OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Host functions for verified boot. | 5 * Host functions for verified boot. |
6 */ | 6 */ |
7 | 7 |
8 #include "host_keyblock.h" | 8 #include "host_keyblock.h" |
9 | 9 |
10 #include "cryptolib.h" | 10 #include "cryptolib.h" |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
63 if (signing_key) { | 63 if (signing_key) { |
64 sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key); | 64 sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key); |
65 SignatureCopy(&h->key_block_signature, sigtmp); | 65 SignatureCopy(&h->key_block_signature, sigtmp); |
66 Free(sigtmp); | 66 Free(sigtmp); |
67 } | 67 } |
68 | 68 |
69 /* Return the header */ | 69 /* Return the header */ |
70 return h; | 70 return h; |
71 } | 71 } |
72 | 72 |
| 73 /* TODO(gauravsh): This could easily be integrated into KeyBlockCreate() |
| 74 * since the code is almost a mirror - I have kept it as such to avoid changing |
| 75 * the existing interface. */ |
| 76 VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key, |
| 77 const char* signing_key_pem_file, |
| 78 uint64_t algorithm, |
| 79 uint64_t flags, |
| 80 const char* external_signer) { |
| 81 VbKeyBlockHeader* h; |
| 82 uint64_t signed_size = sizeof(VbKeyBlockHeader) + data_key->key_size; |
| 83 uint64_t block_size = (signed_size + SHA512_DIGEST_SIZE + |
| 84 siglen_map[algorithm]); |
| 85 uint8_t* data_key_dest; |
| 86 uint8_t* block_sig_dest; |
| 87 uint8_t* block_chk_dest; |
| 88 VbSignature *sigtmp; |
| 89 |
| 90 /* Allocate key block */ |
| 91 h = (VbKeyBlockHeader*)Malloc(block_size); |
| 92 if (!h) |
| 93 return NULL; |
| 94 if (!signing_key_pem_file || !data_key || !external_signer) |
| 95 return NULL; |
| 96 |
| 97 data_key_dest = (uint8_t*)(h + 1); |
| 98 block_chk_dest = data_key_dest + data_key->key_size; |
| 99 block_sig_dest = block_chk_dest + SHA512_DIGEST_SIZE; |
| 100 |
| 101 Memcpy(h->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE); |
| 102 h->header_version_major = KEY_BLOCK_HEADER_VERSION_MAJOR; |
| 103 h->header_version_minor = KEY_BLOCK_HEADER_VERSION_MINOR; |
| 104 h->key_block_size = block_size; |
| 105 h->key_block_flags = flags; |
| 106 |
| 107 /* Copy data key */ |
| 108 PublicKeyInit(&h->data_key, data_key_dest, data_key->key_size); |
| 109 PublicKeyCopy(&h->data_key, data_key); |
| 110 |
| 111 /* Set up signature structs so we can calculate the signatures */ |
| 112 SignatureInit(&h->key_block_checksum, block_chk_dest, |
| 113 SHA512_DIGEST_SIZE, signed_size); |
| 114 SignatureInit(&h->key_block_signature, block_sig_dest, |
| 115 siglen_map[algorithm], signed_size); |
| 116 |
| 117 /* Calculate checksum */ |
| 118 sigtmp = CalculateChecksum((uint8_t*)h, signed_size); |
| 119 SignatureCopy(&h->key_block_checksum, sigtmp); |
| 120 Free(sigtmp); |
| 121 |
| 122 /* Calculate signature */ |
| 123 sigtmp = CalculateSignature_external((uint8_t*)h, signed_size, |
| 124 signing_key_pem_file, algorithm, |
| 125 external_signer); |
| 126 SignatureCopy(&h->key_block_signature, sigtmp); |
| 127 Free(sigtmp); |
| 128 |
| 129 /* Return the header */ |
| 130 return h; |
| 131 } |
73 | 132 |
74 /* Read a key block from a .keyblock file. Caller owns the returned | 133 /* Read a key block from a .keyblock file. Caller owns the returned |
75 * pointer, and must free it with Free(). | 134 * pointer, and must free it with Free(). |
76 * | 135 * |
77 * Returns NULL if error. */ | 136 * Returns NULL if error. */ |
78 VbKeyBlockHeader* KeyBlockRead(const char* filename) { | 137 VbKeyBlockHeader* KeyBlockRead(const char* filename) { |
79 | 138 |
80 VbKeyBlockHeader* block; | 139 VbKeyBlockHeader* block; |
81 uint64_t file_size; | 140 uint64_t file_size; |
82 | 141 |
(...skipping 18 matching lines...) Expand all Loading... |
101 /* Write a key block to a file in .keyblock format. */ | 160 /* Write a key block to a file in .keyblock format. */ |
102 int KeyBlockWrite(const char* filename, const VbKeyBlockHeader* key_block) { | 161 int KeyBlockWrite(const char* filename, const VbKeyBlockHeader* key_block) { |
103 | 162 |
104 if (0 != WriteFile(filename, key_block, key_block->key_block_size)) { | 163 if (0 != WriteFile(filename, key_block, key_block->key_block_size)) { |
105 VBDEBUG(("KeyBlockWrite() error writing key block\n")); | 164 VBDEBUG(("KeyBlockWrite() error writing key block\n")); |
106 return 1; | 165 return 1; |
107 } | 166 } |
108 | 167 |
109 return 0; | 168 return 0; |
110 } | 169 } |
OLD | NEW |