Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(178)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: host/lib/signature_digest.c

Issue 2871033: Switch to using .vbprivk for signing everything now. (Closed) Base URL: ssh://git@chromiumos-git//vboot_reference.git
Patch Set: Okay, now tests pass again. Created 10 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « host/lib/host_signature.c ('k') | tests/big_firmware_tests.c » ('j') | utility/vbutil_key.c » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be 2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file. 3 * found in the LICENSE file.
4 */ 4 */
5 5
6 #include "signature_digest.h" 6 #include "signature_digest.h"
7 #define OPENSSL_NO_SHA 7 #define OPENSSL_NO_SHA
8 #include <openssl/engine.h> 8 #include <openssl/engine.h>
9 #include <openssl/pem.h> 9 #include <openssl/pem.h>
10 #include <openssl/rsa.h> 10 #include <openssl/rsa.h>
(...skipping 13 matching lines...) Expand all
24 Memcpy(p, digestinfo, digestinfo_size); 24 Memcpy(p, digestinfo, digestinfo_size);
25 Memcpy(p + digestinfo_size, digest, digest_size); 25 Memcpy(p + digestinfo_size, digest, digest_size);
26 return p; 26 return p;
27 } 27 }
28 28
29 uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len, int algorithm) { 29 uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len, int algorithm) {
30 uint8_t* info_digest = NULL; 30 uint8_t* info_digest = NULL;
31 uint8_t* digest = NULL; 31 uint8_t* digest = NULL;
32 32
33 if (algorithm >= kNumAlgorithms) { 33 if (algorithm >= kNumAlgorithms) {
34 debug("SignatureDigest() called with invalid algorithm!\n"); 34 VBDEBUG(("SignatureDigest() called with invalid algorithm!\n"));
35 } else if ((digest = DigestBuf(buf, len, algorithm))) { 35 } else if ((digest = DigestBuf(buf, len, algorithm))) {
36 info_digest = PrependDigestInfo(algorithm, digest); 36 info_digest = PrependDigestInfo(algorithm, digest);
37 } 37 }
38 Free(digest); 38 Free(digest);
39 return info_digest; 39 return info_digest;
40 } 40 }
41 41
42 uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file, 42 uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file,
43 int algorithm) { 43 int algorithm) {
44 FILE* key_fp = NULL; 44 FILE* key_fp = NULL;
45 RSA* key = NULL; 45 RSA* key = NULL;
46 uint8_t* signature = NULL; 46 uint8_t* signature = NULL;
47 uint8_t* signature_digest = SignatureDigest(buf, len, algorithm); 47 uint8_t* signature_digest = SignatureDigest(buf, len, algorithm);
48 int signature_digest_len = (hash_size_map[algorithm] + 48 int signature_digest_len = (hash_size_map[algorithm] +
49 digestinfo_size_map[algorithm]); 49 digestinfo_size_map[algorithm]);
50 key_fp = fopen(key_file, "r"); 50 key_fp = fopen(key_file, "r");
51 if (!key_fp) { 51 if (!key_fp) {
52 debug("SignatureBuf(): Couldn't open key file: %s\n", key_file); 52 VBDEBUG(("SignatureBuf(): Couldn't open key file: %s\n", key_file));
53 Free(signature_digest); 53 Free(signature_digest);
54 return NULL; 54 return NULL;
55 } 55 }
56 if ((key = PEM_read_RSAPrivateKey(key_fp, NULL, NULL, NULL))) 56 if ((key = PEM_read_RSAPrivateKey(key_fp, NULL, NULL, NULL)))
57 signature = (uint8_t*) Malloc(siglen_map[algorithm]); 57 signature = (uint8_t*) Malloc(siglen_map[algorithm]);
58 else 58 else
59 debug("SignatureBuf(): Couldn't read private key from file: %s\n", 59 VBDEBUG(("SignatureBuf(): Couldn't read private key from file: %s\n",
60 key_file); 60 key_file));
61 if (signature) { 61 if (signature) {
62 if (-1 == RSA_private_encrypt(signature_digest_len, /* Input length. */ 62 if (-1 == RSA_private_encrypt(signature_digest_len, /* Input length. */
63 signature_digest, /* Input data. */ 63 signature_digest, /* Input data. */
64 signature, /* Output signature. */ 64 signature, /* Output signature. */
65 key, /* Key to use. */ 65 key, /* Key to use. */
66 RSA_PKCS1_PADDING)) /* Padding to use. */ 66 RSA_PKCS1_PADDING)) /* Padding to use. */
67 debug("SignatureBuf(): RSA_private_encrypt() failed.\n"); 67 VBDEBUG(("SignatureBuf(): RSA_private_encrypt() failed.\n"));
68 } 68 }
69 fclose(key_fp); 69 fclose(key_fp);
70 if (key) 70 if (key)
71 RSA_free(key); 71 RSA_free(key);
72 Free(signature_digest); 72 Free(signature_digest);
73 return signature; 73 return signature;
74 } 74 }
OLDNEW
« no previous file with comments | « host/lib/host_signature.c ('k') | tests/big_firmware_tests.c » ('j') | utility/vbutil_key.c » ('J')

Powered by Google App Engine
This is Rietveld 408576698