OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Host functions for verified boot. | 5 * Host functions for verified boot. |
6 */ | 6 */ |
7 | 7 |
8 /* TODO: change all 'return 0', 'return 1' into meaningful return codes */ | 8 /* TODO: change all 'return 0', 'return 1' into meaningful return codes */ |
9 | 9 |
10 #if 0 | |
11 #define OPENSSL_NO_SHA | |
12 #include <openssl/engine.h> | |
13 #include <openssl/pem.h> | |
14 #include <openssl/rsa.h> | |
15 | |
16 #include <stdio.h> | |
17 #include <stdlib.h> | |
18 #include <unistd.h> | |
19 #include "file_keys.h" | |
20 #endif | |
21 | |
22 #include "host_common.h" | 10 #include "host_common.h" |
23 | 11 |
24 #include "cryptolib.h" | 12 #include "cryptolib.h" |
25 #include "utility.h" | 13 #include "utility.h" |
26 #include "vboot_common.h" | 14 #include "vboot_common.h" |
27 | 15 |
28 | 16 |
29 VbKeyBlockHeader* CreateKeyBlock(const VbPublicKey* data_key, | 17 VbKeyBlockHeader* CreateKeyBlock(const VbPublicKey* data_key, |
30 const VbPrivateKey* signing_key, | 18 const VbPrivateKey* signing_key, |
31 uint64_t flags) { | 19 uint64_t flags) { |
(...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
134 /* Creates a kernel preamble, signed with [signing_key]. | 122 /* Creates a kernel preamble, signed with [signing_key]. |
135 * Caller owns the returned pointer, and must free it with Free(). | 123 * Caller owns the returned pointer, and must free it with Free(). |
136 * | 124 * |
137 * Returns NULL if error. */ | 125 * Returns NULL if error. */ |
138 VbKernelPreambleHeader* CreateKernelPreamble( | 126 VbKernelPreambleHeader* CreateKernelPreamble( |
139 uint64_t kernel_version, | 127 uint64_t kernel_version, |
140 uint64_t body_load_address, | 128 uint64_t body_load_address, |
141 uint64_t bootloader_address, | 129 uint64_t bootloader_address, |
142 uint64_t bootloader_size, | 130 uint64_t bootloader_size, |
143 const VbSignature* body_signature, | 131 const VbSignature* body_signature, |
| 132 uint64_t desired_size, |
144 const VbPrivateKey* signing_key) { | 133 const VbPrivateKey* signing_key) { |
145 | 134 |
146 VbKernelPreambleHeader* h; | 135 VbKernelPreambleHeader* h; |
147 uint64_t signed_size = (sizeof(VbKernelPreambleHeader) + | 136 uint64_t signed_size = (sizeof(VbKernelPreambleHeader) + |
148 body_signature->sig_size); | 137 body_signature->sig_size); |
149 uint64_t block_size = signed_size + siglen_map[signing_key->algorithm]; | 138 uint64_t block_size = signed_size + siglen_map[signing_key->algorithm]; |
150 uint8_t* body_sig_dest; | 139 uint8_t* body_sig_dest; |
151 uint8_t* block_sig_dest; | 140 uint8_t* block_sig_dest; |
152 VbSignature *sigtmp; | 141 VbSignature *sigtmp; |
153 | 142 |
| 143 /* If the block size is smaller than the desired size, pad it */ |
| 144 if (block_size < desired_size) |
| 145 block_size = desired_size; |
| 146 |
154 /* Allocate key block */ | 147 /* Allocate key block */ |
155 h = (VbKernelPreambleHeader*)Malloc(block_size); | 148 h = (VbKernelPreambleHeader*)Malloc(block_size); |
156 if (!h) | 149 if (!h) |
157 return NULL; | 150 return NULL; |
158 body_sig_dest = (uint8_t*)(h + 1); | 151 body_sig_dest = (uint8_t*)(h + 1); |
159 block_sig_dest = body_sig_dest + body_signature->sig_size; | 152 block_sig_dest = body_sig_dest + body_signature->sig_size; |
160 | 153 |
161 h->header_version_major = KERNEL_PREAMBLE_HEADER_VERSION_MAJOR; | 154 h->header_version_major = KERNEL_PREAMBLE_HEADER_VERSION_MAJOR; |
162 h->header_version_minor = KERNEL_PREAMBLE_HEADER_VERSION_MINOR; | 155 h->header_version_minor = KERNEL_PREAMBLE_HEADER_VERSION_MINOR; |
163 h->preamble_size = block_size; | 156 h->preamble_size = block_size; |
(...skipping 12 matching lines...) Expand all Loading... |
176 siglen_map[signing_key->algorithm], signed_size); | 169 siglen_map[signing_key->algorithm], signed_size); |
177 | 170 |
178 /* Calculate signature */ | 171 /* Calculate signature */ |
179 sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key); | 172 sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key); |
180 SignatureCopy(&h->preamble_signature, sigtmp); | 173 SignatureCopy(&h->preamble_signature, sigtmp); |
181 Free(sigtmp); | 174 Free(sigtmp); |
182 | 175 |
183 /* Return the header */ | 176 /* Return the header */ |
184 return h; | 177 return h; |
185 } | 178 } |
OLD | NEW |