| OLD | NEW |
|---|
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 * | 4 * |
| 5 * Utility for aiding fuzz testing of firmware image verification code. | 5 * Utility for aiding fuzz testing of firmware image verification code. |
| 6 */ | 6 */ |
| 7 | 7 |
| 8 #include <stdio.h> | 8 #include <stdio.h> |
| 9 | 9 |
| 10 #include "file_keys.h" | 10 #include "file_keys.h" |
| 11 #include "firmware_image.h" | 11 #include "firmware_image.h" |
| 12 #include "utility.h" | 12 #include "utility.h" |
| 13 | 13 |
| 14 int VerifySignedFirmware(const char* image_file, | 14 int VerifySignedFirmware(const char* root_key_file, |
| 15 const char* root_key_file) { | 15 const char* verification_file, |
| 16 const char* firmware_file) { |
| 16 int error, error_code = 0; | 17 int error, error_code = 0; |
| 17 uint64_t len; | 18 uint64_t len; |
| 18 uint8_t* firmware_blob = BufferFromFile(image_file, &len); | 19 uint8_t* verification_blob = BufferFromFile(verification_file, &len); |
| 20 uint8_t* firmware_blob = BufferFromFile(firmware_file, &len); |
| 19 uint8_t* root_key_blob = BufferFromFile(root_key_file, &len); | 21 uint8_t* root_key_blob = BufferFromFile(root_key_file, &len); |
| 20 | 22 |
| 21 if (!root_key_blob) { | 23 if (!root_key_blob) { |
| 22 fprintf(stderr, "Couldn't read pre-processed public root key.\n"); | 24 fprintf(stderr, "Couldn't read pre-processed public root key.\n"); |
| 23 error_code = 1; | 25 error_code = 1; |
| 24 } | 26 } |
| 25 | 27 |
| 26 if (!error_code && !firmware_blob) { | 28 if (!error_code && !firmware_blob) { |
| 27 fprintf(stderr, "Couldn't read firmware image or malformed image.\n"); | 29 fprintf(stderr, "Couldn't read firmware image.\n"); |
| 28 error_code = 1; | 30 error_code = 1; |
| 29 } | 31 } |
| 30 | 32 |
| 31 if (!error_code && (error = VerifyFirmware(root_key_blob, firmware_blob))) { | 33 if (!error_code && !verification_blob) { |
| 34 fprintf(stderr, "Couldn't read verification data image.\n"); |
| 35 error_code = 1; |
| 36 } |
| 37 |
| 38 if (!error_code && (error = VerifyFirmware(root_key_blob, |
| 39 verification_blob, |
| 40 firmware_blob))) { |
| 32 fprintf(stderr, "%s\n", VerifyFirmwareErrorString(error)); | 41 fprintf(stderr, "%s\n", VerifyFirmwareErrorString(error)); |
| 33 error_code = 1; | 42 error_code = 1; |
| 34 } | 43 } |
| 35 Free(root_key_blob); | 44 Free(root_key_blob); |
| 36 Free(firmware_blob); | 45 Free(firmware_blob); |
| 37 if (error_code) | 46 if (error_code) |
| 38 return 0; | 47 return 0; |
| 39 else | 48 else |
| 40 return 1; | 49 return 1; |
| 41 } | 50 } |
| 42 | 51 |
| 43 int main(int argc, char* argv[]) { | 52 int main(int argc, char* argv[]) { |
| 44 if (argc != 3) { | 53 if (argc != 4) { |
| 45 fprintf(stderr, "Usage: %s <image_to_verify> <root_keyb>\n", argv[0]); | 54 fprintf(stderr, "Usage: %s <verification blob> <image_to_verify> <root_keyb>
" |
| 55 "\n", argv[0]); |
| 46 return -1; | 56 return -1; |
| 47 } | 57 } |
| 48 if (VerifySignedFirmware(argv[1], argv[2])) { | 58 if (VerifySignedFirmware(argv[3], argv[1], argv[2])) { |
| 49 fprintf(stderr, "Verification SUCCESS!\n"); | 59 fprintf(stderr, "Verification SUCCESS!\n"); |
| 50 return 0; | 60 return 0; |
| 51 } | 61 } else { |
| 52 else { | |
| 53 fprintf(stderr, "Verification FAILURE!\n"); | 62 fprintf(stderr, "Verification FAILURE!\n"); |
| 54 return -1; | 63 return -1; |
| 55 } | 64 } |
| 56 } | 65 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1578035:
Change VerifyFirmware() to take separate pointers to firmware verification header and firmware data. (Closed)
