Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(198)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: vboot_firmware/lib/vboot_common.c

Issue 2718012: More cleanup (Closed) Base URL: ssh://gitrw.chromium.org/vboot_reference.git
Patch Set: Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « vboot_firmware/lib/load_kernel_fw.c ('k') | vboot_firmware/lib/vboot_kernel.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: vboot_firmware/lib/vboot_common.c
diff --git a/vboot_firmware/lib/vboot_common.c b/vboot_firmware/lib/vboot_common.c
index fb643bdc7918877df10619f1fc5900ad460aef2d..3eac471ec9bea09756fed1f241b3749ae5178979 100644
--- a/vboot_firmware/lib/vboot_common.c
+++ b/vboot_firmware/lib/vboot_common.c
@@ -6,21 +6,19 @@
* (Firmware portion)
*/
-/* TODO: change all 'return 0', 'return 1' into meaningful return codes */
#include "vboot_common.h"
#include "utility.h"
-#include <stdio.h> /* TODO: FOR TESTING */
char* kVbootErrors[VBOOT_ERROR_MAX] = {
"Success.",
- "Invalid Image.",
- "Kernel Key Signature Failed.",
- "Invalid Kernel Verification Algorithm.",
- "Preamble Signature Failed.",
- "Kernel Signature Failed.",
- "Wrong Kernel Magic.",
+ "Key block invalid.",
+ "Key block signature failed.",
+ "Key block hash failed.",
+ "Public key invalid.",
+ "Preamble invalid.",
+ "Preamble signature check failed.",
};
@@ -132,15 +130,15 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size,
/* Sanity checks before attempting signature of data */
if (SafeMemcmp(block->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE)) {
debug("Not a valid verified boot key block.\n");
- return 1;
+ return VBOOT_KEY_BLOCK_INVALID;
}
if (block->header_version_major != KEY_BLOCK_HEADER_VERSION_MAJOR) {
debug("Incompatible key block header version.\n");
- return 1;
+ return VBOOT_KEY_BLOCK_INVALID;
}
if (size < block->key_block_size) {
debug("Not enough data for key block.\n");
- return 1;
+ return VBOOT_KEY_BLOCK_INVALID;
}
/* Check signature or hash, depending on whether we have a key. */
@@ -153,18 +151,17 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size,
if (VerifySignatureInside(block, block->key_block_size, sig)) {
debug("Key block signature off end of block\n");
- return 1;
+ return VBOOT_KEY_BLOCK_INVALID;
}
if (!((rsa = PublicKeyToRSA(key)))) {
debug("Invalid public key\n");
- return 1;
+ return VBOOT_PUBLIC_KEY_INVALID;
}
rv = VerifyData((const uint8_t*)block, sig, rsa);
RSAPublicKeyFree(rsa);
-
if (rv)
- return rv;
+ return VBOOT_KEY_BLOCK_SIGNATURE;
} else {
/* Check hash */
@@ -175,11 +172,11 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size,
if (VerifySignatureInside(block, block->key_block_size, sig)) {
debug("Key block hash off end of block\n");
- return 1;
+ return VBOOT_KEY_BLOCK_INVALID;
}
if (sig->sig_size != SHA512_DIGEST_SIZE) {
debug("Wrong hash size for key block.\n");
- return 1;
+ return VBOOT_KEY_BLOCK_INVALID;
}
header_checksum = DigestBuf((const uint8_t*)block, sig->data_size,
@@ -189,28 +186,28 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size,
Free(header_checksum);
if (rv) {
debug("Invalid key block hash.\n");
- return 1;
+ return VBOOT_KEY_BLOCK_HASH;
}
}
/* Verify we signed enough data */
if (sig->data_size < sizeof(VbKeyBlockHeader)) {
debug("Didn't sign enough data\n");
- return 1;
+ return VBOOT_KEY_BLOCK_INVALID;
}
/* Verify data key is inside the block and inside signed data */
if (VerifyPublicKeyInside(block, block->key_block_size, &block->data_key)) {
debug("Data key off end of key block\n");
- return 1;
+ return VBOOT_KEY_BLOCK_INVALID;
}
if (VerifyPublicKeyInside(block, sig->data_size, &block->data_key)) {
debug("Data key off end of signed data\n");
- return 1;
+ return VBOOT_KEY_BLOCK_INVALID;
}
/* Success */
- return 0;
+ return VBOOT_SUCCESS;
}
@@ -219,51 +216,49 @@ int VerifyFirmwarePreamble2(const VbFirmwarePreambleHeader* preamble,
const VbSignature* sig = &preamble->preamble_signature;
- /* TODO: caller needs to make sure key version is valid */
-
/* Sanity checks before attempting signature of data */
if (preamble->header_version_major !=
FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR) {
debug("Incompatible firmware preamble header version.\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
if (size < preamble->preamble_size) {
debug("Not enough data for preamble.\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
/* Check signature */
if (VerifySignatureInside(preamble, preamble->preamble_size, sig)) {
debug("Preamble signature off end of preamble\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
if (VerifyData((const uint8_t*)preamble, sig, key)) {
debug("Preamble signature validation failed\n");
- return 1;
+ return VBOOT_PREAMBLE_SIGNATURE;
}
/* Verify we signed enough data */
if (sig->data_size < sizeof(VbFirmwarePreambleHeader)) {
debug("Didn't sign enough data\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
/* Verify body signature is inside the block */
if (VerifySignatureInside(preamble, preamble->preamble_size,
&preamble->body_signature)) {
debug("Firmware body signature off end of preamble\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
/* Verify kernel subkey is inside the block */
if (VerifyPublicKeyInside(preamble, preamble->preamble_size,
&preamble->kernel_subkey)) {
debug("Kernel subkey off end of preamble\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
/* Success */
- return 0;
+ return VBOOT_SUCCESS;
}
@@ -272,41 +267,39 @@ int VerifyKernelPreamble2(const VbKernelPreambleHeader* preamble,
const VbSignature* sig = &preamble->preamble_signature;
- /* TODO: caller needs to make sure key version is valid */
-
/* Sanity checks before attempting signature of data */
if (preamble->header_version_major != KERNEL_PREAMBLE_HEADER_VERSION_MAJOR) {
debug("Incompatible kernel preamble header version.\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
if (size < preamble->preamble_size) {
debug("Not enough data for preamble.\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
/* Check signature */
if (VerifySignatureInside(preamble, preamble->preamble_size, sig)) {
debug("Preamble signature off end of preamble\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
if (VerifyData((const uint8_t*)preamble, sig, key)) {
debug("Preamble signature validation failed\n");
- return 1;
+ return VBOOT_PREAMBLE_SIGNATURE;
}
/* Verify we signed enough data */
if (sig->data_size < sizeof(VbKernelPreambleHeader)) {
debug("Didn't sign enough data\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
/* Verify body signature is inside the block */
if (VerifySignatureInside(preamble, preamble->preamble_size,
&preamble->body_signature)) {
debug("Kernel body signature off end of preamble\n");
- return 1;
+ return VBOOT_PREAMBLE_INVALID;
}
/* Success */
- return 0;
+ return VBOOT_SUCCESS;
}
« no previous file with comments | « vboot_firmware/lib/load_kernel_fw.c ('k') | vboot_firmware/lib/vboot_kernel.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698