| Index: vfirmware/firmware_image.c
|
| diff --git a/vfirmware/firmware_image.c b/vfirmware/firmware_image.c
|
| deleted file mode 100644
|
| index 829d72ade3edf7ad68dda9c6b80f9405839119ae..0000000000000000000000000000000000000000
|
| --- a/vfirmware/firmware_image.c
|
| +++ /dev/null
|
| @@ -1,522 +0,0 @@
|
| -/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
|
| - * Use of this source code is governed by a BSD-style license that can be
|
| - * found in the LICENSE file.
|
| - *
|
| - * Functions for generating and manipulating a verified boot firmware image.
|
| - */
|
| -
|
| -#include "firmware_image.h"
|
| -
|
| -#include <sys/types.h>
|
| -#include <sys/stat.h>
|
| -#include <fcntl.h>
|
| -#include <unistd.h>
|
| -
|
| -#include "cryptolib.h"
|
| -#include "file_keys.h"
|
| -#include "signature_digest.h"
|
| -#include "stateful_util.h"
|
| -
|
| -/* Macro to determine the size of a field structure in the FirmwareImage
|
| - * structure. */
|
| -#define FIELD_LEN(field) (sizeof(((FirmwareImage*)0)->field))
|
| -
|
| -FirmwareImage* FirmwareImageNew(void) {
|
| - FirmwareImage* image = (FirmwareImage*) Malloc(sizeof(FirmwareImage));
|
| - if (image) {
|
| - image->firmware_sign_key = NULL;
|
| - image->kernel_subkey_sign_key = NULL;
|
| - image->preamble_signature = NULL;
|
| - image->firmware_signature = NULL;
|
| - image->firmware_data = NULL;
|
| - }
|
| - return image;
|
| -}
|
| -
|
| -void FirmwareImageFree(FirmwareImage* image) {
|
| - if (image) {
|
| - Free(image->firmware_sign_key);
|
| - Free(image->kernel_subkey_sign_key);
|
| - Free(image->preamble_signature);
|
| - Free(image->firmware_signature);
|
| - Free(image->firmware_data);
|
| - Free(image);
|
| - }
|
| -}
|
| -
|
| -FirmwareImage* ReadFirmwareImage(const char* input_file) {
|
| - uint64_t file_size;
|
| - int image_len = 0; /* Total size of the firmware image. */
|
| - int header_len = 0;
|
| - int firmware_sign_key_len;
|
| - int signature_len;
|
| - uint8_t* firmware_buf;
|
| - uint8_t header_checksum[FIELD_LEN(header_checksum)];
|
| - MemcpyState st;
|
| - FirmwareImage* image = FirmwareImageNew();
|
| -
|
| - if (!image)
|
| - return NULL;
|
| -
|
| - firmware_buf = BufferFromFile(input_file, &file_size);
|
| - image_len = file_size;
|
| -
|
| - st.remaining_len = image_len;
|
| - st.remaining_buf = firmware_buf;
|
| - st.overrun = 0;
|
| -
|
| - /* Read and compare magic bytes. */
|
| - StatefulMemcpy(&st, &image->magic, FIRMWARE_MAGIC_SIZE);
|
| - if (SafeMemcmp(image->magic, FIRMWARE_MAGIC, FIRMWARE_MAGIC_SIZE)) {
|
| - debug("Wrong Firmware Magic.\n");
|
| - Free(firmware_buf);
|
| - return NULL;
|
| - }
|
| - StatefulMemcpy(&st, &image->header_len, FIELD_LEN(header_len));
|
| - StatefulMemcpy(&st, &image->firmware_sign_algorithm,
|
| - FIELD_LEN(firmware_sign_algorithm));
|
| -
|
| - /* Valid Algorithm? */
|
| - if (image->firmware_sign_algorithm >= kNumAlgorithms) {
|
| - Free(firmware_buf);
|
| - return NULL;
|
| - }
|
| -
|
| - /* Compute size of pre-processed RSA public key and signature. */
|
| - firmware_sign_key_len = RSAProcessedKeySize(image->firmware_sign_algorithm);
|
| - signature_len = siglen_map[image->firmware_sign_algorithm];
|
| -
|
| - /* Check whether the header length is correct. */
|
| - header_len = GetFirmwareHeaderLen(image);
|
| - if (header_len != image->header_len) {
|
