Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(700)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: vboot_firmware/lib/vboot_firmware.c

Issue 2729021: Clean up of key block functions (Closed) Base URL: ssh://gitrw.chromium.org/vboot_reference.git
Patch Set: More key block cleanup Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « vboot_firmware/lib/vboot_common.c ('k') | vboot_firmware/lib/vboot_kernel.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be 2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file. 3 * found in the LICENSE file.
4 * 4 *
5 * High-level firmware API for loading and verifying rewritable firmware. 5 * High-level firmware API for loading and verifying rewritable firmware.
6 * (Firmware portion) 6 * (Firmware portion)
7 */ 7 */
8 8
9 #include "vboot_firmware.h" 9 #include "vboot_firmware.h"
10 10
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after
57 uint64_t body_size; 57 uint64_t body_size;
58 58
59 /* Verify the key block */ 59 /* Verify the key block */
60 if (0 == index) { 60 if (0 == index) {
61 key_block = (VbKeyBlockHeader*)params->verification_block_0; 61 key_block = (VbKeyBlockHeader*)params->verification_block_0;
62 vblock_size = params->verification_size_0; 62 vblock_size = params->verification_size_0;
63 } else { 63 } else {
64 key_block = (VbKeyBlockHeader*)params->verification_block_1; 64 key_block = (VbKeyBlockHeader*)params->verification_block_1;
65 vblock_size = params->verification_size_1; 65 vblock_size = params->verification_size_1;
66 } 66 }
67 if ((0 != VerifyKeyBlock(key_block, vblock_size, root_key))) 67 if ((0 != KeyBlockVerify(key_block, vblock_size, root_key)))
68 continue; 68 continue;
69 69
70 /* Check for rollback of key version. */ 70 /* Check for rollback of key version. */
71 key_version = key_block->data_key.key_version; 71 key_version = key_block->data_key.key_version;
72 if (key_version < tpm_key_version) 72 if (key_version < tpm_key_version)
73 continue; 73 continue;
74 74
75 /* Get the key for preamble/data verification from the key block. */ 75 /* Get the key for preamble/data verification from the key block. */
76 data_key = PublicKeyToRSA(&key_block->data_key); 76 data_key = PublicKeyToRSA(&key_block->data_key);
77 if (!data_key) 77 if (!data_key)
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after
164 /* Lock Firmware TPM rollback indices from further writes. In 164 /* Lock Firmware TPM rollback indices from further writes. In
165 * this design, this is done by setting the globalLock bit, which 165 * this design, this is done by setting the globalLock bit, which
166 * is cleared only by TPM_Init at reboot. */ 166 * is cleared only by TPM_Init at reboot. */
167 if (0 != LockFirmwareVersions()) 167 if (0 != LockFirmwareVersions())
168 return LOAD_FIRMWARE_RECOVERY; 168 return LOAD_FIRMWARE_RECOVERY;
169 } 169 }
170 170
171 /* If we're still here, no good firmware, so go to recovery mode. */ 171 /* If we're still here, no good firmware, so go to recovery mode. */
172 return LOAD_FIRMWARE_RECOVERY; 172 return LOAD_FIRMWARE_RECOVERY;
173 } 173 }
OLDNEW
« no previous file with comments | « vboot_firmware/lib/vboot_common.c ('k') | vboot_firmware/lib/vboot_kernel.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698