACKED_KEY, "Read bad packed key"); VB2_ERROR_READ_PACKED_KEY, "Read bad packed key");
TEST_PTR_EQ(pkey, NULL, " key_ptr"); TEST_PTR_EQ(pkey, NULL, " key_ptr");
unlink(testfile); unlink(testfile);
TEST_EQ(vb2_packed_key_read(&pkey, testfile), TEST_EQ(vb21_packed_key_read(&pkey, testfile),
VB2_ERROR_READ_PACKED_KEY_DATA, "Read missing packed key"); VB2_ERROR_READ_PACKED_KEY_DATA, "Read missing packed key");
key->sig_alg = VB2_SIG_INVALID; key->sig_alg = VB2_SIG_INVALID;
TEST_EQ(vb2_public_key_pack(&pkey, key), TEST_EQ(vb21_public_key_pack(&pkey, key),
VB2_ERROR_PUBLIC_KEY_PACK_SIZE, VB2_ERROR_PUBLIC_KEY_PACK_SIZE,
"Pack invalid sig alg"); "Pack invalid sig alg");
vb2_public_key_free(key); vb2_public_key_free(key);
@@ -273,9 +273,9 @@ static void public_key_tests(const struct alg_combo *combo,
TEST_EQ(memcmp(k2.id, vb2_hash_id(combo->hash_alg), TEST_EQ(memcmp(k2.id, vb2_hash_id(combo->hash_alg),
sizeof(*k2.id)), 0, " id"); sizeof(*k2.id)), 0, " id");
TEST_SUCC(vb2_public_key_pack(&pkey, &k2), "Pack public hash key"); TEST_SUCC(vb21_public_key_pack(&pkey, &k2), "Pack public hash key");
TEST_PTR_NEQ(pkey, NULL, " key_ptr"); TEST_PTR_NEQ(pkey, NULL, " key_ptr");
TEST_SUCC(vb2_unpack_key(&k2, (uint8_t *)pkey, pkey->c.total_size), TEST_SUCC(vb21_unpack_key(&k2, (uint8_t *)pkey, pkey->c.total_size),
"Unpack public hash key"); "Unpack public hash key");
free(pkey); free(pkey);
} }

28
tests/vb21_host_keyblock_tests.c
View File

@@ -11,7 +11,7 @@
#include "2sysincludes.h" #include "2sysincludes.h"
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_key2.h" #include "host_key2.h"
#include "host_keyblock2.h" #include "host_keyblock2.h"
@@ -22,8 +22,8 @@ static void keyblock_tests(const char *keys_dir)
{ {
struct vb2_public_key *pubk2048, *pubk4096, *pubk8192, pubkhash; struct vb2_public_key *pubk2048, *pubk4096, *pubk8192, pubkhash;
struct vb2_private_key *prik4096, *prik8192; struct vb2_private_key *prik4096, *prik8192;
struct vb2_packed_key *pak, *pakgood; struct vb21_packed_key *pak, *pakgood;
struct vb2_keyblock *kb; struct vb21_keyblock *kb;
const struct vb2_private_key *prikhash; const struct vb2_private_key *prikhash;
const struct vb2_private_key *prik[2]; const struct vb2_private_key *prik[2];
char fname[1024]; char fname[1024];
@@ -74,45 +74,45 @@ static void keyblock_tests(const char *keys_dir)
TEST_SUCC(vb2_public_key_hash(&pubkhash, VB2_HASH_SHA512), TEST_SUCC(vb2_public_key_hash(&pubkhash, VB2_HASH_SHA512),
"Create public hash key"); "Create public hash key");
TEST_SUCC(vb2_public_key_pack(&pakgood, pubk2048), "Test packed key"); TEST_SUCC(vb21_public_key_pack(&pakgood, pubk2048), "Test packed key");
/* Sign a keyblock with one key */ /* Sign a keyblock with one key */
prik[0] = prik4096; prik[0] = prik4096;
TEST_SUCC(vb2_keyblock_create(&kb, pubk2048, prik, 1, 0x1234, NULL), TEST_SUCC(vb21_keyblock_create(&kb, pubk2048, prik, 1, 0x1234, NULL),
"Keyblock single"); "Keyblock single");
TEST_PTR_NEQ(kb, NULL, " kb_ptr"); TEST_PTR_NEQ(kb, NULL, " kb_ptr");
TEST_SUCC(vb2_verify_keyblock(kb, kb->c.total_size, pubk4096, &wb), TEST_SUCC(vb21_verify_keyblock(kb, kb->c.total_size, pubk4096, &wb),
