Also removes the dev_mode flag from Firmware Image verification as key signature for the firmware should be checked whether or not dev mode is enabled.
BUG=670
TEST=All tests still pass.
Merge remote branch 'refs/remotes/origin/master' into fixtests
Fix tests, remove dev mode. Move common code.
Review URL: http://codereview.chromium.org/1280002
Refactor duplicate code for the firmware image benchmark. Also fixes some functions that manipulate kernel blobs (use uint64_t instead if int).
Review URL: http://codereview.chromium.org/1079009
This spews out useful information about a verified boot firmware/kernel image. Also adds a helper function to calculate header checksum. That code was being duplicated at multiple places.
Review URL: http://codereview.chromium.org/1088001
Fix memory leaks found using Valgrind, adds sanity checking to RSAPublicKey parsing code to prevent crazy behavior.
Review URL: http://codereview.chromium.org/858008
This CL does the following:
1) It adds a SignatureBuf function which uses the OpenSSL library to generate RSA signature. This is more robust than the previous way of invoking the command line "openssl" utility and capturing its output. No more unnecessary temporary files for signature operations.
2) It adds functions that allow direct manipulation of binary verified Firmware and Kernel Image blobs in memory.
3) It changes the structure field members for FirmwareImage to make it consistent with KernelImage. Now it's clearer which key is used when.
4) Minor bug fixes and slightly improved API for dealing verified boot firmware and kernel images.
5) Renames the RSA_verify function to prevent conflicts with OpenSSL since it's linked into the firmware utility binary.
Review URL: http://codereview.chromium.org/661353
BUG=670
TEST=Adds kernel_image_test which tests the new functions.
The kernel image verification pretty much exactly mirror the already existing firmware image verification functions except with a few different/additional fields in a signed kernel image. The firmware signing key is the root key equivalent for kernel images.
This CL also moves the image verification tests to a different script. There's some additional cleanup of the code that I will be submitting separately after this and another pending patches get LGTMed and land.
Review URL: http://codereview.chromium.org/660161
