host/lib/host_keyblock.c - Issue 4194003: Add support for using external signing application and .pem private key files to vbutil_keyblock.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: host/lib/host_keyblock.c

Issue 4194003: Add support for using external signing application and .pem private key files to vbutil_keyblock. (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/vboot_reference.git

Patch Set: fix read() bug Created 10 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: host/lib/host_keyblock.c

diff --git a/host/lib/host_keyblock.c b/host/lib/host_keyblock.c

index 2ad62b07d1dce8528c95b9f54cc5eb9e462c5f1d..97a5d12144d745b9c3592da9198b95b359bcdfe8 100644

--- a/host/lib/host_keyblock.c

+++ b/host/lib/host_keyblock.c

@@ -70,6 +70,65 @@ VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key,

return h;

}

+/* TODO(gauravsh): This could easily be integrated into KeyBlockCreate()

+ * since the code is almost a mirror - I have kept it as such to avoid changing

+ * the existing interface. */

+VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key,

+ const char* signing_key_pem_file,

+ uint64_t algorithm,

+ uint64_t flags,

+ const char* external_signer) {

+ VbKeyBlockHeader* h;

+ uint64_t signed_size = sizeof(VbKeyBlockHeader) + data_key->key_size;

+ uint64_t block_size = (signed_size + SHA512_DIGEST_SIZE +

+ siglen_map[algorithm]);

+ uint8_t* data_key_dest;

+ uint8_t* block_sig_dest;

+ uint8_t* block_chk_dest;

+ VbSignature *sigtmp;

+ /* Allocate key block */

+ h = (VbKeyBlockHeader*)Malloc(block_size);

+ if (!h)

+ return NULL;

+ if (!signing_key_pem_file || !data_key || !external_signer)

+ return NULL;

+ data_key_dest = (uint8_t*)(h + 1);

+ block_chk_dest = data_key_dest + data_key->key_size;

+ block_sig_dest = block_chk_dest + SHA512_DIGEST_SIZE;

+ Memcpy(h->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE);

+ h->header_version_major = KEY_BLOCK_HEADER_VERSION_MAJOR;

+ h->header_version_minor = KEY_BLOCK_HEADER_VERSION_MINOR;

+ h->key_block_size = block_size;

+ h->key_block_flags = flags;

+ /* Copy data key */

+ PublicKeyInit(&h->data_key, data_key_dest, data_key->key_size);

+ PublicKeyCopy(&h->data_key, data_key);

+ /* Set up signature structs so we can calculate the signatures */

+ SignatureInit(&h->key_block_checksum, block_chk_dest,

+ SHA512_DIGEST_SIZE, signed_size);

+ SignatureInit(&h->key_block_signature, block_sig_dest,

+ siglen_map[algorithm], signed_size);

+ /* Calculate checksum */

+ sigtmp = CalculateChecksum((uint8_t*)h, signed_size);

+ SignatureCopy(&h->key_block_checksum, sigtmp);

+ Free(sigtmp);

+ /* Calculate signature */

+ sigtmp = CalculateSignature_external((uint8_t*)h, signed_size,

+ signing_key_pem_file, algorithm,

+ external_signer);

+ SignatureCopy(&h->key_block_signature, sigtmp);

+ Free(sigtmp);

+ /* Return the header */

+ return h;

/* Read a key block from a .keyblock file. Caller owns the returned

* pointer, and must free it with Free().

« no previous file with comments | « host/include/host_signature.h ('k') | host/lib/host_signature.c » ('j') | no next file with comments »