| OLD | NEW |
|---|
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 */ | 4 */ |
| 5 | 5 |
| 6 /* Routines for verifying a file's signature. Useful in testing the core | 6 /* Routines for verifying a file's signature. Useful in testing the core |
| 7 * RSA verification implementation. | 7 * RSA verification implementation. |
| 8 */ | 8 */ |
| 9 | 9 |
| 10 #include <fcntl.h> | 10 #include <fcntl.h> |
| 11 #include <stdio.h> | 11 #include <stdio.h> |
| 12 #include <stdlib.h> | 12 #include <stdlib.h> |
| 13 #include <string.h> | 13 #include <string.h> |
| 14 #include <sys/stat.h> | 14 #include <sys/stat.h> |
| 15 #include <sys/types.h> | 15 #include <sys/types.h> |
| 16 #include <unistd.h> | 16 #include <unistd.h> |
| 17 | 17 |
| 18 #include "file_keys.h" | 18 #include "file_keys.h" |
| 19 #include "sha_utility.h" | 19 #include "sha_utility.h" |
| 20 #include "padding.h" | 20 #include "padding.h" |
| 21 #include "rsa.h" | 21 #include "rsa.h" |
| 22 #include "rsa_utility.h" | 22 #include "rsa_utility.h" |
| 23 #include "verify_data.h" | 23 #include "verify_data.h" |
| 24 | 24 |
| 25 /* ANSI Color coding sequences. */ |
| 26 #define COL_GREEN "\e[1;32m" |
| 27 #define COL_RED "\e[0;31m]" |
| 28 #define COL_STOP "\e[m" |
| 29 |
| 25 uint8_t* read_signature(char* input_file, int len) { | 30 uint8_t* read_signature(char* input_file, int len) { |
| 26 int i, sigfd; | 31 int i, sigfd; |
| 27 uint8_t* signature = NULL; | 32 uint8_t* signature = NULL; |
| 28 if ((sigfd = open(input_file, O_RDONLY)) == -1) { | 33 if ((sigfd = open(input_file, O_RDONLY)) == -1) { |
| 29 fprintf(stderr, "Couldn't open signature file\n"); | 34 fprintf(stderr, "Couldn't open signature file\n"); |
| 30 return NULL; | 35 return NULL; |
| 31 } | 36 } |
| 32 | 37 |
| 33 /* Read the signature into a buffer*/ | 38 /* Read the signature into a buffer*/ |
| 34 signature = (uint8_t*) malloc(len); | 39 signature = (uint8_t*) malloc(len); |
| 35 if (!signature) | 40 if (!signature) |
| 36 return NULL; | 41 return NULL; |
| 37 | 42 |
| 38 if( (i = read(sigfd, signature, len)) != len ) { | 43 if( (i = read(sigfd, signature, len)) != len ) { |
| 39 fprintf(stderr, "Wrong signature length - Expected = %d, Received = %d\n", | 44 fprintf(stderr, "Wrong signature length - Expected = %d, Received = %d\n", |
| 40 len, i); | 45 len, i); |
| 41 close(sigfd); | 46 close(sigfd); |
| 42 return NULL; | 47 return NULL; |
| 43 } | 48 } |
| 44 | 49 |
| 45 close(sigfd); | 50 close(sigfd); |
| 46 return signature; | 51 return signature; |
| 47 } | 52 } |
| 48 | 53 |
| 49 | |
| 50 int main(int argc, char* argv[]) { | 54 int main(int argc, char* argv[]) { |
| 51 int i, algorithm, sig_len; | 55 int i, algorithm, sig_len; |
| 52 int return_code = 1; /* Default to error. */ | 56 int return_code = 1; /* Default to error. */ |
| 53 uint8_t* digest = NULL; | 57 uint8_t* digest = NULL; |
| 54 uint8_t* signature = NULL; | 58 uint8_t* signature = NULL; |
| 55 RSAPublicKey* key = NULL; | 59 RSAPublicKey* key = NULL; |
| 56 | 60 |
| 57 if (argc!=5) { | 61 if (argc!=5) { |
| 58 fprintf(stderr, "Usage: %s <algorithm> <key file> <signature file>" | 62 fprintf(stderr, "Usage: %s <algorithm> <key file> <signature file>" |
| 59 " <input file>\n\n", argv[0]); | 63 " <input file>\n\n", argv[0]); |
| (...skipping 13 matching lines...) Expand all Loading... |
| 73 sig_len = siglen_map[algorithm] * sizeof(uint32_t); | 77 sig_len = siglen_map[algorithm] * sizeof(uint32_t); |
| 74 | 78 |
| 75 if (!(key = RSAPublicKeyFromFile(argv[2]))) | 79 if (!(key = RSAPublicKeyFromFile(argv[2]))) |
| 76 goto failure; | 80 goto failure; |
| 77 if (!(signature = read_signature(argv[3], sig_len))) | 81 if (!(signature = read_signature(argv[3], sig_len))) |
| 78 goto failure; | 82 goto failure; |
| 79 if (!(digest = DigestFile(argv[4], algorithm))) | 83 if (!(digest = DigestFile(argv[4], algorithm))) |
| 80 goto failure; | 84 goto failure; |
| 81 if(RSA_verify(key, signature, sig_len, algorithm, digest)) { | 85 if(RSA_verify(key, signature, sig_len, algorithm, digest)) { |
| 82 return_code = 0; | 86 return_code = 0; |
| 83 fprintf(stderr, "Signature Verification SUCCEEDED.\n"); | 87 fprintf(stderr, "Signature Verification " |
| 84 } | 88 COL_GREEN "SUCCEEDED" COL_STOP "\n"); |
| 85 else { | 89 } else { |
| 86 fprintf(stderr, "Signature Verification FAILED!\n"); | 90 fprintf(stderr, "Signature Verification " |
| 91 COL_RED "FAILED" COL_STOP "\n"); |
| 87 } | 92 } |
| 88 | 93 |
| 89 failure: | 94 failure: |
| 90 free(key); | 95 free(key); |
| 91 free(signature); | 96 free(signature); |
| 92 free(digest); | 97 free(digest); |
| 93 | 98 |
| 94 return return_code; | 99 return return_code; |
| 95 } | 100 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 650105:
Vboot Reference: Add the "real" reference firmware verification function (VerifyFirmware). (Closed)
