| Index: utility/vbutil_keyblock.c
|
| diff --git a/utility/vbutil_keyblock.c b/utility/vbutil_keyblock.c
|
| index dbdcbd3fb6bb56b382c47cdb25b181c074aedd70..7c3f027957ec984f7826e4afb9785c99097b4692 100644
|
| --- a/utility/vbutil_keyblock.c
|
| +++ b/utility/vbutil_keyblock.c
|
| @@ -9,6 +9,7 @@
|
| #include <inttypes.h> /* For PRIu64 */
|
| #include <stdio.h>
|
| #include <stdlib.h>
|
| +#include <string.h>
|
|
|
| #include "cryptolib.h"
|
| #include "host_common.h"
|
| @@ -22,7 +23,6 @@ enum {
|
| OPT_DATAPUBKEY,
|
| OPT_SIGNPUBKEY,
|
| OPT_SIGNPRIVATE,
|
| - OPT_ALGORITHM,
|
| OPT_FLAGS,
|
| };
|
|
|
| @@ -32,45 +32,38 @@ static struct option long_opts[] = {
|
| {"datapubkey", 1, 0, OPT_DATAPUBKEY },
|
| {"signpubkey", 1, 0, OPT_SIGNPUBKEY },
|
| {"signprivate", 1, 0, OPT_SIGNPRIVATE },
|
| - {"algorithm", 1, 0, OPT_ALGORITHM },
|
| {"flags", 1, 0, OPT_FLAGS },
|
| {NULL, 0, 0, 0}
|
| };
|
|
|
|
|
| /* Print help and return error */
|
| -static int PrintHelp(void) {
|
| - int i;
|
| -
|
| - puts("vbutil_keyblock - Verified boot key block utility\n"
|
| - "\n"
|
| - "Usage: vbutil_keyblock <--pack|--unpack> <file> [OPTIONS]\n"
|
| - "\n"
|
| - "For '--pack <file>', required OPTIONS are:\n"
|
| - " --datapubkey <file> Data public key in .vbpubk format\n"
|
| - " --signprivate <file> Signing private key in .pem format\n"
|
| - " --algorithm <algoid> Signing algorithm for key, one of:");
|
| -
|
| - for (i = 0; i < kNumAlgorithms; i++)
|
| - printf(" %d (%s)\n", i, algo_strings[i]);
|
| -
|
| - puts("\n"
|
| - "Optional OPTIONS are:\n"
|
| - " --flags <number> Flags\n"
|
| - "\n"
|
| - "For '--unpack <file>', required OPTIONS are:\n"
|
| - " --signpubkey <file> Signing public key in .vbpubk format\n"
|
| - "Optional OPTIONS are:\n"
|
| - " --datapubkey <file> Data public key output file\n"
|
| - "");
|
| +static int PrintHelp(char *progname) {
|
| + fprintf(stderr,
|
| + "Verified boot key block utility\n"
|
| + "\n"
|
| + "Usage: %s <--pack|--unpack> <file> [OPTIONS]\n"
|
| + "\n"
|
| + "For '--pack <file>', required OPTIONS are:\n"
|
| + " --datapubkey <file> Data public key in .vbpubk format\n"
|
| + " --signprivate <file>"
|
| + " Signing private key in .vbprivk format\n"
|
| + "\n"
|
| + "Optional OPTIONS are:\n"
|
| + " --flags <number> Flags\n"
|
| + "\n"
|
| + "For '--unpack <file>', required OPTIONS are:\n"
|
| + " --signpubkey <file> Signing public key in .vbpubk format\n"
|
| + "Optional OPTIONS are:\n"
|
| + " --datapubkey <file> Data public key output file\n",
|
| + progname);
|
| return 1;
|
| }
|
|
|
|
|
| /* Pack a .keyblock */
|
| static int Pack(const char* outfile, const char* datapubkey,
|
| - const char* signprivate, uint64_t algorithm,
|
| - uint64_t flags) {
|
| + const char* signprivate, uint64_t flags) {
|
| VbPublicKey* data_key;
|
| VbPrivateKey* signing_key;
|
| VbKeyBlockHeader* block;
|
| @@ -83,17 +76,13 @@ static int Pack(const char* outfile, const char* datapubkey,
|
| fprintf(stderr, "vbutil_keyblock: Must specify all keys\n");
|
| return 1;
|
| }
|
| - if (algorithm >= kNumAlgorithms) {
|
| - fprintf(stderr, "Invalid algorithm\n");
|
| - return 1;
|
| - }
|
|
|
| data_key = PublicKeyRead(datapubkey);
|
| if (!data_key) {
|
| fprintf(stderr, "vbutil_keyblock: Error reading data key.\n");
|
| return 1;
|
| }
|
| - signing_key = PrivateKeyReadPem(signprivate, algorithm);
|
| + signing_key = PrivateKeyRead(signprivate);
|
| if (!signing_key) {
|
| fprintf(stderr, "vbutil_keyblock: Error reading signing key.\n");
|
| return 1;
|
| @@ -168,12 +157,17 @@ int main(int argc, char* argv[]) {
|
| char* signpubkey = NULL;
|
| char* signprivate = NULL;
|
| uint64_t flags = 0;
|
| - uint64_t algorithm = kNumAlgorithms;
|
| int mode = 0;
|
| int parse_error = 0;
|
| char* e;
|
| int i;
|
|
|
| + char *progname = strrchr(argv[0], '/');
|
| + if (progname)
|
| + progname++;
|
| + else
|
| + progname = argv[0];
|
| +
|
| while ((i = getopt_long(argc, argv, "", long_opts, NULL)) != -1) {
|
| switch (i) {
|
| case '?':
|
| @@ -200,14 +194,6 @@ int main(int argc, char* argv[]) {
|
| signprivate = optarg;
|
| break;
|
|
|
| - case OPT_ALGORITHM:
|
| - algorithm = strtoul(optarg, &e, 0);
|
| - if (!*optarg || (e && *e)) {
|
| - printf("Invalid --algorithm\n");
|
| - parse_error = 1;
|
| - }
|
| - break;
|
| -
|
| case OPT_FLAGS:
|
| flags = strtoul(optarg, &e, 0);
|
| if (!*optarg || (e && *e)) {
|
| @@ -219,15 +205,15 @@ int main(int argc, char* argv[]) {
|
| }
|
|
|
| if (parse_error)
|
| - return PrintHelp();
|
| + return PrintHelp(progname);
|
|
|
| switch(mode) {
|
| case OPT_MODE_PACK:
|
| - return Pack(filename, datapubkey, signprivate, algorithm, flags);
|
| + return Pack(filename, datapubkey, signprivate, flags);
|
| case OPT_MODE_UNPACK:
|
| return Unpack(filename, datapubkey, signpubkey);
|
| default:
|
| printf("Must specify a mode.\n");
|
| - return PrintHelp();
|
| + return PrintHelp(progname);
|
| }
|
| }
|
|
|
Chromium Code Reviews
Issue 2871033:
Switch to using .vbprivk for signing everything now. (Closed)
Base URL: ssh://git@chromiumos-git//vboot_reference.git