| - debug("Header length mismatch. Got: %d Expected: %d\n",
|
| - image->header_len, header_len);
|
| - Free(firmware_buf);
|
| - return NULL;
|
| - }
|
| -
|
| - /* Read pre-processed public half of the sign key. */
|
| - StatefulMemcpy(&st, &image->firmware_key_version,
|
| - FIELD_LEN(firmware_key_version));
|
| - image->firmware_sign_key = (uint8_t*) Malloc(firmware_sign_key_len);
|
| - StatefulMemcpy(&st, image->firmware_sign_key, firmware_sign_key_len);
|
| - StatefulMemcpy(&st, image->header_checksum, FIELD_LEN(header_checksum));
|
| -
|
| - /* Check whether the header checksum matches. */
|
| - CalculateFirmwareHeaderChecksum(image, header_checksum);
|
| - if (SafeMemcmp(header_checksum, image->header_checksum,
|
| - FIELD_LEN(header_checksum))) {
|
| - debug("Invalid firmware header checksum!\n");
|
| - Free(firmware_buf);
|
| - return NULL;
|
| - }
|
| -
|
| - /* Read key signature. */
|
| - StatefulMemcpy(&st, image->firmware_key_signature,
|
| - FIELD_LEN(firmware_key_signature));
|
| -
|
| - /* Read the firmware preamble. */
|
| - StatefulMemcpy(&st,&image->firmware_version, FIELD_LEN(firmware_version));
|
| - StatefulMemcpy(&st, &image->firmware_len, FIELD_LEN(firmware_len));
|
| - StatefulMemcpy(&st, &image->kernel_subkey_sign_algorithm,
|
| - FIELD_LEN(kernel_subkey_sign_algorithm));
|
| - StatefulMemcpy(&st, image->kernel_subkey_sign_key,
|
| - RSAProcessedKeySize(image->kernel_subkey_sign_algorithm));
|
| - StatefulMemcpy(&st, image->preamble, FIELD_LEN(preamble));
|
| -
|
| - /* Read firmware preamble signature. */
|
| - image->preamble_signature = (uint8_t*) Malloc(signature_len);
|
| - StatefulMemcpy(&st, image->preamble_signature, signature_len);
|
| -
|
| - image->firmware_signature = (uint8_t*) Malloc(signature_len);
|
| - StatefulMemcpy(&st, image->firmware_signature, signature_len);
|
| -
|
| - image->firmware_data = (uint8_t*) Malloc(image->firmware_len);
|
| - StatefulMemcpy(&st, image->firmware_data, image->firmware_len);
|
| -
|
| - if(st.overrun || st.remaining_len != 0) { /* Overrun or underrun. */
|
| - Free(firmware_buf);
|
| - return NULL;
|
| - }
|
| -
|
| - Free(firmware_buf);
|
| - return image;
|
| -}
|
| -
|
| -int GetFirmwareHeaderLen(const FirmwareImage* image) {
|
| - return (FIELD_LEN(header_len) + FIELD_LEN(firmware_sign_algorithm) +
|
| - RSAProcessedKeySize(image->firmware_sign_algorithm) +
|
| - FIELD_LEN(firmware_key_version) + FIELD_LEN(header_checksum));
|
| -}
|
| -
|
| -void CalculateFirmwareHeaderChecksum(const FirmwareImage* image,
|
| - uint8_t* header_checksum) {
|
| - uint8_t* checksum;
|
| - DigestContext ctx;
|
| - DigestInit(&ctx, SHA512_DIGEST_ALGORITHM);
|
| - DigestUpdate(&ctx, (uint8_t*) &image->header_len,
|
| - sizeof(image->header_len));
|
| - DigestUpdate(&ctx, (uint8_t*) &image->firmware_sign_algorithm,
|
| - sizeof(image->firmware_sign_algorithm));
|
| - DigestUpdate(&ctx, (uint8_t*) &image->firmware_key_version,
|
| - sizeof(image->firmware_key_version));
|
| - DigestUpdate(&ctx, image->firmware_sign_key,
|
| - RSAProcessedKeySize(image->firmware_sign_algorithm));
|
| - checksum = DigestFinal(&ctx);
|
| - Memcpy(header_checksum, checksum, FIELD_LEN(header_checksum));
|
| - Free(checksum);
|
| - return;
|
| -}
|
| -
|
| -
|
| -uint8_t* GetFirmwareHeaderBlob(const FirmwareImage* image) {
|
| - uint8_t* header_blob = NULL;
|
| - MemcpyState st;
