Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(180)

Side by Side Diff: host/lib/file_keys.c

Issue 3136017: Add additional sanity checks to RSA verification code. (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/vboot_reference.git
Patch Set: Created 10 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « host/include/signature_digest.h ('k') | host/lib/host_key.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be 2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file. 3 * found in the LICENSE file.
4 * 4 *
5 * Utility functions for file and key handling. 5 * Utility functions for file and key handling.
6 */ 6 */
7 7
8 #include "file_keys.h" 8 #include "file_keys.h"
9 9
10 #include <fcntl.h> 10 #include <fcntl.h>
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
75 SHA1_BLOCK_SIZE) 75 SHA1_BLOCK_SIZE)
76 DigestUpdate(&ctx, data, len); 76 DigestUpdate(&ctx, data, len);
77 if (len != -1) 77 if (len != -1)
78 DigestUpdate(&ctx, data, len); 78 DigestUpdate(&ctx, data, len);
79 digest = DigestFinal(&ctx); 79 digest = DigestFinal(&ctx);
80 close(input_fd); 80 close(input_fd);
81 return digest; 81 return digest;
82 } 82 }
83 83
84 uint8_t* SignatureFile(const char* input_file, const char* key_file, 84 uint8_t* SignatureFile(const char* input_file, const char* key_file,
85 int algorithm) { 85 unsigned int algorithm) {
86 char* sign_utility = "./sign_data.sh"; 86 char* sign_utility = "./sign_data.sh";
87 char* cmd; /* Command line to invoke. */ 87 char* cmd; /* Command line to invoke. */
88 int cmd_len; 88 int cmd_len;
89 FILE* cmd_out; /* File descriptor to command output. */ 89 FILE* cmd_out; /* File descriptor to command output. */
90 uint8_t* signature = NULL; 90 uint8_t* signature = NULL;
91 int signature_size = siglen_map[algorithm]; 91 int signature_size = siglen_map[algorithm];
92 92
93 /* Build command line: 93 /* Build command line:
94 * sign_data.sh <algorithm> <key file> <input file> 94 * sign_data.sh <algorithm> <key file> <input file>
95 */ 95 */
96 cmd_len = (strlen(sign_utility) + 1 + /* +1 for space. */ 96 cmd_len = (strlen(sign_utility) + 1 + /* +1 for space. */
97 2 + 1 + /* For [algorithm]. */ 97 2 + 1 + /* For [algorithm]. */
98 strlen(key_file) + 1 + /* +1 for space. */ 98 strlen(key_file) + 1 + /* +1 for space. */
99 strlen(input_file) + 99 strlen(input_file) +
100 1); /* For the trailing '\0'. */ 100 1); /* For the trailing '\0'. */
101 cmd = (char*) Malloc(cmd_len); 101 cmd = (char*) Malloc(cmd_len);
102 snprintf(cmd, cmd_len, "%s %d %s %s", sign_utility, algorithm, key_file, 102 snprintf(cmd, cmd_len, "%s %u %s %s", sign_utility, algorithm, key_file,
103 input_file); 103 input_file);
104 cmd_out = popen(cmd, "r"); 104 cmd_out = popen(cmd, "r");
105 Free(cmd); 105 Free(cmd);
106 if (!cmd_out) { 106 if (!cmd_out) {
107 VBDEBUG(("Couldn't execute: %s\n", cmd)); 107 VBDEBUG(("Couldn't execute: %s\n", cmd));
108 return NULL; 108 return NULL;
109 } 109 }
110 110
111 signature = (uint8_t*) Malloc(signature_size); 111 signature = (uint8_t*) Malloc(signature_size);
112 if (fread(signature, signature_size, 1, cmd_out) != 1) { 112 if (fread(signature, signature_size, 1, cmd_out) != 1) {
113 VBDEBUG(("Couldn't read signature.\n")); 113 VBDEBUG(("Couldn't read signature.\n"));
114 pclose(cmd_out); 114 pclose(cmd_out);
115 Free(signature); 115 Free(signature);
116 return NULL; 116 return NULL;
117 } 117 }
118 118
119 pclose(cmd_out); 119 pclose(cmd_out);
120 return signature; 120 return signature;
121 } 121 }
OLDNEW
« no previous file with comments | « host/include/signature_digest.h ('k') | host/lib/host_key.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698