scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-26 03:05:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
560 Commits 52 Branches 2 Tags
a45ee21bb023665b51e09f722555d9e560fab232
Commit Graph

4 Commits

Author SHA1 Message Date
Gaurav Shah
0688025c7e Fix the maximum output size in the call to the external signer. 
Maximum output size is the signature size.

BUG=7676
TEST=manual

1) Verified that earlier outbufsize value was more than what the external signer would return.
2) Re-ran run_vbutil_tests.sh

Change-Id: I180cfea7625ee09a51709d8f7735884c32b8b409

Review URL: http://codereview.chromium.org/4251006
 2010-11-02 20:58:26 -07:00
Gaurav Shah
068fc6f251 Add support for using external signing application and .pem private key files to vbutil_keyblock. 
This allows signing using a .pem file using an external program.

It is assumed that the external program reads input from stdin, and outputs signed data on stdout. It takes one argument - the file name for the .pem private key reference. See external_rsa_signer.sh for an example external program.

Example usage:
vbutil_keyblock --pack 4096.keyblock \
                --datapubkey 4096.vbpubk \
                --signprivate_pem 4096.pem \
                --pem_algorithm 8 \
                --externalsigner "external_rsa_signer.sh"

I have tried to make the change such that it doesn't impact existing tools/interfaces (since these are used at various places). That said, I am aware of the places where we could just extend an old interface an avoid code duplication but thought I'd put that re-factoring in as a TODO for now. Let me know if you disagree and I can merge them (and changing the existing interface).

BUG=7576
TEST=Extended run_vbutil_tests.sh to test vbutil_keyblock packing using an external signer.

To test, make && make runtests (or just run tests/gen_test_keys.sh; tests/run_vbutils_tests.sh)

Review URL: http://codereview.chromium.org/4194003

Change-Id: I7cc52c8293c04ef9ba074794d046c9a4f19f6bdd
 2010-10-29 10:59:50 -07:00
Bill Richardson
abf0550458 Switch to using .vbprivk for signing everything now. 
This makes it much simpler to keep track of what we're doing.

vbutil_key can now wrap both .keyb and .pem keys. It figures out which is
which by trying both and just using the one that works.

vbutil_keyblock and vbutil_kernel now use .vbprivk files for signing.

replace debug() with VBDEBUG(()) in host-side sources, too.

rename PrivateKeyRead to PrivateKeyReadPem

Add real PrivateKeyRead and PrivateKeyWrite for .vbprivk files.

Review URL: http://codereview.chromium.org/2871033
 2010-07-01 10:22:06 -07:00
Randall Spangler
d183644564 Major refactoring of structures, with unit tests. This matches the doc I sent out earlier. 
Firmware-side code for LoadKernel() is in place now.  LoadFirmware() replacement coming soon.

The new functions are implemented in parallel to the existing ones (i.e., everything that used to work still does).

Review URL: http://codereview.chromium.org/2745007
 2010-06-10 09:59:04 -07:00