" verify"); " verify");
TEST_EQ(strcmp(vb2_common_desc(kb), pubk2048->desc), 0, " desc"); TEST_EQ(strcmp(vb21_common_desc(kb), pubk2048->desc), 0, " desc");
TEST_EQ(kb->flags, 0x1234, " flags"); TEST_EQ(kb->flags, 0x1234, " flags");
pak = (struct vb2_packed_key *)((uint8_t *)kb + kb->key_offset); pak = (struct vb21_packed_key *)((uint8_t *)kb + kb->key_offset);
TEST_EQ(0, memcmp(pak, pakgood, pakgood->c.total_size), " data key"); TEST_EQ(0, memcmp(pak, pakgood, pakgood->c.total_size), " data key");
free(kb); free(kb);
/* Sign a keyblock with two keys */ /* Sign a keyblock with two keys */
prik[0] = prik8192; prik[0] = prik8192;
prik[1] = prikhash; prik[1] = prikhash;
TEST_SUCC(vb2_keyblock_create(&kb, pubk4096, prik, 2, 0, test_desc), TEST_SUCC(vb21_keyblock_create(&kb, pubk4096, prik, 2, 0, test_desc),
"Keyblock multiple"); "Keyblock multiple");
TEST_SUCC(vb2_verify_keyblock(kb, kb->c.total_size, pubk8192, &wb), TEST_SUCC(vb21_verify_keyblock(kb, kb->c.total_size, pubk8192, &wb),
" verify 1"); " verify 1");
TEST_SUCC(vb2_verify_keyblock(kb, kb->c.total_size, &pubkhash, &wb), TEST_SUCC(vb21_verify_keyblock(kb, kb->c.total_size, &pubkhash, &wb),
" verify 2"); " verify 2");
TEST_EQ(strcmp(vb2_common_desc(kb), test_desc), 0, " desc"); TEST_EQ(strcmp(vb21_common_desc(kb), test_desc), 0, " desc");
TEST_EQ(kb->flags, 0, " flags"); TEST_EQ(kb->flags, 0, " flags");
free(kb); free(kb);
/* Test errors */ /* Test errors */
prik[0] = prik8192; prik[0] = prik8192;
prik8192->hash_alg = VB2_HASH_INVALID; prik8192->hash_alg = VB2_HASH_INVALID;
TEST_EQ(vb2_keyblock_create(&kb, pubk4096, prik, 1, 0, NULL), TEST_EQ(vb21_keyblock_create(&kb, pubk4096, prik, 1, 0, NULL),
VB2_KEYBLOCK_CREATE_SIG_SIZE, "Keyblock bad sig size"); VB2_KEYBLOCK_CREATE_SIG_SIZE, "Keyblock bad sig size");
TEST_PTR_EQ(kb, NULL, " kb_ptr"); TEST_PTR_EQ(kb, NULL, " kb_ptr");
prik[0] = prik4096; prik[0] = prik4096;
pubk4096->sig_alg = VB2_SIG_INVALID; pubk4096->sig_alg = VB2_SIG_INVALID;
TEST_EQ(vb2_keyblock_create(&kb, pubk4096, prik, 1, 0, NULL), TEST_EQ(vb21_keyblock_create(&kb, pubk4096, prik, 1, 0, NULL),
VB2_KEYBLOCK_CREATE_DATA_KEY, "Keyblock bad data key"); VB2_KEYBLOCK_CREATE_DATA_KEY, "Keyblock bad data key");
/* Free keys */ /* Free keys */

8
tests/vb21_host_misc_tests.c
View File

@@ -10,7 +10,7 @@
#include "2sysincludes.h" #include "2sysincludes.h"
#include "2common.h" #include "2common.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_misc.h" #include "host_misc.h"
@@ -35,8 +35,8 @@ static void file_tests(const char *temp_dir)
uint8_t *read_data; uint8_t *read_data;
uint32_t read_size; uint32_t read_size;
uint8_t cbuf[sizeof(struct vb2_struct_common) + 12]; uint8_t cbuf[sizeof(struct vb21_struct_common) + 12];
struct vb2_struct_common *c = (struct vb2_struct_common *)cbuf; struct vb21_struct_common *c = (struct vb21_struct_common *)cbuf;
xasprintf(&testfile, "%s/file_tests.dat", temp_dir); xasprintf(&testfile, "%s/file_tests.dat", temp_dir);
@@ -61,7 +61,7 @@ static void file_tests(const char *temp_dir)
c->total_size = sizeof(cbuf); c->total_size = sizeof(cbuf);
