mirror of
https://github.com/Telecominfraproject/OpenCellular.git
synced 2026-01-08 08:31:52 +00:00
4ec4975d90
This patch moves the code which can be shared with other data verification schemes (e.g. RWSIG) under common/vboot. It also adds unit tests for it. BUG=b:38462249 BRANCH=none TEST=make run-vboot. Verify verification succeeds on Fizz. Change-Id: Icab4d96dd2c154a12b01c41ebe9b46286b4b590e Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/563463 Reviewed-by: Randall Spangler <rspangler@chromium.org>
45 lines
1.2 KiB
C
45 lines
1.2 KiB
C
/* Copyright 2017 The Chromium OS Authors. All rights reserved.
|
|
* Use of this source code is governed by a BSD-style license that can be
|
|
* found in the LICENSE file.
|
|
*/
|
|
|
|
/*
|
|
* Common utility APIs for vboot 2.1
|
|
*/
|
|
|
|
#include "common.h"
|
|
#include "rsa.h"
|
|
#include "rwsig.h"
|
|
#include "vb21_struct.h"
|
|
#include "vboot.h"
|
|
|
|
int vb21_is_packed_key_valid(const struct vb21_packed_key *key)
|
|
{
|
|
if (key->c.magic != VB21_MAGIC_PACKED_KEY)
|
|
return EC_ERROR_INVAL;
|
|
if (key->key_size != sizeof(struct rsa_public_key))
|
|
return EC_ERROR_INVAL;
|
|
return EC_SUCCESS;
|
|
}
|
|
|
|
int vb21_is_signature_valid(const struct vb21_signature *sig,
|
|
const struct vb21_packed_key *key)
|
|
{
|
|
if (sig->c.magic != VB21_MAGIC_SIGNATURE)
|
|
return EC_ERROR_INVAL;
|
|
if (sig->sig_size != RSANUMBYTES)
|
|
return EC_ERROR_INVAL;
|
|
if (key->sig_alg != sig->sig_alg)
|
|
return EC_ERROR_INVAL;
|
|
if (key->hash_alg != sig->hash_alg)
|
|
return EC_ERROR_INVAL;
|
|
/* Sanity check signature offset and data size. */
|
|
if (sig->sig_offset < sizeof(*sig))
|
|
return EC_ERROR_INVAL;
|
|
if (sig->sig_offset + RSANUMBYTES > CONFIG_RW_SIG_SIZE)
|
|
return EC_ERROR_INVAL;
|
|
if (sig->data_size > CONFIG_RW_SIZE - CONFIG_RW_SIG_SIZE)
|
|
return EC_ERROR_INVAL;
|
|
return EC_SUCCESS;
|
|
}
|