Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(321)

Unified Diff: src/platform/vboot_reference/include/firmware_image.h

Issue 1430001: VBoot Reference: Fix splicing bugs in Firmware and Kernel verification. (Closed)
Patch Set: . Created 10 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: src/platform/vboot_reference/include/firmware_image.h
diff --git a/src/platform/vboot_reference/include/firmware_image.h b/src/platform/vboot_reference/include/firmware_image.h
index f7722ef976576c158e62e8dad4ab664c87a936c3..778669bc11fc15278bfc80f372d8fbdb90cd2dd5 100644
--- a/src/platform/vboot_reference/include/firmware_image.h
+++ b/src/platform/vboot_reference/include/firmware_image.h
@@ -44,7 +44,8 @@ typedef struct FirmwareImage {
/* The firmware signature comes first as it may allow us to parallelize
* the firmware data fetch and RSA public operation.
*/
- uint8_t* firmware_signature; /* Signature on [firmware_data]. */
+ uint8_t* firmware_signature; /* Signature on the Preamble +
+ [firmware_data]. */
uint8_t* firmware_data; /* Rest of firmware data */
} FirmwareImage;
@@ -142,14 +143,17 @@ int VerifyFirmwarePreamble(RSAPublicKey* sign_key,
int algorithm,
int* firmware_len);
-/* Checks the signature on the firmware data at location [firmware_data_start].
+/* Checks the signature on the preamble + firmware data at
+ * [preamble_start] and [firmware_data_start].
* The length of the actual firmware data is firmware_len and it is assumed to
* be prepended with the signature whose size depends on the signature_algorithm
- * [algorithm].
+ * [algorithm]. This signature also covers the preamble data (but not the
+ * preamble signature itself).
*
* Return 0 on success, error code on failure.
*/
int VerifyFirmwareData(RSAPublicKey* sign_key,
+ const uint8_t* preamble_start,
const uint8_t* firmware_data_start,
int firmware_len,
int algorithm);

Powered by Google App Engine
This is Rietveld 408576698