| OLD | NEW |
|---|
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 * | 4 * |
| 5 * Functions for verifying a verified boot firmware image. | 5 * Functions for verifying a verified boot firmware image. |
| 6 * (Firmware Portion) | 6 * (Firmware Portion) |
| 7 */ | 7 */ |
| 8 | 8 |
| 9 #include "firmware_image_fw.h" | 9 #include "firmware_image_fw.h" |
| 10 | 10 |
| (...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 104 uint64_t len; | 104 uint64_t len; |
| 105 int preamble_len; | 105 int preamble_len; |
| 106 uint16_t firmware_version; | 106 uint16_t firmware_version; |
| 107 uint16_t kernel_subkey_sign_algorithm; | 107 uint16_t kernel_subkey_sign_algorithm; |
| 108 | 108 |
| 109 Memcpy(&firmware_version, preamble_blob, sizeof(firmware_version)); | 109 Memcpy(&firmware_version, preamble_blob, sizeof(firmware_version)); |
| 110 Memcpy(&kernel_subkey_sign_algorithm, | 110 Memcpy(&kernel_subkey_sign_algorithm, |
| 111 preamble_blob + (FIELD_LEN(firmware_version) + | 111 preamble_blob + (FIELD_LEN(firmware_version) + |
| 112 FIELD_LEN(firmware_len)), | 112 FIELD_LEN(firmware_len)), |
| 113 FIELD_LEN(kernel_subkey_sign_algorithm)); | 113 FIELD_LEN(kernel_subkey_sign_algorithm)); |
| 114 |
| 115 if (kernel_subkey_sign_algorithm >= kNumAlgorithms) |
| 116 return VERIFY_FIRMWARE_INVALID_ALGORITHM; |
| 117 |
| 114 preamble_len = GetFirmwarePreambleLen(kernel_subkey_sign_algorithm); | 118 preamble_len = GetFirmwarePreambleLen(kernel_subkey_sign_algorithm); |
| 115 if (!RSAVerifyBinary_f(NULL, firmware_sign_key, /* Key to use */ | 119 if (!RSAVerifyBinary_f(NULL, firmware_sign_key, /* Key to use */ |
| 116 preamble_blob, /* Data to verify */ | 120 preamble_blob, /* Data to verify */ |
| 117 preamble_len, /* Length of data */ | 121 preamble_len, /* Length of data */ |
| 118 preamble_blob + preamble_len, /* Expected Signature */ | 122 preamble_blob + preamble_len, /* Expected Signature */ |
| 119 firmware_sign_algorithm)) | 123 firmware_sign_algorithm)) |
| 120 return VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED; | 124 return VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED; |
| 121 | 125 |
| 122 Memcpy(&len, preamble_blob + FIELD_LEN(firmware_version), | 126 Memcpy(&len, preamble_blob + FIELD_LEN(firmware_version), |
| 123 sizeof(len)); | 127 sizeof(len)); |
| 124 *firmware_len = len; | 128 *firmware_len = len; |
| 125 return 0; | 129 return 0; |
| 126 } | 130 } |
| 127 | 131 |
| 128 int VerifyFirmwareData(RSAPublicKey* firmware_sign_key, | 132 int VerifyFirmwareData(RSAPublicKey* firmware_sign_key, |
| 129 const uint8_t* preamble_start, | 133 const uint8_t* preamble_start, |
| 130 const uint8_t* firmware_data, | 134 const uint8_t* firmware_data, |
| 131 uint64_t firmware_len, | 135 uint64_t firmware_len, |
| 132 int firmware_sign_algorithm) { | 136 int firmware_sign_algorithm) { |
| 133 int signature_len = siglen_map[firmware_sign_algorithm]; | 137 int signature_len = siglen_map[firmware_sign_algorithm]; |
| 134 int preamble_len; | 138 int preamble_len; |
| 135 uint16_t kernel_subkey_sign_algorithm; | 139 uint16_t kernel_subkey_sign_algorithm; |
| 136 uint8_t* digest = NULL; | 140 uint8_t* digest = NULL; |
| 137 const uint8_t* firmware_signature = NULL; | 141 const uint8_t* firmware_signature = NULL; |
| 138 DigestContext ctx; | 142 DigestContext ctx; |
| 139 Memcpy(&kernel_subkey_sign_algorithm, | 143 Memcpy(&kernel_subkey_sign_algorithm, |
| 140 preamble_start + (FIELD_LEN(firmware_version) + | 144 preamble_start + (FIELD_LEN(firmware_version) + |
| 141 FIELD_LEN(firmware_len)), | 145 FIELD_LEN(firmware_len)), |
| 142 FIELD_LEN(kernel_subkey_sign_algorithm)); | 146 FIELD_LEN(kernel_subkey_sign_algorithm)); |
| 147 |
| 148 if (kernel_subkey_sign_algorithm >= kNumAlgorithms) |
| 149 return VERIFY_FIRMWARE_INVALID_ALGORITHM; |
| 150 |
| 143 preamble_len = GetFirmwarePreambleLen(kernel_subkey_sign_algorithm); | 151 preamble_len = GetFirmwarePreambleLen(kernel_subkey_sign_algorithm); |
| 144 | 152 |
| 145 | |
| 146 /* Since the firmware signature is over the preamble and the firmware data, | 153 /* Since the firmware signature is over the preamble and the firmware data, |
| 147 * which does not form a contiguous region of memory, we calculate the | 154 * which does not form a contiguous region of memory, we calculate the |
| 148 * message digest ourselves. */ | 155 * message digest ourselves. */ |
| 149 DigestInit(&ctx, firmware_sign_algorithm); | 156 DigestInit(&ctx, firmware_sign_algorithm); |
| 150 DigestUpdate(&ctx, preamble_start, preamble_len); | 157 DigestUpdate(&ctx, preamble_start, preamble_len); |
| 151 DigestUpdate(&ctx, firmware_data, firmware_len); | 158 DigestUpdate(&ctx, firmware_data, firmware_len); |
| 152 digest = DigestFinal(&ctx); | 159 digest = DigestFinal(&ctx); |
| 153 /* Firmware signature is at the end of preamble and preamble signature. */ | 160 /* Firmware signature is at the end of preamble and preamble signature. */ |
| 154 firmware_signature = preamble_start + preamble_len + signature_len; | 161 firmware_signature = preamble_start + preamble_len + signature_len; |
| 155 if (!RSAVerifyBinaryWithDigest_f( | 162 if (!RSAVerifyBinaryWithDigest_f( |
| (...skipping 183 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 339 */ | 346 */ |
| 340 if (stored_lversion <= firmwareB_lversion && | 347 if (stored_lversion <= firmwareB_lversion && |
| 341 (VERIFY_FIRMWARE_SUCCESS == VerifyFirmware(root_key_blob, | 348 (VERIFY_FIRMWARE_SUCCESS == VerifyFirmware(root_key_blob, |
| 342 verification_headerB, | 349 verification_headerB, |
| 343 firmwareB))) | 350 firmwareB))) |
| 344 return BOOT_FIRMWARE_B_CONTINUE; | 351 return BOOT_FIRMWARE_B_CONTINUE; |
| 345 } | 352 } |
| 346 /* D'oh: No bootable firmware. */ | 353 /* D'oh: No bootable firmware. */ |
| 347 return BOOT_FIRMWARE_RECOVERY_CONTINUE; | 354 return BOOT_FIRMWARE_RECOVERY_CONTINUE; |
| 348 } | 355 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2837002:
Fixed VerifyFirmwarePreamble to check for a valid signing algorithm (Closed)
Base URL: http://src.chromium.org/git/vboot_reference.git