|
| -
|
| - header_blob = (uint8_t*) Malloc(GetFirmwareHeaderLen(image));
|
| - st.remaining_len = GetFirmwareHeaderLen(image);
|
| - st.remaining_buf = header_blob;
|
| - st.overrun = 0;
|
| -
|
| - StatefulMemcpy_r(&st, &image->header_len, FIELD_LEN(header_len));
|
| - StatefulMemcpy_r(&st, &image->firmware_sign_algorithm, FIELD_LEN(header_len));
|
| - StatefulMemcpy_r(&st, &image->firmware_key_version,
|
| - FIELD_LEN(firmware_key_version));
|
| - StatefulMemcpy_r(&st, image->firmware_sign_key,
|
| - RSAProcessedKeySize(image->firmware_sign_algorithm));
|
| - StatefulMemcpy_r(&st, &image->header_checksum, FIELD_LEN(header_checksum));
|
| -
|
| - if (st.overrun || st.remaining_len != 0) { /* Underrun or Overrun. */
|
| - Free(header_blob);
|
| - return NULL;
|
| - }
|
| - return header_blob;
|
| -}
|
| -
|
| -
|
| -uint8_t* GetFirmwarePreambleBlob(const FirmwareImage* image) {
|
| - uint8_t* preamble_blob = NULL;
|
| - MemcpyState st;
|
| - uint64_t preamble_len = GetFirmwarePreambleLen(
|
| - image->kernel_subkey_sign_algorithm);
|
| -
|
| - preamble_blob = (uint8_t*) Malloc(preamble_len);
|
| - st.remaining_len = preamble_len;
|
| - st.remaining_buf = preamble_blob;
|
| - st.overrun = 0;
|
| -
|
| - StatefulMemcpy_r(&st, &image->firmware_version, FIELD_LEN(firmware_version));
|
| - StatefulMemcpy_r(&st, &image->firmware_len, FIELD_LEN(firmware_len));
|
| - StatefulMemcpy_r(&st, &image->kernel_subkey_sign_algorithm,
|
| - FIELD_LEN(kernel_subkey_sign_algorithm));
|
| - StatefulMemcpy_r(&st, image->kernel_subkey_sign_key,
|
| - RSAProcessedKeySize(image->kernel_subkey_sign_algorithm));
|
| - StatefulMemcpy_r(&st, image->preamble, FIELD_LEN(preamble));
|
| -
|
| - if (st.overrun || st.remaining_len != 0 ) { /* Underrun or Overrun. */
|
| - Free(preamble_blob);
|
| - return NULL;
|
| - }
|
| - return preamble_blob;
|
| -}
|
| -
|
| -
|
| -uint8_t* GetFirmwareBlob(const FirmwareImage* image, uint64_t* blob_len) {
|
| - int firmware_signature_len;
|
| - uint8_t* firmware_blob = NULL;
|
| - uint8_t* header_blob = NULL;
|
| - uint8_t* preamble_blob = NULL;
|
| - MemcpyState st;
|
| -
|
| - if (!image)
|
| - return NULL;
|
| -
|
| - firmware_signature_len = siglen_map[image->firmware_sign_algorithm];
|
| - *blob_len = (FIELD_LEN(magic) +
|
| - GetFirmwareHeaderLen(image) +
|
| - FIELD_LEN(firmware_key_signature) +
|
| - GetFirmwarePreambleLen(image->kernel_subkey_sign_algorithm) +
|
| - 2 * firmware_signature_len +
|
| - image->firmware_len);
|
| - firmware_blob = (uint8_t*) Malloc(*blob_len);
|
| - st.remaining_len = *blob_len;
|
| - st.remaining_buf = firmware_blob;
|
| - st.overrun = 0;
|
| -
|
| - header_blob = GetFirmwareHeaderBlob(image);
|
| - preamble_blob = GetFirmwarePreambleBlob(image);
|
| -
|
| - StatefulMemcpy_r(&st, image->magic, FIELD_LEN(magic));
|
| - StatefulMemcpy_r(&st, header_blob, GetFirmwareHeaderLen(image));
|
| - StatefulMemcpy_r(&st, image->firmware_key_signature,
|
| - FIELD_LEN(firmware_key_signature));
|
| - StatefulMemcpy_r(&st, preamble_blob,
|
| - GetFirmwarePreambleLen(image->kernel_subkey_sign_algorithm));
|
| - StatefulMemcpy_r(&st, image->preamble_signature, firmware_signature_len);
|
| - StatefulMemcpy_r(&st, image->firmware_signature, firmware_signature_len);
|
| - StatefulMemcpy_r(&st, image->firmware_data, image->firmware_len);
|
| -
|
| - Free(preamble_blob);
