Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(21)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: utility/vbutil_keyblock.c

Issue 2729021: Clean up of key block functions (Closed) Base URL: ssh://gitrw.chromium.org/vboot_reference.git
Patch Set: More key block cleanup Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « utility/vbutil_kernel.c ('k') | vboot_firmware/lib/include/vboot_common.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be 2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file. 3 * found in the LICENSE file.
4 * 4 *
5 * Verified boot key block utility 5 * Verified boot key block utility
6 */ 6 */
7 7
8 #include <getopt.h> 8 #include <getopt.h>
9 #include <inttypes.h> /* For PRIu64 */ 9 #include <inttypes.h> /* For PRIu64 */
10 #include <stdio.h> 10 #include <stdio.h>
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after
92 if (!data_key) { 92 if (!data_key) {
93 fprintf(stderr, "vbutil_keyblock: Error reading data key.\n"); 93 fprintf(stderr, "vbutil_keyblock: Error reading data key.\n");
94 return 1; 94 return 1;
95 } 95 }
96 signing_key = PrivateKeyRead(signprivate, algorithm); 96 signing_key = PrivateKeyRead(signprivate, algorithm);
97 if (!signing_key) { 97 if (!signing_key) {
98 fprintf(stderr, "vbutil_keyblock: Error reading signing key.\n"); 98 fprintf(stderr, "vbutil_keyblock: Error reading signing key.\n");
99 return 1; 99 return 1;
100 } 100 }
101 101
102 block = CreateKeyBlock(data_key, signing_key, flags); 102 block = KeyBlockCreate(data_key, signing_key, flags);
103 Free(data_key); 103 Free(data_key);
104 Free(signing_key); 104 Free(signing_key);
105 105
106 if (0 != WriteFile(outfile, block, block->key_block_size)) { 106 if (0 != KeyBlockWrite(outfile, block)) {
107 fprintf(stderr, "vbutil_keyblock: Error writing key block.\n"); 107 fprintf(stderr, "vbutil_keyblock: Error writing key block.\n");
108 return 1; 108 return 1;
109 } 109 }
110 Free(block); 110 Free(block);
111 return 0; 111 return 0;
112 } 112 }
113 113
114 114
115 static int Unpack(const char* infile, const char* datapubkey, 115 static int Unpack(const char* infile, const char* datapubkey,
116 const char* signpubkey) { 116 const char* signpubkey) {
117 VbPublicKey* data_key; 117 VbPublicKey* data_key;
118 VbPublicKey* sign_key; 118 VbPublicKey* sign_key;
119 VbKeyBlockHeader* block; 119 VbKeyBlockHeader* block;
120 uint64_t block_size;
121 120
122 if (!infile || !signpubkey) { 121 if (!infile || !signpubkey) {
123 fprintf(stderr, "vbutil_keyblock: Must specify filename and signpubkey\n"); 122 fprintf(stderr, "vbutil_keyblock: Must specify filename and signpubkey\n");
124 return 1; 123 return 1;
125 } 124 }
126 125
127 sign_key = PublicKeyRead(signpubkey); 126 sign_key = PublicKeyRead(signpubkey);
128 if (!sign_key) { 127 if (!sign_key) {
129 fprintf(stderr, "vbutil_keyblock: Error reading signpubkey.\n"); 128 fprintf(stderr, "vbutil_keyblock: Error reading signpubkey.\n");
130 return 1; 129 return 1;
131 } 130 }
132 131
133 block = (VbKeyBlockHeader*)ReadFile(infile, &block_size); 132 block = KeyBlockRead(infile);
134 if (!block) { 133 if (!block) {
135 fprintf(stderr, "vbutil_keyblock: Error reading key block.\n"); 134 fprintf(stderr, "vbutil_keyblock: Error reading key block.\n");
136 return 1; 135 return 1;
137 } 136 }
138 if (0 != VerifyKeyBlock(block, block_size, sign_key)) { 137 /* Verify the block with the signing public key, since
138 * KeyBlockRead() only verified the hash. */
139 /* TODO: should just print a warning, since self-signed key blocks
140 * won't have a public key; signpubkey should also be an optional
141 * argument. */
142 if (0 != KeyBlockVerify(block, block->key_block_size, sign_key)) {
139 fprintf(stderr, "vbutil_keyblock: Error verifying key block.\n"); 143 fprintf(stderr, "vbutil_keyblock: Error verifying key block.\n");
140 return 1; 144 return 1;
141 } 145 }
142 Free(sign_key); 146 Free(sign_key);
143 147
144 printf("Key block file: %s\n", infile); 148 printf("Key block file: %s\n", infile);
145 printf("Flags: %" PRIu64 "\n", block->key_block_flags); 149 printf("Flags: %" PRIu64 "\n", block->key_block_flags);
146 150
147 data_key = &block->data_key; 151 data_key = &block->data_key;
148 printf("Data key algorithm: %" PRIu64 " %s\n", data_key->algorithm, 152 printf("Data key algorithm: %" PRIu64 " %s\n", data_key->algorithm,
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after
220 switch(mode) { 224 switch(mode) {
221 case OPT_MODE_PACK: 225 case OPT_MODE_PACK:
222 return Pack(filename, datapubkey, signprivate, algorithm, flags); 226 return Pack(filename, datapubkey, signprivate, algorithm, flags);
223 case OPT_MODE_UNPACK: 227 case OPT_MODE_UNPACK:
224 return Unpack(filename, datapubkey, signpubkey); 228 return Unpack(filename, datapubkey, signpubkey);
225 default: 229 default:
226 printf("Must specify a mode.\n"); 230 printf("Must specify a mode.\n");
227 return PrintHelp(); 231 return PrintHelp();
228 } 232 }
229 } 233 }
OLDNEW
« no previous file with comments | « utility/vbutil_kernel.c ('k') | vboot_firmware/lib/include/vboot_common.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698