OLD | NEW |
---|---|
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Common functions between firmware and kernel verified boot. | 5 * Common functions between firmware and kernel verified boot. |
6 * (Firmware portion) | 6 * (Firmware portion) |
7 */ | 7 */ |
8 | 8 |
9 | 9 |
10 #include "vboot_common.h" | 10 #include "vboot_common.h" |
(...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
105 } | 105 } |
106 | 106 |
107 | 107 |
108 RSAPublicKey* PublicKeyToRSA(const VbPublicKey* key) { | 108 RSAPublicKey* PublicKeyToRSA(const VbPublicKey* key) { |
109 RSAPublicKey *rsa; | 109 RSAPublicKey *rsa; |
110 | 110 |
111 if (kNumAlgorithms <= key->algorithm) { | 111 if (kNumAlgorithms <= key->algorithm) { |
112 debug("Invalid algorithm.\n"); | 112 debug("Invalid algorithm.\n"); |
113 return NULL; | 113 return NULL; |
114 } | 114 } |
115 if (RSAProcessedKeySize(key->algorithm) != key->key_size) { | 115 if (RSAProcessedKeySize((int)key->algorithm) != (int)key->key_size) { |
gauravsh
2010/06/21 23:32:48
so what is the data type for algorithm? I saw uint
| |
116 debug("Wrong key size for algorithm\n"); | 116 debug("Wrong key size for algorithm\n"); |
117 return NULL; | 117 return NULL; |
118 } | 118 } |
119 | 119 |
120 rsa = RSAPublicKeyFromBuf(GetPublicKeyDataC(key), key->key_size); | 120 rsa = RSAPublicKeyFromBuf(GetPublicKeyDataC(key), (int)key->key_size); |
121 if (!rsa) | 121 if (!rsa) |
122 return NULL; | 122 return NULL; |
123 | 123 |
124 rsa->algorithm = key->algorithm; | 124 rsa->algorithm = (int)key->algorithm; |
125 return rsa; | 125 return rsa; |
126 } | 126 } |
127 | 127 |
128 | 128 |
129 int VerifyData(const uint8_t* data, const VbSignature *sig, | 129 int VerifyData(const uint8_t* data, const VbSignature *sig, |
130 const RSAPublicKey* key) { | 130 const RSAPublicKey* key) { |
131 | 131 |
132 if (sig->sig_size != siglen_map[key->algorithm]) { | 132 if (sig->sig_size != siglen_map[key->algorithm]) { |
133 debug("Wrong signature size for algorithm.\n"); | 133 debug("Wrong signature size for algorithm.\n"); |
134 return 1; | 134 return 1; |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
183 RSAPublicKey* rsa; | 183 RSAPublicKey* rsa; |
184 int rv; | 184 int rv; |
185 | 185 |
186 sig = &block->key_block_signature; | 186 sig = &block->key_block_signature; |
187 | 187 |
188 if (VerifySignatureInside(block, block->key_block_size, sig)) { | 188 if (VerifySignatureInside(block, block->key_block_size, sig)) { |
189 debug("Key block signature off end of block\n"); | 189 debug("Key block signature off end of block\n"); |
190 return VBOOT_KEY_BLOCK_INVALID; | 190 return VBOOT_KEY_BLOCK_INVALID; |
191 } | 191 } |
192 | 192 |
193 if (!((rsa = PublicKeyToRSA(key)))) { | 193 rsa = PublicKeyToRSA(key); |
194 if (!rsa) { | |
194 debug("Invalid public key\n"); | 195 debug("Invalid public key\n"); |
195 return VBOOT_PUBLIC_KEY_INVALID; | 196 return VBOOT_PUBLIC_KEY_INVALID; |
196 } | 197 } |
197 rv = VerifyData((const uint8_t*)block, sig, rsa); | 198 rv = VerifyData((const uint8_t*)block, sig, rsa); |
198 RSAPublicKeyFree(rsa); | 199 RSAPublicKeyFree(rsa); |
199 if (rv) | 200 if (rv) |
200 return VBOOT_KEY_BLOCK_SIGNATURE; | 201 return VBOOT_KEY_BLOCK_SIGNATURE; |
201 | 202 |
202 } else { | 203 } else { |
203 /* Check hash */ | 204 /* Check hash */ |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
332 /* Verify body signature is inside the block */ | 333 /* Verify body signature is inside the block */ |
333 if (VerifySignatureInside(preamble, preamble->preamble_size, | 334 if (VerifySignatureInside(preamble, preamble->preamble_size, |
334 &preamble->body_signature)) { | 335 &preamble->body_signature)) { |
335 debug("Kernel body signature off end of preamble\n"); | 336 debug("Kernel body signature off end of preamble\n"); |
336 return VBOOT_PREAMBLE_INVALID; | 337 return VBOOT_PREAMBLE_INVALID; |
337 } | 338 } |
338 | 339 |
339 /* Success */ | 340 /* Success */ |
340 return VBOOT_SUCCESS; | 341 return VBOOT_SUCCESS; |
341 } | 342 } |
OLD | NEW |