c->magic = 0x1234; c->magic = 0x1234;
cbuf[sizeof(cbuf) - 1] = 0xed; /* Some non-zero data at the end */ cbuf[sizeof(cbuf) - 1] = 0xed; /* Some non-zero data at the end */
TEST_SUCC(vb2_write_object(testfile, c), "vb2_write_object() good"); TEST_SUCC(vb21_write_object(testfile, c), "vb2_write_object() good");
TEST_SUCC(vb2_read_file(testfile, &read_data, &read_size), TEST_SUCC(vb2_read_file(testfile, &read_data, &read_size),
"vb2_read_file() object"); "vb2_read_file() object");
TEST_EQ(read_size, c->total_size, " data size"); TEST_EQ(read_size, c->total_size, " data size");

56
tests/vb21_host_sig_tests.c
View File

@@ -11,7 +11,7 @@
#include "2sysincludes.h" #include "2sysincludes.h"
#include "2common.h" #include "2common.h"
#include "2rsa.h" #include "2rsa.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "host_common.h" #include "host_common.h"
#include "host_key2.h" #include "host_key2.h"
#include "host_signature2.h" #include "host_signature2.h"
@@ -43,7 +43,7 @@ static void sig_tests(const struct alg_combo *combo,
struct vb2_private_key *prik, prik2; struct vb2_private_key *prik, prik2;
const struct vb2_private_key *prihash, *priks[2]; const struct vb2_private_key *prihash, *priks[2];
struct vb2_public_key *pubk, pubhash; struct vb2_public_key *pubk, pubhash;
struct vb2_signature *sig, *sig2; struct vb21_signature *sig, *sig2;
uint32_t size; uint32_t size;
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES] uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]
@@ -52,7 +52,7 @@ static void sig_tests(const struct alg_combo *combo,
uint8_t *buf; uint8_t *buf;
uint32_t bufsize; uint32_t bufsize;
struct vb2_struct_common *c; struct vb21_struct_common *c;
uint32_t c_sig_offs; uint32_t c_sig_offs;
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
@@ -79,79 +79,79 @@ static void sig_tests(const struct alg_combo *combo,
priks[1] = prihash; priks[1] = prihash;
/* Sign test data */ /* Sign test data */
TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prik, NULL), TEST_SUCC(vb21_sign_data(&sig, test_data, test_size, prik, NULL),
"Sign good"); "Sign good");
TEST_PTR_NEQ(sig, NULL, " sig_ptr"); TEST_PTR_NEQ(sig, NULL, " sig_ptr");
TEST_EQ(0, strcmp(vb2_common_desc(sig), test_desc), " desc"); TEST_EQ(0, strcmp(vb21_common_desc(sig), test_desc), " desc");
TEST_EQ(0, memcmp(&sig->id, &test_id, sizeof(test_id)), " id"); TEST_EQ(0, memcmp(&sig->id, &test_id, sizeof(test_id)), " id");
TEST_EQ(sig->data_size, test_size, " data_size"); TEST_EQ(sig->data_size, test_size, " data_size");
TEST_SUCC(vb2_sig_size_for_key(&size, prik, NULL), "Sig size"); TEST_SUCC(vb21_sig_size_for_key(&size, prik, NULL), "Sig size");
TEST_EQ(size, sig->c.total_size, " size"); TEST_EQ(size, sig->c.total_size, " size");
TEST_SUCC(vb2_verify_data(test_data, test_size, sig, pubk, &wb), TEST_SUCC(vb21_verify_data(test_data, test_size, sig, pubk, &wb),
"Verify good"); "Verify good");
free(sig); free(sig);
TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prik, TEST_SUCC(vb21_sign_data(&sig, test_data, test_size, prik,
test_sig_desc), test_sig_desc),
"Sign with desc"); "Sign with desc");
