host/lib/host_key.c - Issue 2745007: Major refactoring of structures, with unit tests.

Side by Side Diff: host/lib/host_key.c

Issue 2745007: Major refactoring of structures, with unit tests. (Closed) Base URL: ssh://gitrw.chromium.org/vboot_reference.git

Patch Set: Implemented LoadFirmware2() Created 10 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.

	2 * Use of this source code is governed by a BSD-style license that can be

	3 * found in the LICENSE file.

	4 *

	5 * Host functions for keys.

	6 */

	7

	8 /* TODO: change all 'return 0', 'return 1' into meaningful return codes */

	9

	10 #define OPENSSL_NO_SHA

	11 #include <openssl/engine.h>

	12 #include <openssl/pem.h>

	13 #include <openssl/rsa.h>

	14

	15 #include <stdio.h>

	16 #include <stdlib.h>

	17 #include <unistd.h>

	18

	19 #include "host_key.h"

	20

	21 #include "cryptolib.h"

	22 #include "file_keys.h"

	23 #include "utility.h"

	24 #include "vboot_common.h"

	25

	26

	27 VbPrivateKey* PrivateKeyRead(const char* filename, uint64_t algorithm) {

	28

	29 VbPrivateKey* key;

	30 RSA* rsa_key;

	31 FILE* f;

	32

	33 if (algorithm >= kNumAlgorithms) {

	34 debug("PrivateKeyRead() called with invalid algorithm!\n");

	35 return NULL;

	36 }

	37

	38 /* Read private key */

	39 f = fopen(filename, "r");

	40 if (!f) {

	41 debug("PrivateKeyRead(): Couldn't open key file: %s\n", filename);

	42 return NULL;

	43 }

	44 rsa_key = PEM_read_RSAPrivateKey(f, NULL, NULL, NULL);

	45 fclose(f);

	46 if (!rsa_key) {

	47 debug("PrivateKeyRead(): Couldn't read private key from file: %s\n",

	48 filename);

	49 return NULL;

	50 }

	51

	52 /* Store key and algorithm in our struct */

	53 key = (VbPrivateKey*)Malloc(sizeof(VbPrivateKey));

	54 if (!key) {

	55 RSA_free(rsa_key);

	56 return NULL;

	57 }

	58 key->rsa_private_key = rsa_key;

	59 key->algorithm = algorithm;

	60

	61 /* Return the key */

	62 return key;

	63 }

	64

	65

	66 void PrivateKeyFree(VbPrivateKey* key) {

	67 if (!key)

	68 return;

	69 if (key->rsa_private_key)

	70 RSA_free(key->rsa_private_key);

	71 Free(key);

	72 }

	73

	74

	75 void PublicKeyInit(VbPublicKey* key, uint8_t* key_data, uint64_t key_size) {

	76 key->key_offset = OffsetOf(key, key_data);

	77 key->key_size = key_size;

	78 key->algorithm = kNumAlgorithms; /* Key not present yet */

	79 key->key_version = 0;

	80 }

	81

	82

	83 /* Allocate a new public key with space for a [key_size] byte key. */
	gauravsh 2010/06/10 14:44:13 nit: there's a possibility of confusion with what nit: there's a possibility of confusion with what we mean by [key_size] byte key. In this case, we are referring to the size of stored key on disk. But this might be also be interpreted to mean the strength of the key. I had to check the source to make sure I was interpreting it right. I noticed this elsewhere too. It would be useful to clarify that we mean the storage size of the key.
	84 VbPublicKey* PublicKeyAlloc(uint64_t key_size, uint64_t algorithm,

	85 uint64_t version) {

	86 VbPublicKey* key = (VbPublicKey*)Malloc(sizeof(VbPublicKey) + key_size);

	87 if (!key)

	88 return NULL;

	89

	90 key->algorithm = algorithm;

	91 key->key_version = version;

	92 key->key_size = key_size;

	93 key->key_offset = sizeof(VbPublicKey);

	94 return key;

	95 }

	96

	97

	98 /* Copy a public key from [src] to [dest].

	99 *

	100 * Returns zero if success, non-zero if error. */

	101 int PublicKeyCopy(VbPublicKey* dest, const VbPublicKey* src) {

	102 if (dest->key_size < src->key_size)
	gauravsh 2010/06/10 14:44:13 shouldn't we always return an error if dest key_si shouldn't we always return an error if dest key_size and src key_size are different?
	103 return 1;

	104

	105 dest->key_size = src->key_size;

	106 dest->algorithm = src->algorithm;

	107 dest->key_version = src->key_version;

	108 Memcpy(GetPublicKeyData(dest), GetPublicKeyDataC(src), src->key_size);

	109 return 0;

	110 }

	111

	112

	113 VbPublicKey* PublicKeyRead(const char* filename, uint64_t algorithm,

	114 uint64_t version) {

	115

	116 VbPublicKey* key;

	117 uint8_t* key_data;

	118 uint64_t key_size;

	119

	120 if (algorithm >= kNumAlgorithms) {

	121 debug("PublicKeyRead() called with invalid algorithm!\n");

	122 return NULL;

	123 }

	124 if (version > 0xFFFF) {

	125 /* Currently, TPM only supports 16-bit version */

	126 debug("PublicKeyRead() called with invalid version!\n");

	127 return NULL;

	128 }

	129

	130 key_data = BufferFromFile(filename, &key_size);

	131 if (!key_data)

	132 return NULL;

	133

	134 /* TODO: sanity-check key length based on algorithm */

	135

	136 key = PublicKeyAlloc(key_size, algorithm, version);

	137 if (!key) {

	138 Free(key_data);

	139 return NULL;

	140 }

	141 Memcpy(GetPublicKeyData(key), key_data, key_size);

	142

	143 Free(key_data);

	144 return key;

	145 }

OLD	NEW

« no previous file with comments | « host/lib/host_common.c ('k') | host/lib/host_signature.c » ('j') | vboot_firmware/include/load_kernel_fw.h » ('J')