|
| - Free(header_blob);
|
| -
|
| - if (st.overrun || st.remaining_len != 0) { /* Underrun or Overrun. */
|
| - Free(firmware_blob);
|
| - return NULL;
|
| - }
|
| - return firmware_blob;
|
| -}
|
| -
|
| -int WriteFirmwareImage(const char* output_file,
|
| - const FirmwareImage* image,
|
| - int is_only_vblock,
|
| - int is_subkey_out) {
|
| - int fd;
|
| - int success = 1;
|
| - uint8_t* firmware_blob;
|
| - uint8_t* subkey_out_buf = NULL;
|
| - uint8_t* subkey_header = NULL;
|
| - uint64_t blob_len;
|
| -
|
| - if (!image)
|
| - return 0;
|
| - if (-1 == (fd = creat(output_file, 0666))) {
|
| - debug("Couldn't open file for writing.\n");
|
| - return 0;
|
| - }
|
| - if (is_subkey_out) {
|
| - blob_len = GetFirmwareHeaderLen(image) +
|
| - siglen_map[ROOT_SIGNATURE_ALGORITHM];
|
| - subkey_out_buf = (uint8_t*) Malloc(blob_len);
|
| - subkey_header = GetFirmwareHeaderBlob(image);
|
| - Memcpy(subkey_out_buf, subkey_header, GetFirmwareHeaderLen(image));
|
| - Memcpy(subkey_out_buf + GetFirmwareHeaderLen(image),
|
| - image->firmware_key_signature,
|
| - siglen_map[ROOT_SIGNATURE_ALGORITHM]);
|
| - if (blob_len != write(fd, subkey_out_buf, blob_len)) {
|
| - debug("Couldn't write kernel subkey header to file: %s\n",
|
| - output_file);
|
| - success = 0;
|
| - }
|
| - Free(subkey_header);
|
| - Free(subkey_out_buf);
|
| - close(fd);
|
| - return success;
|
| - }
|
| -
|
| - firmware_blob = GetFirmwareBlob(image, &blob_len);
|
| - if (!firmware_blob) {
|
| - debug("Couldn't create firmware blob from FirmwareImage.\n");
|
| - return 0;
|
| - }
|
| - if (!is_only_vblock) {
|
| - if (blob_len != write(fd, firmware_blob, blob_len)) {
|
| - debug("Couldn't write Firmware Image to file: %s\n", output_file);
|
| - success = 0;
|
| - }
|
| - } else {
|
| - /* Exclude the firmware_data. */
|
| - int vblock_len = blob_len - image->firmware_len;
|
| - if (vblock_len != write(fd, firmware_blob, vblock_len)) {
|
| - debug("Couldn't write Firmware Image verifcation block to file: %s\n",
|
| - output_file);
|
| - success = 0;
|
| - }
|
| - }
|
| - Free(firmware_blob);
|
| - close(fd);
|
| - return success;
|
| -}
|
| -
|
| -void PrintFirmwareImage(const FirmwareImage* image) {
|
| - if (!image)
|
| - return;
|
| -
|
| - /* Print header. */
|
| - debug("Header Length = %d\n"
|
| - "Firmware Signature Algorithm = %s\n"
|
| - "Firmware Key Version = %d\n\n",
|
| - image->header_len,
|
| - algo_strings[image->firmware_sign_algorithm],
|
| - image->firmware_key_version);
|
| - /* TODO(gauravsh): Output hash and key signature here? */
|
| - /* Print preamble. */
|
| - debug("Firmware Version = %d\n"
|
| - "Firmware Length = %" PRIu64 "\n\n",
|
| - image->firmware_version,
|
| - image->firmware_len);
|
| - /* Output key signature here? */
|
| -}
|
| -
|
| -int VerifyFirmwareImage(const RSAPublicKey* root_key,
|
| - const FirmwareImage* image) {
|
| - RSAPublicKey* firmware_sign_key = NULL;
|
| - uint8_t* header_digest = NULL;
|
| - uint8_t* preamble_digest = NULL;
|
| - uint8_t* firmware_digest = NULL;
|
| - int firmware_sign_key_size;
|
| - int signature_size;
|
| - int error_code = 0;
|
| - DigestContext ctx;
|
| - DigestContext firmware_ctx;
|
| -
|
| - if (!image)
|
| - return VERIFY_FIRMWARE_INVALID_IMAGE;
|
| -
|
| - /* Verify root key signature on the sign key header if we
|
| - * are not in dev mode.