TEST_EQ(0, strcmp(vb2_common_desc(sig), test_sig_desc), " desc"); TEST_EQ(0, strcmp(vb21_common_desc(sig), test_sig_desc), " desc");
free(sig); free(sig);
TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prik, ""), TEST_SUCC(vb21_sign_data(&sig, test_data, test_size, prik, ""),
"Sign with no desc"); "Sign with no desc");
TEST_EQ(sig->c.desc_size, 0, " desc"); TEST_EQ(sig->c.desc_size, 0, " desc");
TEST_SUCC(vb2_sig_size_for_key(&size, prik, ""), "Sig size"); TEST_SUCC(vb21_sig_size_for_key(&size, prik, ""), "Sig size");
TEST_EQ(size, sig->c.total_size, " size"); TEST_EQ(size, sig->c.total_size, " size");
free(sig); free(sig);
TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prihash, NULL), TEST_SUCC(vb21_sign_data(&sig, test_data, test_size, prihash, NULL),
"Sign with hash"); "Sign with hash");
TEST_SUCC(vb2_verify_data(test_data, test_size, sig, &pubhash, &wb), TEST_SUCC(vb21_verify_data(test_data, test_size, sig, &pubhash, &wb),
"Verify with hash"); "Verify with hash");
free(sig); free(sig);
prik2 = *prik; prik2 = *prik;
prik2.sig_alg = VB2_SIG_INVALID; prik2.sig_alg = VB2_SIG_INVALID;
TEST_EQ(vb2_sign_data(&sig, test_data, test_size, &prik2, NULL), TEST_EQ(vb21_sign_data(&sig, test_data, test_size, &prik2, NULL),
VB2_SIGN_DATA_SIG_SIZE, "Sign bad sig alg"); VB2_SIGN_DATA_SIG_SIZE, "Sign bad sig alg");
/* Sign an object with a little (24 bytes) data */ /* Sign an object with a little (24 bytes) data */
c_sig_offs = sizeof(*c) + 24; c_sig_offs = sizeof(*c) + 24;
TEST_SUCC(vb2_sig_size_for_key(&size, prik, NULL), "Sig size"); TEST_SUCC(vb21_sig_size_for_key(&size, prik, NULL), "Sig size");
bufsize = c_sig_offs + size; bufsize = c_sig_offs + size;
buf = calloc(1, bufsize); buf = calloc(1, bufsize);
memset(buf + sizeof(*c), 0x12, 24); memset(buf + sizeof(*c), 0x12, 24);
c = (struct vb2_struct_common *)buf; c = (struct vb21_struct_common *)buf;
c->total_size = bufsize; c->total_size = bufsize;
TEST_SUCC(vb2_sign_object(buf, c_sig_offs, prik, NULL), "Sign object"); TEST_SUCC(vb21_sign_object(buf, c_sig_offs, prik, NULL), "Sign object");
sig = (struct vb2_signature *)(buf + c_sig_offs); sig = (struct vb21_signature *)(buf + c_sig_offs);
TEST_SUCC(vb2_verify_data(buf, c_sig_offs, sig, pubk, &wb), TEST_SUCC(vb21_verify_data(buf, c_sig_offs, sig, pubk, &wb),
"Verify object"); "Verify object");
TEST_EQ(vb2_sign_object(buf, c_sig_offs + 4, prik, NULL), TEST_EQ(vb21_sign_object(buf, c_sig_offs + 4, prik, NULL),
VB2_SIGN_OBJECT_OVERFLOW, "Sign object overflow"); VB2_SIGN_OBJECT_OVERFLOW, "Sign object overflow");
free(buf); free(buf);
/* Multiply sign an object */ /* Multiply sign an object */
TEST_SUCC(vb2_sig_size_for_keys(&size, priks, 2), "Sigs size"); TEST_SUCC(vb21_sig_size_for_keys(&size, priks, 2), "Sigs size");
bufsize = c_sig_offs + size; bufsize = c_sig_offs + size;
buf = calloc(1, bufsize); buf = calloc(1, bufsize);
memset(buf + sizeof(*c), 0x12, 24); memset(buf + sizeof(*c), 0x12, 24);
c = (struct vb2_struct_common *)buf; c = (struct vb21_struct_common *)buf;
c->total_size = bufsize; c->total_size = bufsize;
TEST_SUCC(vb2_sign_object_multiple(buf, c_sig_offs, priks, 2), TEST_SUCC(vb21_sign_object_multiple(buf, c_sig_offs, priks, 2),
