Index: firmware/lib/vboot_common.c |
diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c |
index a944c70b9b512f53697b37c68bb7f2899f493424..0f036123494923abba30cf16e0ecc8aa2903e69e 100644 |
--- a/firmware/lib/vboot_common.c |
+++ b/firmware/lib/vboot_common.c |
@@ -109,11 +109,11 @@ RSAPublicKey* PublicKeyToRSA(const VbPublicKey* key) { |
RSAPublicKey *rsa; |
if (kNumAlgorithms <= key->algorithm) { |
- debug("Invalid algorithm.\n"); |
+ VBDEBUG(("Invalid algorithm.\n")); |
return NULL; |
} |
if (RSAProcessedKeySize((int)key->algorithm) != (int)key->key_size) { |
- debug("Wrong key size for algorithm\n"); |
+ VBDEBUG(("Wrong key size for algorithm\n")); |
return NULL; |
} |
@@ -130,7 +130,7 @@ int VerifyData(const uint8_t* data, const VbSignature *sig, |
const RSAPublicKey* key) { |
if (sig->sig_size != siglen_map[key->algorithm]) { |
- debug("Wrong signature size for algorithm.\n"); |
+ VBDEBUG(("Wrong signature size for algorithm.\n")); |
return 1; |
} |
@@ -146,7 +146,7 @@ int VerifyDigest(const uint8_t* digest, const VbSignature *sig, |
const RSAPublicKey* key) { |
if (sig->sig_size != siglen_map[key->algorithm]) { |
- debug("Wrong signature size for algorithm.\n"); |
+ VBDEBUG(("Wrong signature size for algorithm.\n")); |
return 1; |
} |
@@ -165,15 +165,15 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size, |
/* Sanity checks before attempting signature of data */ |
if (SafeMemcmp(block->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE)) { |
- debug("Not a valid verified boot key block.\n"); |
+ VBDEBUG(("Not a valid verified boot key block.\n")); |
return VBOOT_KEY_BLOCK_INVALID; |
} |
if (block->header_version_major != KEY_BLOCK_HEADER_VERSION_MAJOR) { |
- debug("Incompatible key block header version.\n"); |
+ VBDEBUG(("Incompatible key block header version.\n")); |
return VBOOT_KEY_BLOCK_INVALID; |
} |
if (size < block->key_block_size) { |
- debug("Not enough data for key block.\n"); |
+ VBDEBUG(("Not enough data for key block.\n")); |
return VBOOT_KEY_BLOCK_INVALID; |
} |
@@ -186,13 +186,13 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size, |
sig = &block->key_block_signature; |
if (VerifySignatureInside(block, block->key_block_size, sig)) { |
- debug("Key block signature off end of block\n"); |
+ VBDEBUG(("Key block signature off end of block\n")); |
return VBOOT_KEY_BLOCK_INVALID; |
} |
rsa = PublicKeyToRSA(key); |
if (!rsa) { |
- debug("Invalid public key\n"); |
+ VBDEBUG(("Invalid public key\n")); |
return VBOOT_PUBLIC_KEY_INVALID; |
} |
rv = VerifyData((const uint8_t*)block, sig, rsa); |
@@ -208,11 +208,11 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size, |
sig = &block->key_block_checksum; |
if (VerifySignatureInside(block, block->key_block_size, sig)) { |
- debug("Key block hash off end of block\n"); |
+ VBDEBUG(("Key block hash off end of block\n")); |
return VBOOT_KEY_BLOCK_INVALID; |
} |
if (sig->sig_size != SHA512_DIGEST_SIZE) { |
- debug("Wrong hash size for key block.\n"); |
+ VBDEBUG(("Wrong hash size for key block.\n")); |
return VBOOT_KEY_BLOCK_INVALID; |
} |
@@ -222,24 +222,24 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size, |
SHA512_DIGEST_SIZE); |
Free(header_checksum); |
if (rv) { |
- debug("Invalid key block hash.\n"); |
+ VBDEBUG(("Invalid key block hash.\n")); |
return VBOOT_KEY_BLOCK_HASH; |
} |
} |
/* Verify we signed enough data */ |
if (sig->data_size < sizeof(VbKeyBlockHeader)) { |
- debug("Didn't sign enough data\n"); |
+ VBDEBUG(("Didn't sign enough data\n")); |
return VBOOT_KEY_BLOCK_INVALID; |
} |
/* Verify data key is inside the block and inside signed data */ |
if (VerifyPublicKeyInside(block, block->key_block_size, &block->data_key)) { |
- debug("Data key off end of key block\n"); |
