| Index: utility/vbutil_keyblock.c
|
| diff --git a/utility/vbutil_keyblock.c b/utility/vbutil_keyblock.c
|
| index 860a07cebbc3222e1858322b0af39a379f0b6d9e..43c5f061a7181deb24acfec14533e2cc05fef000 100644
|
| --- a/utility/vbutil_keyblock.c
|
| +++ b/utility/vbutil_keyblock.c
|
| @@ -99,11 +99,11 @@ static int Pack(const char* outfile, const char* datapubkey,
|
| return 1;
|
| }
|
|
|
| - block = CreateKeyBlock(data_key, signing_key, flags);
|
| + block = KeyBlockCreate(data_key, signing_key, flags);
|
| Free(data_key);
|
| Free(signing_key);
|
|
|
| - if (0 != WriteFile(outfile, block, block->key_block_size)) {
|
| + if (0 != KeyBlockWrite(outfile, block)) {
|
| fprintf(stderr, "vbutil_keyblock: Error writing key block.\n");
|
| return 1;
|
| }
|
| @@ -117,7 +117,6 @@ static int Unpack(const char* infile, const char* datapubkey,
|
| VbPublicKey* data_key;
|
| VbPublicKey* sign_key;
|
| VbKeyBlockHeader* block;
|
| - uint64_t block_size;
|
|
|
| if (!infile || !signpubkey) {
|
| fprintf(stderr, "vbutil_keyblock: Must specify filename and signpubkey\n");
|
| @@ -130,12 +129,17 @@ static int Unpack(const char* infile, const char* datapubkey,
|
| return 1;
|
| }
|
|
|
| - block = (VbKeyBlockHeader*)ReadFile(infile, &block_size);
|
| + block = KeyBlockRead(infile);
|
| if (!block) {
|
| fprintf(stderr, "vbutil_keyblock: Error reading key block.\n");
|
| return 1;
|
| }
|
| - if (0 != VerifyKeyBlock(block, block_size, sign_key)) {
|
| + /* Verify the block with the signing public key, since
|
| + * KeyBlockRead() only verified the hash. */
|
| + /* TODO: should just print a warning, since self-signed key blocks
|
| + * won't have a public key; signpubkey should also be an optional
|
| + * argument. */
|
| + if (0 != KeyBlockVerify(block, block->key_block_size, sign_key)) {
|
| fprintf(stderr, "vbutil_keyblock: Error verifying key block.\n");
|
| return 1;
|
| }
|
|
|
Chromium Code Reviews
Issue 2729021:
Clean up of key block functions (Closed)
Base URL: ssh://gitrw.chromium.org/vboot_reference.git