This removes the hacky conversion from old-style packed keys and
signatures, which existed only because at the time we didn't have the
ability in hostlib to create new-format key and signature structs
directly.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Id7cb3dfce740f2546464a4caae2629af864d7b45
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231543
Including signing with bare hashes, and signing an object with more
than one signature. With unit tests, even.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Iad0b9f9f6cca7129071aebf0cbc60c0daa94d382
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231452
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
And unit tests for them.
Move roundup32() into hostlib.
Fix WriteFile() returning success even if it failed to write to the file.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I8a115335c088dc5c66c88423d1ccbda7eaca1996
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/230844
Use struct vb2_signature2 objects to hold the hashes of firmware
components, rather than a separate vb2_fw_preamble2_hash struct.
Better for code reuse.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ia9e23c1488a884f2d6fab4c4be51b25d3ff25c2f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/228241
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
This adds the vb2_signature2 equivalents of vb2_verify_digest() and
vb2_verify_data(), including support for bare hash signatures.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I372c9e5f0be926a833e4ca8f84665cfb05907481
Reviewed-on: https://chromium-review.googlesource.com/226950
Tested-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Randall Spangler <rspangler@chromium.org>
Previously, we had a mix of sig_algorithm and sig_alg member names,
and it was hard to remember which struct used which variant. Prefer
sig_alg because of the 80-column limit. Same with hash_alg
vs. hash_algorithm
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ifbb60f3172549e29efc0fb1f7f693efa51eb7cc3
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/226943
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Originally, we designed the vboot data structures so that some of them
had sub-structures. Then the variable-length data for each of the
structures was at the end. So:
struct vb2_keyblock {
struct vb2_packed_key
struct vb2_signature
}
// Followed by variable-length data for keyblock
// Followed by variable-length data for packed key
// Followed by variable-length data for signature
This had the weird side effect that the header and data for the
sub-structs were not contiguous. That wasn't too bad before, but it
gets more complicated with the new data structures. Each structure
now can also have a description. And keyblocks can have a list of
signatures.
Structures also couldn't really know their own size, since a
sub-struct might have a 20-byte header, but then 2K of other data in
between that and the data for the sub-struct itself.
So, un-nest all the data structures. That is, the keyblock now
contains the offset of the signature struct, rather than the signature
struct itself. And then all the variable-length data for each struct
immediately follows the struct itself. So:
struct vb2_keyblock2 {
// Offset of packed key
// Offset of first signature
}
// Followed by variable-length data for keyblock
struct vb2_packed_key
// Followed by variable-length data for packed key
struct vb2_signature2
// Followed by variable-length data for signature (desc, sig data)
Verifying and traversing these objects is much more straightforward.
And each struct can now know its own size.
This first change rearranges the structures. Descriptions now
immediately follow the fixed size structure headers.
The next change adds better verification of the structures, using the
fixed_size and total_size fields in the common header.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ieb9148d6f26c3e59ea542f3a95e59d8019ccee21
Reviewed-on: https://chromium-review.googlesource.com/226824
Tested-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Randall Spangler <rspangler@chromium.org>
This unpacks new-style packed keys.
For now, it can also handle old-style packed keys by passing them to
the old unpacking function. Once we've switched over to new-style
keys in the signing scripts, we'll remove the old format to save code
size.
Also added is a test library which converts from old to new struct
formats. That should eventually get absorbed into futility, and the
test keys directory should have both old and new format packed keys in
it.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I0fe31f124781d1ea1efedab65dcd6130bfca18dd
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/225490
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