"Sign multiple"); "Sign multiple");
sig = (struct vb2_signature *)(buf + c_sig_offs); sig = (struct vb21_signature *)(buf + c_sig_offs);
TEST_SUCC(vb2_verify_data(buf, c_sig_offs, sig, pubk, &wb), TEST_SUCC(vb21_verify_data(buf, c_sig_offs, sig, pubk, &wb),
"Verify object with sig 1"); "Verify object with sig 1");
sig2 = (struct vb2_signature *)(buf + c_sig_offs + sig->c.total_size); sig2 = (struct vb21_signature *)(buf + c_sig_offs + sig->c.total_size);
TEST_SUCC(vb2_verify_data(buf, c_sig_offs, sig2, &pubhash, &wb), TEST_SUCC(vb21_verify_data(buf, c_sig_offs, sig2, &pubhash, &wb),
"Verify object with sig 2"); "Verify object with sig 2");
c->total_size -= 4; c->total_size -= 4;
TEST_EQ(vb2_sign_object_multiple(buf, c_sig_offs, priks, 2), TEST_EQ(vb21_sign_object_multiple(buf, c_sig_offs, priks, 2),
VB2_SIGN_OBJECT_OVERFLOW, "Sign multple overflow"); VB2_SIGN_OBJECT_OVERFLOW, "Sign multple overflow");
TEST_EQ(size, sig->c.total_size + sig2->c.total_size, TEST_EQ(size, sig->c.total_size + sig2->c.total_size,

38
tests/vb21_misc_tests.c
View File

@@ -14,7 +14,7 @@
#include "2nvstorage.h" #include "2nvstorage.h"
#include "2secdata.h" #include "2secdata.h"
#include "vb2_common.h" #include "vb21_common.h"
#include "test_common.h" #include "test_common.h"
@@ -28,21 +28,21 @@ static struct vb2_shared_data *sd;
static struct { static struct {
struct vb2_gbb_header h; struct vb2_gbb_header h;
struct vb2_packed_key rootkey; struct vb21_packed_key rootkey;
char rootkey_data[32]; char rootkey_data[32];
} mock_gbb; } mock_gbb;
static struct { static struct {
/* Keyblock */ /* Keyblock */
struct { struct {
struct vb2_keyblock kb; struct vb21_keyblock kb;
struct vb2_packed_key data_key; struct vb21_packed_key data_key;
char data_key_data[16]; char data_key_data[16];
uint8_t kbdata[128]; uint8_t kbdata[128];
} k; } k;
/* Preamble follows keyblock */ /* Preamble follows keyblock */
struct { struct {
struct vb2_fw_preamble pre; struct vb21_fw_preamble pre;
uint8_t predata[128]; uint8_t predata[128];
} p; } p;
} mock_vblock; } mock_vblock;
@@ -60,9 +60,9 @@ enum reset_type {
static void reset_common_data(enum reset_type t) static void reset_common_data(enum reset_type t)
{ {
struct vb2_keyblock *kb = &mock_vblock.k.kb; struct vb21_keyblock *kb = &mock_vblock.k.kb;
struct vb2_packed_key *dk = &mock_vblock.k.data_key; struct vb21_packed_key *dk = &mock_vblock.k.data_key;
struct vb2_fw_preamble *pre = &mock_vblock.p.pre; struct vb21_fw_preamble *pre = &mock_vblock.p.pre;
memset(workbuf, 0xaa, sizeof(workbuf)); memset(workbuf, 0xaa, sizeof(workbuf));
@@ -151,14 +151,14 @@ int vb2ex_read_resource(struct vb2_context *ctx,
return VB2_SUCCESS; return VB2_SUCCESS;
} }
int vb2_unpack_key(struct vb2_public_key *key, int vb21_unpack_key(struct vb2_public_key *key,
const uint8_t *buf, const uint8_t *buf,
uint32_t size) uint32_t size)
{ {
return mock_unpack_key_retval; return mock_unpack_key_retval;
} }
int vb2_verify_keyblock(struct vb2_keyblock *block, int vb21_verify_keyblock(struct vb21_keyblock *block,
uint32_t size, uint32_t size,
