OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * High-level firmware API for loading and verifying rewritable firmware. | 5 * High-level firmware API for loading and verifying rewritable firmware. |
6 * (Firmware portion) | 6 * (Firmware portion) |
7 */ | 7 */ |
8 | 8 |
9 #include "vboot_firmware.h" | 9 #include "vboot_firmware.h" |
10 | 10 |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
57 uint64_t body_size; | 57 uint64_t body_size; |
58 | 58 |
59 /* Verify the key block */ | 59 /* Verify the key block */ |
60 if (0 == index) { | 60 if (0 == index) { |
61 key_block = (VbKeyBlockHeader*)params->verification_block_0; | 61 key_block = (VbKeyBlockHeader*)params->verification_block_0; |
62 vblock_size = params->verification_size_0; | 62 vblock_size = params->verification_size_0; |
63 } else { | 63 } else { |
64 key_block = (VbKeyBlockHeader*)params->verification_block_1; | 64 key_block = (VbKeyBlockHeader*)params->verification_block_1; |
65 vblock_size = params->verification_size_1; | 65 vblock_size = params->verification_size_1; |
66 } | 66 } |
67 if ((0 != VerifyKeyBlock(key_block, vblock_size, root_key))) | 67 if ((0 != KeyBlockVerify(key_block, vblock_size, root_key))) |
68 continue; | 68 continue; |
69 | 69 |
70 /* Check for rollback of key version. */ | 70 /* Check for rollback of key version. */ |
71 key_version = key_block->data_key.key_version; | 71 key_version = key_block->data_key.key_version; |
72 if (key_version < tpm_key_version) | 72 if (key_version < tpm_key_version) |
73 continue; | 73 continue; |
74 | 74 |
75 /* Get the key for preamble/data verification from the key block. */ | 75 /* Get the key for preamble/data verification from the key block. */ |
76 data_key = PublicKeyToRSA(&key_block->data_key); | 76 data_key = PublicKeyToRSA(&key_block->data_key); |
77 if (!data_key) | 77 if (!data_key) |
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
164 /* Lock Firmware TPM rollback indices from further writes. In | 164 /* Lock Firmware TPM rollback indices from further writes. In |
165 * this design, this is done by setting the globalLock bit, which | 165 * this design, this is done by setting the globalLock bit, which |
166 * is cleared only by TPM_Init at reboot. */ | 166 * is cleared only by TPM_Init at reboot. */ |
167 if (0 != LockFirmwareVersions()) | 167 if (0 != LockFirmwareVersions()) |
168 return LOAD_FIRMWARE_RECOVERY; | 168 return LOAD_FIRMWARE_RECOVERY; |
169 } | 169 } |
170 | 170 |
171 /* If we're still here, no good firmware, so go to recovery mode. */ | 171 /* If we're still here, no good firmware, so go to recovery mode. */ |
172 return LOAD_FIRMWARE_RECOVERY; | 172 return LOAD_FIRMWARE_RECOVERY; |
173 } | 173 } |
OLD | NEW |