+ VBDEBUG(("Data key off end of key block\n")); |
return VBOOT_KEY_BLOCK_INVALID; |
} |
if (VerifyPublicKeyInside(block, sig->data_size, &block->data_key)) { |
- debug("Data key off end of signed data\n"); |
+ VBDEBUG(("Data key off end of signed data\n")); |
return VBOOT_KEY_BLOCK_INVALID; |
} |
@@ -256,41 +256,41 @@ int VerifyFirmwarePreamble2(const VbFirmwarePreambleHeader* preamble, |
/* Sanity checks before attempting signature of data */ |
if (preamble->header_version_major != |
FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR) { |
- debug("Incompatible firmware preamble header version.\n"); |
+ VBDEBUG(("Incompatible firmware preamble header version.\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |
if (size < preamble->preamble_size) { |
- debug("Not enough data for preamble.\n"); |
+ VBDEBUG(("Not enough data for preamble.\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |
/* Check signature */ |
if (VerifySignatureInside(preamble, preamble->preamble_size, sig)) { |
- debug("Preamble signature off end of preamble\n"); |
+ VBDEBUG(("Preamble signature off end of preamble\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |
if (VerifyData((const uint8_t*)preamble, sig, key)) { |
- debug("Preamble signature validation failed\n"); |
+ VBDEBUG(("Preamble signature validation failed\n")); |
return VBOOT_PREAMBLE_SIGNATURE; |
} |
/* Verify we signed enough data */ |
if (sig->data_size < sizeof(VbFirmwarePreambleHeader)) { |
- debug("Didn't sign enough data\n"); |
+ VBDEBUG(("Didn't sign enough data\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |
/* Verify body signature is inside the block */ |
if (VerifySignatureInside(preamble, preamble->preamble_size, |
&preamble->body_signature)) { |
- debug("Firmware body signature off end of preamble\n"); |
+ VBDEBUG(("Firmware body signature off end of preamble\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |
/* Verify kernel subkey is inside the block */ |
if (VerifyPublicKeyInside(preamble, preamble->preamble_size, |
&preamble->kernel_subkey)) { |
- debug("Kernel subkey off end of preamble\n"); |
+ VBDEBUG(("Kernel subkey off end of preamble\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |
@@ -306,34 +306,34 @@ int VerifyKernelPreamble2(const VbKernelPreambleHeader* preamble, |
/* Sanity checks before attempting signature of data */ |
if (preamble->header_version_major != KERNEL_PREAMBLE_HEADER_VERSION_MAJOR) { |
- debug("Incompatible kernel preamble header version.\n"); |
+ VBDEBUG(("Incompatible kernel preamble header version.\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |
if (size < preamble->preamble_size) { |
- debug("Not enough data for preamble.\n"); |
+ VBDEBUG(("Not enough data for preamble.\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |
/* Check signature */ |
if (VerifySignatureInside(preamble, preamble->preamble_size, sig)) { |
- debug("Preamble signature off end of preamble\n"); |
+ VBDEBUG(("Preamble signature off end of preamble\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |
if (VerifyData((const uint8_t*)preamble, sig, key)) { |
- debug("Preamble signature validation failed\n"); |
+ VBDEBUG(("Preamble signature validation failed\n")); |
return VBOOT_PREAMBLE_SIGNATURE; |
} |
/* Verify we signed enough data */ |
if (sig->data_size < sizeof(VbKernelPreambleHeader)) { |
- debug("Didn't sign enough data\n"); |
+ VBDEBUG(("Didn't sign enough data\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |
/* Verify body signature is inside the block */ |
if (VerifySignatureInside(preamble, preamble->preamble_size, |
&preamble->body_signature)) { |
- debug("Kernel body signature off end of preamble\n"); |
+ VBDEBUG(("Kernel body signature off end of preamble\n")); |
return VBOOT_PREAMBLE_INVALID; |
} |