Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(346)

Side by Side Diff: firmware/lib/vboot_common.c

Issue 3136017: Add additional sanity checks to RSA verification code. (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/vboot_reference.git
Patch Set: Created 10 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « firmware/lib/cryptolib/rsa_utility.c ('k') | firmware/version.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be 2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file. 3 * found in the LICENSE file.
4 * 4 *
5 * Common functions between firmware and kernel verified boot. 5 * Common functions between firmware and kernel verified boot.
6 * (Firmware portion) 6 * (Firmware portion)
7 */ 7 */
8 8
9 9
10 #include "vboot_common.h" 10 #include "vboot_common.h"
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after
100 dest->key_size = src->key_size; 100 dest->key_size = src->key_size;
101 dest->algorithm = src->algorithm; 101 dest->algorithm = src->algorithm;
102 dest->key_version = src->key_version; 102 dest->key_version = src->key_version;
103 Memcpy(GetPublicKeyData(dest), GetPublicKeyDataC(src), src->key_size); 103 Memcpy(GetPublicKeyData(dest), GetPublicKeyDataC(src), src->key_size);
104 return 0; 104 return 0;
105 } 105 }
106 106
107 107
108 RSAPublicKey* PublicKeyToRSA(const VbPublicKey* key) { 108 RSAPublicKey* PublicKeyToRSA(const VbPublicKey* key) {
109 RSAPublicKey *rsa; 109 RSAPublicKey *rsa;
110 int key_size;
110 111
111 if (kNumAlgorithms <= key->algorithm) { 112 if (kNumAlgorithms <= key->algorithm) {
112 VBDEBUG(("Invalid algorithm.\n")); 113 VBDEBUG(("Invalid algorithm.\n"));
113 return NULL; 114 return NULL;
114 } 115 }
115 if (RSAProcessedKeySize((int)key->algorithm) != (int)key->key_size) { 116 if (!RSAProcessedKeySize((int)key->algorithm, &key_size) ||
117 key_size != (int)key->key_size) {
116 VBDEBUG(("Wrong key size for algorithm\n")); 118 VBDEBUG(("Wrong key size for algorithm\n"));
117 return NULL; 119 return NULL;
118 } 120 }
119 121
120 rsa = RSAPublicKeyFromBuf(GetPublicKeyDataC(key), (int)key->key_size); 122 rsa = RSAPublicKeyFromBuf(GetPublicKeyDataC(key), (int)key->key_size);
121 if (!rsa) 123 if (!rsa)
122 return NULL; 124 return NULL;
123 125
124 rsa->algorithm = (int)key->algorithm; 126 rsa->algorithm = (int)key->algorithm;
125 return rsa; 127 return rsa;
(...skipping 231 matching lines...) Expand 10 before | Expand all | Expand 10 after
357 /* Verify body signature is inside the block */ 359 /* Verify body signature is inside the block */
358 if (VerifySignatureInside(preamble, preamble->preamble_size, 360 if (VerifySignatureInside(preamble, preamble->preamble_size,
359 &preamble->body_signature)) { 361 &preamble->body_signature)) {
360 VBDEBUG(("Kernel body signature off end of preamble\n")); 362 VBDEBUG(("Kernel body signature off end of preamble\n"));
361 return VBOOT_PREAMBLE_INVALID; 363 return VBOOT_PREAMBLE_INVALID;
362 } 364 }
363 365
364 /* Success */ 366 /* Success */
365 return VBOOT_SUCCESS; 367 return VBOOT_SUCCESS;
366 } 368 }
OLDNEW
« no previous file with comments | « firmware/lib/cryptolib/rsa_utility.c ('k') | firmware/version.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698