OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * High-level firmware API for loading and verifying rewritable firmware. | 5 * High-level firmware API for loading and verifying rewritable firmware. |
6 * (Firmware portion) | 6 * (Firmware portion) |
7 */ | 7 */ |
8 | 8 |
9 #include "load_firmware_fw.h" | 9 #include "load_firmware_fw.h" |
10 #include "rollback_index.h" | 10 #include "rollback_index.h" |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
84 uint8_t* body_digest; | 84 uint8_t* body_digest; |
85 | 85 |
86 /* Verify the key block */ | 86 /* Verify the key block */ |
87 if (0 == index) { | 87 if (0 == index) { |
88 key_block = (VbKeyBlockHeader*)params->verification_block_0; | 88 key_block = (VbKeyBlockHeader*)params->verification_block_0; |
89 vblock_size = params->verification_size_0; | 89 vblock_size = params->verification_size_0; |
90 } else { | 90 } else { |
91 key_block = (VbKeyBlockHeader*)params->verification_block_1; | 91 key_block = (VbKeyBlockHeader*)params->verification_block_1; |
92 vblock_size = params->verification_size_1; | 92 vblock_size = params->verification_size_1; |
93 } | 93 } |
94 if ((0 != KeyBlockVerify(key_block, vblock_size, root_key))) { | 94 if ((0 != KeyBlockVerify(key_block, vblock_size, root_key, 0))) { |
95 VBDEBUG(("Key block verification failed.\n")); | 95 VBDEBUG(("Key block verification failed.\n")); |
96 continue; | 96 continue; |
97 } | 97 } |
98 | 98 |
99 /* Check for rollback of key version. */ | 99 /* Check for rollback of key version. */ |
100 key_version = key_block->data_key.key_version; | 100 key_version = key_block->data_key.key_version; |
101 if (key_version < (tpm_version >> 16)) { | 101 if (key_version < (tpm_version >> 16)) { |
102 VBDEBUG(("Key rollback detected.\n")); | 102 VBDEBUG(("Key rollback detected.\n")); |
103 continue; | 103 continue; |
104 } | 104 } |
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
228 | 228 |
229 /* Success */ | 229 /* Success */ |
230 VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index)); | 230 VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index)); |
231 return LOAD_FIRMWARE_SUCCESS; | 231 return LOAD_FIRMWARE_SUCCESS; |
232 } | 232 } |
233 | 233 |
234 /* If we're still here, no good firmware, so go to recovery mode. */ | 234 /* If we're still here, no good firmware, so go to recovery mode. */ |
235 VBDEBUG(("Alas, no good firmware.\n")); | 235 VBDEBUG(("Alas, no good firmware.\n")); |
236 return LOAD_FIRMWARE_RECOVERY; | 236 return LOAD_FIRMWARE_RECOVERY; |
237 } | 237 } |
OLD | NEW |