OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Verified boot firmware utility | 5 * Verified boot firmware utility |
6 */ | 6 */ |
7 | 7 |
8 #include <getopt.h> | 8 #include <getopt.h> |
9 #include <inttypes.h> /* For PRIu64 */ | 9 #include <inttypes.h> /* For PRIu64 */ |
10 #include <stddef.h> | 10 #include <stddef.h> |
(...skipping 206 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
217 printf(" Flags: %" PRIu64 "\n", key_block->key_block_flags); | 217 printf(" Flags: %" PRIu64 "\n", key_block->key_block_flags); |
218 | 218 |
219 rsa = PublicKeyToRSA(&key_block->data_key); | 219 rsa = PublicKeyToRSA(&key_block->data_key); |
220 if (!rsa) { | 220 if (!rsa) { |
221 error("Error parsing data key.\n"); | 221 error("Error parsing data key.\n"); |
222 return 1; | 222 return 1; |
223 } | 223 } |
224 | 224 |
225 /* Verify preamble */ | 225 /* Verify preamble */ |
226 preamble = (VbFirmwarePreambleHeader*)(blob + now); | 226 preamble = (VbFirmwarePreambleHeader*)(blob + now); |
227 if (0 != VerifyFirmwarePreamble2(preamble, blob_size - now, rsa)) { | 227 if (0 != VerifyFirmwarePreamble(preamble, blob_size - now, rsa)) { |
228 error("Error verifying preamble.\n"); | 228 error("Error verifying preamble.\n"); |
229 return 1; | 229 return 1; |
230 } | 230 } |
231 now += preamble->preamble_size; | 231 now += preamble->preamble_size; |
232 | 232 |
233 printf("Preamble:\n"); | 233 printf("Preamble:\n"); |
234 printf(" Size: %" PRIu64 "\n", preamble->preamble_size); | 234 printf(" Size: %" PRIu64 "\n", preamble->preamble_size); |
235 printf(" Header version: %" PRIu32 ".%" PRIu32"\n", | 235 printf(" Header version: %" PRIu32 ".%" PRIu32"\n", |
236 preamble->header_version_major, preamble->header_version_minor); | 236 preamble->header_version_major, preamble->header_version_minor); |
237 printf(" Firmware version: %" PRIu64 "\n", preamble->firmware_version); | 237 printf(" Firmware version: %" PRIu64 "\n", preamble->firmware_version); |
238 printf(" Kernel key algorithm: %" PRIu64 " %s\n", | 238 printf(" Kernel key algorithm: %" PRIu64 " %s\n", |
239 preamble->kernel_subkey.algorithm, | 239 preamble->kernel_subkey.algorithm, |
240 (preamble->kernel_subkey.algorithm < kNumAlgorithms ? | 240 (preamble->kernel_subkey.algorithm < kNumAlgorithms ? |
241 algo_strings[preamble->kernel_subkey.algorithm] : "(invalid)")); | 241 algo_strings[preamble->kernel_subkey.algorithm] : "(invalid)")); |
242 printf(" Kernel key version: %" PRIu64 "\n", | 242 printf(" Kernel key version: %" PRIu64 "\n", |
243 preamble->kernel_subkey.key_version); | 243 preamble->kernel_subkey.key_version); |
244 printf(" Firmware body size: %" PRIu64 "\n", | 244 printf(" Firmware body size: %" PRIu64 "\n", |
245 preamble->body_signature.data_size); | 245 preamble->body_signature.data_size); |
246 | 246 |
247 /* TODO: verify body size same as signature size */ | 247 /* TODO: verify body size same as signature size */ |
248 | 248 |
249 /* Verify body */ | 249 /* Verify body */ |
250 if (0 != VerifyData(fv_data, &preamble->body_signature, rsa)) { | 250 if (0 != VerifyData(fv_data, fv_size, &preamble->body_signature, rsa)) { |
251 error("Error verifying firmware body.\n"); | 251 error("Error verifying firmware body.\n"); |
252 return 1; | 252 return 1; |
253 } | 253 } |
254 printf("Body verification succeeded.\n"); | 254 printf("Body verification succeeded.\n"); |
255 return 0; | 255 return 0; |
256 } | 256 } |
257 | 257 |
258 | 258 |
259 int main(int argc, char* argv[]) { | 259 int main(int argc, char* argv[]) { |
260 | 260 |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
321 case OPT_MODE_VBLOCK: | 321 case OPT_MODE_VBLOCK: |
322 return Vblock(filename, key_block_file, signprivate, version, fv_file, | 322 return Vblock(filename, key_block_file, signprivate, version, fv_file, |
323 kernelkey_file); | 323 kernelkey_file); |
324 case OPT_MODE_VERIFY: | 324 case OPT_MODE_VERIFY: |
325 return Verify(filename, signpubkey, fv_file); | 325 return Verify(filename, signpubkey, fv_file); |
326 default: | 326 default: |
327 printf("Must specify a mode.\n"); | 327 printf("Must specify a mode.\n"); |
328 return PrintHelp(); | 328 return PrintHelp(); |
329 } | 329 } |
330 } | 330 } |
OLD | NEW |