|
| - *
|
| - * TODO(gauravsh): Add additional sanity checks here for:
|
| - * 1) verifying the header length is correct.
|
| - * 2) header_checksum is correct.
|
| - */
|
| -
|
| - /* Check key signature. */
|
| - DigestInit(&ctx, ROOT_SIGNATURE_ALGORITHM);
|
| - DigestUpdate(&ctx, (uint8_t*) &image->header_len,
|
| - FIELD_LEN(header_len));
|
| - DigestUpdate(&ctx, (uint8_t*) &image->firmware_sign_algorithm,
|
| - FIELD_LEN(firmware_sign_algorithm));
|
| - DigestUpdate(&ctx, (uint8_t*) &image->firmware_key_version,
|
| - FIELD_LEN(firmware_key_version));
|
| - DigestUpdate(&ctx, image->firmware_sign_key,
|
| - RSAProcessedKeySize(image->firmware_sign_algorithm));
|
| - DigestUpdate(&ctx, image->header_checksum,
|
| - FIELD_LEN(header_checksum));
|
| - header_digest = DigestFinal(&ctx);
|
| - if (!RSAVerify(root_key, image->firmware_key_signature,
|
| - FIELD_LEN(firmware_key_signature),
|
| - ROOT_SIGNATURE_ALGORITHM,
|
| - header_digest)) {
|
| - error_code = VERIFY_FIRMWARE_ROOT_SIGNATURE_FAILED;
|
| - goto verify_failure;
|
| - }
|
| -
|
| - /* Get sign key to verify the rest of the firmware. */
|
| - firmware_sign_key_size = RSAProcessedKeySize(image->firmware_sign_algorithm);
|
| - firmware_sign_key = RSAPublicKeyFromBuf(image->firmware_sign_key,
|
| - firmware_sign_key_size);
|
| - signature_size = siglen_map[image->firmware_sign_algorithm];
|
| -
|
| - if (image->firmware_sign_algorithm >= kNumAlgorithms)
|
| - return VERIFY_FIRMWARE_INVALID_ALGORITHM;
|
| -
|
| - /* Verify firmware preamble signature. */
|
| - DigestInit(&ctx, image->firmware_sign_algorithm);
|
| - DigestUpdate(&ctx, (uint8_t*) &image->firmware_version,
|
| - FIELD_LEN(firmware_version));
|
| - DigestUpdate(&ctx, (uint8_t*) &image->firmware_len,
|
| - FIELD_LEN(firmware_len));
|
| - DigestUpdate(&ctx, (uint8_t*) &image->kernel_subkey_sign_algorithm,
|
| - FIELD_LEN(kernel_subkey_sign_algorithm));
|
| - DigestUpdate(&ctx, (uint8_t*) image->kernel_subkey_sign_key,
|
| - RSAProcessedKeySize(image->kernel_subkey_sign_algorithm));
|
| - DigestUpdate(&ctx, (uint8_t*) &image->preamble,
|
| - FIELD_LEN(preamble));
|
| - preamble_digest = DigestFinal(&ctx);
|
| - if (!RSAVerify(firmware_sign_key, image->preamble_signature,
|
| - signature_size, image->firmware_sign_algorithm,
|
| - preamble_digest)) {
|
| - error_code = VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED;
|
| - goto verify_failure;
|
| - }
|
| -
|
| - /* Verify firmware signature - firmware signature is on the contents
|
| - of firmware preamble + firmware_data. */
|
| - DigestInit(&firmware_ctx, image->firmware_sign_algorithm);
|
| - DigestUpdate(&firmware_ctx, (uint8_t*) &image->firmware_version,
|
| - FIELD_LEN(firmware_version));
|
| - DigestUpdate(&firmware_ctx, (uint8_t*) &image->firmware_len,
|
| - FIELD_LEN(firmware_len));
|
| - DigestUpdate(&firmware_ctx, (uint8_t*) &image->kernel_subkey_sign_algorithm,
|
| - FIELD_LEN(kernel_subkey_sign_algorithm));
|
| - DigestUpdate(&firmware_ctx, (uint8_t*) image->kernel_subkey_sign_key,
|
| - RSAProcessedKeySize(image->kernel_subkey_sign_algorithm));
|
| - DigestUpdate(&firmware_ctx, (uint8_t*) &image->preamble,
|
| - FIELD_LEN(preamble));