const struct vb2_public_key *key, const struct vb2_public_key *key,
const struct vb2_workbuf *wb) const struct vb2_workbuf *wb)
@@ -166,7 +166,7 @@ int vb2_verify_keyblock(struct vb2_keyblock *block,
return mock_verify_keyblock_retval; return mock_verify_keyblock_retval;
} }
int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble, int vb21_verify_fw_preamble(struct vb21_fw_preamble *preamble,
uint32_t size, uint32_t size,
const struct vb2_public_key *key, const struct vb2_public_key *key,
const struct vb2_workbuf *wb) const struct vb2_workbuf *wb)
@@ -178,9 +178,9 @@ int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
static void load_keyblock_tests(void) static void load_keyblock_tests(void)
{ {
struct vb2_keyblock *kb = &mock_vblock.k.kb; struct vb21_keyblock *kb = &mock_vblock.k.kb;
struct vb2_packed_key *dk = &mock_vblock.k.data_key; struct vb21_packed_key *dk = &mock_vblock.k.data_key;
struct vb2_packed_key *k; struct vb21_packed_key *k;
int wb_used_before; int wb_used_before;
/* Test successful call */ /* Test successful call */
@@ -199,8 +199,8 @@ static void load_keyblock_tests(void)
"workbuf used"); "workbuf used");
/* Make sure data key was properly saved */ /* Make sure data key was properly saved */
k = (struct vb2_packed_key *)(ctx.workbuf + k = (struct vb21_packed_key *)(ctx.workbuf +
sd->workbuf_data_key_offset); sd->workbuf_data_key_offset);
TEST_EQ(k->sig_alg, VB2_SIG_RSA4096, "data key algorithm"); TEST_EQ(k->sig_alg, VB2_SIG_RSA4096, "data key algorithm");
TEST_EQ(k->key_version, 2, "data key version"); TEST_EQ(k->key_version, 2, "data key version");
TEST_EQ(k->key_size, sizeof(mock_vblock.k.data_key_data), TEST_EQ(k->key_size, sizeof(mock_vblock.k.data_key_data),
@@ -246,7 +246,7 @@ static void load_keyblock_tests(void)
reset_common_data(FOR_KEYBLOCK); reset_common_data(FOR_KEYBLOCK);
ctx.workbuf_used = ctx.workbuf_size - sd->gbb_rootkey_size ctx.workbuf_used = ctx.workbuf_size - sd->gbb_rootkey_size
- sizeof(struct vb2_keyblock); - sizeof(struct vb21_keyblock);
TEST_EQ(vb2_load_fw_keyblock(&ctx), TEST_EQ(vb2_load_fw_keyblock(&ctx),
VB2_ERROR_READ_RESOURCE_OBJECT_BUF, VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
"keyblock not enough workbuf for entire keyblock"); "keyblock not enough workbuf for entire keyblock");
@@ -283,7 +283,7 @@ static void load_keyblock_tests(void)
static void load_preamble_tests(void) static void load_preamble_tests(void)
{ {
struct vb2_fw_preamble *pre = &mock_vblock.p.pre; struct vb21_fw_preamble *pre = &mock_vblock.p.pre;
int data_key_offset_before; int data_key_offset_before;
uint32_t v; uint32_t v;
@@ -316,7 +316,7 @@ static void load_preamble_tests(void)
reset_common_data(FOR_PREAMBLE); reset_common_data(FOR_PREAMBLE);
ctx.workbuf_used = ctx.workbuf_size ctx.workbuf_used = ctx.workbuf_size
- sizeof(struct vb2_fw_preamble) + 8; - sizeof(struct vb21_fw_preamble) + 8;
TEST_EQ(vb2_load_fw_preamble(&ctx), TEST_EQ(vb2_load_fw_preamble(&ctx),
VB2_ERROR_READ_RESOURCE_OBJECT_BUF, VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
"preamble not enough workbuf for header"); "preamble not enough workbuf for header");