host/lib/file_keys.c - Issue 2871033: Switch to using .vbprivk for signing everything now.

Side by Side Diff: host/lib/file_keys.c

Issue 2871033: Switch to using .vbprivk for signing everything now. (Closed) Base URL: ssh://git@chromiumos-git//vboot_reference.git

Patch Set: Okay, now tests pass again. Created 10 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.	1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.

2 * Use of this source code is governed by a BSD-style license that can be	2 * Use of this source code is governed by a BSD-style license that can be

3 * found in the LICENSE file.	3 * found in the LICENSE file.

4 *	4 *

5 * Utility functions for file and key handling.	5 * Utility functions for file and key handling.

6 */	6 */

7	7

8 #include "file_keys.h"	8 #include "file_keys.h"

9	9

10 #include <fcntl.h>	10 #include <fcntl.h>

11 #include <stdio.h>	11 #include <stdio.h>

12 #include <stdlib.h>	12 #include <stdlib.h>

13 #include <string.h>	13 #include <string.h>

14 #include <sys/stat.h>	14 #include <sys/stat.h>

15 #include <sys/types.h>	15 #include <sys/types.h>

16 #include <unistd.h>	16 #include <unistd.h>

17	17

18 #include "cryptolib.h"	18 #include "cryptolib.h"

19 #include "signature_digest.h"	19 #include "signature_digest.h"

20 #include "utility.h"	20 #include "utility.h"

21	21

22 uint8_t* BufferFromFile(const char* input_file, uint64_t* len) {	22 uint8_t* BufferFromFile(const char* input_file, uint64_t* len) {

23 int fd;	23 int fd;

24 struct stat stat_fd;	24 struct stat stat_fd;

25 uint8_t* buf = NULL;	25 uint8_t* buf = NULL;

26	26

27 if ((fd = open(input_file, O_RDONLY)) == -1) {	27 if ((fd = open(input_file, O_RDONLY)) == -1) {

28 debug("Couldn't open file %s\n", input_file);	28 VBDEBUG(("Couldn't open file %s\n", input_file));

29 return NULL;	29 return NULL;

30 }	30 }

31	31

32 if (-1 == fstat(fd, &stat_fd)) {	32 if (-1 == fstat(fd, &stat_fd)) {

33 debug("Couldn't stat file %s\n", input_file);	33 VBDEBUG(("Couldn't stat file %s\n", input_file));

34 return NULL;	34 return NULL;

35 }	35 }

36 *len = stat_fd.st_size;	36 *len = stat_fd.st_size;

37	37

38 buf = (uint8_t) Malloc(len);	38 buf = (uint8_t) Malloc(len);

39 if (!buf) {	39 if (!buf) {

40 error("Couldn't allocate %ld bytes for file %s\n", *len, input_file);	40 error("Couldn't allocate %ld bytes for file %s\n", *len, input_file);

41 return NULL;	41 return NULL;

42 }	42 }

43	43

44 if (len != read(fd, buf, len)) {	44 if (len != read(fd, buf, len)) {

45 debug("Couldn't read file %s into a buffer\n", input_file);	45 VBDEBUG(("Couldn't read file %s into a buffer\n", input_file));

46 return NULL;	46 return NULL;

47 }	47 }

48	48

49 close(fd);	49 close(fd);

50 return buf;	50 return buf;

51 }	51 }

52	52

53 RSAPublicKey* RSAPublicKeyFromFile(const char* input_file) {	53 RSAPublicKey* RSAPublicKeyFromFile(const char* input_file) {

54 uint64_t len;	54 uint64_t len;

55 RSAPublicKey* key = NULL;	55 RSAPublicKey* key = NULL;

56 uint8_t* buf = BufferFromFile(input_file, &len);	56 uint8_t* buf = BufferFromFile(input_file, &len);

57 if (buf)	57 if (buf)

58 key = RSAPublicKeyFromBuf(buf, len);	58 key = RSAPublicKeyFromBuf(buf, len);

59 Free(buf);	59 Free(buf);

60 return key;	60 return key;

61 }	61 }

62	62

63 uint8_t* DigestFile(char* input_file, int sig_algorithm) {	63 uint8_t* DigestFile(char* input_file, int sig_algorithm) {

64 int input_fd, len;	64 int input_fd, len;

65 uint8_t data[SHA1_BLOCK_SIZE];	65 uint8_t data[SHA1_BLOCK_SIZE];

66 uint8_t* digest = NULL;	66 uint8_t* digest = NULL;

67 DigestContext ctx;	67 DigestContext ctx;

68	68

69 if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {	69 if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {

70 debug("Couldn't open %s\n", input_file);	70 VBDEBUG(("Couldn't open %s\n", input_file));

71 return NULL;	71 return NULL;

72 }	72 }

73 DigestInit(&ctx, sig_algorithm);	73 DigestInit(&ctx, sig_algorithm);

74 while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==	74 while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==

75 SHA1_BLOCK_SIZE)	75 SHA1_BLOCK_SIZE)

76 DigestUpdate(&ctx, data, len);	76 DigestUpdate(&ctx, data, len);

77 if (len != -1)	77 if (len != -1)

78 DigestUpdate(&ctx, data, len);	78 DigestUpdate(&ctx, data, len);

79 digest = DigestFinal(&ctx);	79 digest = DigestFinal(&ctx);

80 close(input_fd);	80 close(input_fd);

(...skipping 16 matching lines...) Expand all Loading...
97 2 + 1 + /* For [algorithm]. */	97 2 + 1 + /* For [algorithm]. */

98 strlen(key_file) + 1 + /* +1 for space. */	98 strlen(key_file) + 1 + /* +1 for space. */

99 strlen(input_file) +	99 strlen(input_file) +

100 1); /* For the trailing '\0'. */	100 1); /* For the trailing '\0'. */

101 cmd = (char*) Malloc(cmd_len);	101 cmd = (char*) Malloc(cmd_len);

102 snprintf(cmd, cmd_len, "%s %d %s %s", sign_utility, algorithm, key_file,	102 snprintf(cmd, cmd_len, "%s %d %s %s", sign_utility, algorithm, key_file,

103 input_file);	103 input_file);

104 cmd_out = popen(cmd, "r");	104 cmd_out = popen(cmd, "r");

105 Free(cmd);	105 Free(cmd);

106 if (!cmd_out) {	106 if (!cmd_out) {

107 debug("Couldn't execute: %s\n", cmd);	107 VBDEBUG(("Couldn't execute: %s\n", cmd));

108 return NULL;	108 return NULL;

109 }	109 }

110	110

111 signature = (uint8_t*) Malloc(signature_size);	111 signature = (uint8_t*) Malloc(signature_size);

112 if (fread(signature, signature_size, 1, cmd_out) != 1) {	112 if (fread(signature, signature_size, 1, cmd_out) != 1) {

113 debug("Couldn't read signature.\n");	113 VBDEBUG(("Couldn't read signature.\n"));

114 pclose(cmd_out);	114 pclose(cmd_out);

115 Free(signature);	115 Free(signature);

116 return NULL;	116 return NULL;

117 }	117 }

118	118

119 pclose(cmd_out);	119 pclose(cmd_out);

120 return signature;	120 return signature;

121 }	121 }

OLD	NEW

« no previous file with comments | « host/include/host_key.h ('k') | host/lib/host_key.c » ('j') | utility/vbutil_key.c » ('J')