|
| - DigestUpdate(&firmware_ctx, image->firmware_data, image->firmware_len);
|
| - firmware_digest = DigestFinal(&firmware_ctx);
|
| - if (!RSAVerify(firmware_sign_key, image->firmware_signature,
|
| - signature_size, image->firmware_sign_algorithm,
|
| - firmware_digest)) {
|
| - error_code = VERIFY_FIRMWARE_SIGNATURE_FAILED;
|
| - goto verify_failure;
|
| - }
|
| -
|
| -verify_failure:
|
| - RSAPublicKeyFree(firmware_sign_key);
|
| - Free(firmware_digest);
|
| - Free(preamble_digest);
|
| - Free(header_digest);
|
| - return error_code;
|
| -}
|
| -
|
| -const char* VerifyFirmwareErrorString(int error) {
|
| - return kVerifyFirmwareErrors[error];
|
| -}
|
| -
|
| -int AddFirmwareKeySignature(FirmwareImage* image, const char* root_key_file) {
|
| - uint8_t* header_blob = NULL;
|
| - uint8_t* signature;
|
| - if (!image || !root_key_file)
|
| - return 0;
|
| - header_blob = GetFirmwareHeaderBlob(image);
|
| - if (!header_blob)
|
| - return 0;
|
| - if (!(signature = SignatureBuf(header_blob,
|
| - GetFirmwareHeaderLen(image),
|
| - root_key_file,
|
| - ROOT_SIGNATURE_ALGORITHM))) {
|
| - Free(header_blob);
|
| - return 0;
|
| - }
|
| - Memcpy(image->firmware_key_signature, signature, RSA8192NUMBYTES);
|
| - Free(header_blob);
|
| - Free(signature);
|
| - return 1;
|
| -}
|
| -
|
| -int AddFirmwareSignature(FirmwareImage* image, const char* signing_key_file) {
|
| - uint8_t* preamble_blob = NULL;
|
| - uint8_t* preamble_signature = NULL;
|
| - uint8_t* firmware_signature = NULL;
|
| - uint8_t* firmware_buf = NULL;
|
| - int signature_len = siglen_map[image->firmware_sign_algorithm];
|
| - uint64_t preamble_len = GetFirmwarePreambleLen(
|
| - image->kernel_subkey_sign_algorithm);
|
| -
|
| - preamble_blob = GetFirmwarePreambleBlob(image);
|
| - if (!preamble_blob)
|
| - return 0;
|
| - if (!(preamble_signature = SignatureBuf(preamble_blob,
|
| - preamble_len,
|
| - signing_key_file,
|
| - image->firmware_sign_algorithm))) {
|
| - Free(preamble_blob);
|
| - return 0;
|
| - }
|
| - image->preamble_signature = (uint8_t*) Malloc(signature_len);
|
| - Memcpy(image->preamble_signature, preamble_signature, signature_len);
|
| - Free(preamble_signature);
|
| - /* Firmware signature must be calculated on preamble + firmware_data
|
| - * to avoid splicing attacks. */
|
| - firmware_buf = (uint8_t*) Malloc(preamble_len +
|
| - image->firmware_len);
|
| - Memcpy(firmware_buf, preamble_blob, preamble_len);
|
| - Memcpy(firmware_buf + preamble_len, image->firmware_data,
|
| - image->firmware_len);
|
| - if (!(firmware_signature = SignatureBuf(firmware_buf,
|
| - preamble_len +
|
| - image->firmware_len,
|
| - signing_key_file,
|
| - image->firmware_sign_algorithm))) {
|
| - Free(preamble_blob);
|
| - Free(firmware_buf);
|
| - return 0;
|
| - }
|
| - image->firmware_signature = (uint8_t*) Malloc(signature_len);
|
| - Memcpy(image->firmware_signature, firmware_signature, signature_len);
|
| - Free(firmware_signature);
|
| - Free(firmware_buf);
|
| - Free(preamble_blob);
|
| - return 1;
|
| -}
|
|
|
Chromium Code Reviews
Issue 2835006:
Remove old firmware verification code (Closed)
Base URL: ssh://gitrw.chromium.org/vboot_reference.git