OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Functions for generating and manipulating a verified boot firmware image. | 5 * Functions for generating and manipulating a verified boot firmware image. |
6 */ | 6 */ |
7 | 7 |
8 #include "firmware_image.h" | 8 #include "firmware_image.h" |
9 | 9 |
10 #include <fcntl.h> | 10 #include <fcntl.h> |
11 #include <limits.h> | 11 #include <limits.h> |
12 #include <stdio.h> | 12 #include <stdio.h> |
13 #include <sys/types.h> | 13 #include <sys/types.h> |
14 #include <sys/stat.h> | 14 #include <sys/stat.h> |
15 #include <unistd.h> | 15 #include <unistd.h> |
16 | 16 |
17 #include "file_keys.h" | 17 #include "file_keys.h" |
18 #include "padding.h" | 18 #include "padding.h" |
19 #include "rsa_utility.h" | 19 #include "rsa_utility.h" |
20 #include "sha_utility.h" | 20 #include "sha_utility.h" |
21 #include "utility.h" | 21 #include "utility.h" |
22 | 22 |
23 /* Macro to determine the size of a field structure in the FirmwareImage | 23 /* Macro to determine the size of a field structure in the FirmwareImage |
24 * structure. */ | 24 * structure. */ |
25 #define FIELD_LEN(field) (sizeof(((FirmwareImage*)0)->field)) | 25 #define FIELD_LEN(field) (sizeof(((FirmwareImage*)0)->field)) |
26 | 26 |
27 FirmwareImage* FirmwareImageNew(void) { | 27 FirmwareImage* FirmwareImageNew(void) { |
28 FirmwareImage* fw = (FirmwareImage*) Malloc(sizeof(FirmwareImage)); | 28 FirmwareImage* image = (FirmwareImage*) Malloc(sizeof(FirmwareImage)); |
29 return fw; | 29 if (image) { |
| 30 image->sign_key = NULL; |
| 31 image->preamble_signature = NULL; |
| 32 image->firmware_signature = NULL; |
| 33 image->firmware_data = NULL; |
| 34 } |
| 35 return image; |
30 } | 36 } |
31 | 37 |
32 void FirmwareImageFree(FirmwareImage* image) { | 38 void FirmwareImageFree(FirmwareImage* image) { |
33 Free(image->sign_key); | 39 if (image) { |
34 Free(image->key_signature); | 40 Free(image->sign_key); |
35 Free(image->preamble_signature); | 41 Free(image->preamble_signature); |
36 Free(image->firmware_signature); | 42 Free(image->firmware_signature); |
37 Free(image->firmware_data); | 43 Free(image->firmware_data); |
| 44 } |
38 } | 45 } |
39 | 46 |
40 FirmwareImage* ReadFirmwareImage(const char* input_file, | 47 FirmwareImage* ReadFirmwareImage(const char* input_file) { |
41 FirmwareImage* image) { | 48 uint32_t file_size; |
42 int fd; | |
43 struct stat fd_stat; | |
44 | |
45 int image_len = 0; /* Total size of the firmware image. */ | 49 int image_len = 0; /* Total size of the firmware image. */ |
46 int header_len = 0; | 50 int header_len = 0; |
47 int sign_key_len; | 51 int sign_key_len; |
48 int signature_len; | 52 int signature_len; |
49 uint8_t* firmware_buf; | 53 uint8_t* firmware_buf; |
50 MemcpyState st; | 54 MemcpyState st; |
| 55 FirmwareImage* image = FirmwareImageNew(); |
51 | 56 |
52 if (!image) | 57 if (!image) |
53 return NULL; | 58 return NULL; |
54 | 59 |
55 if (-1 == (fd = open(input_file, O_RDONLY))) { | 60 firmware_buf = BufferFromFile(input_file, &file_size); |
56 fprintf(stderr, "Couldn't open file for reading.\n"); | 61 image_len = file_size; |
57 return NULL; | |
58 } | |
59 | |
60 if (-1 == fstat(fd, &fd_stat)) { | |
61 fprintf(stderr, "Couldn't stat file.\n"); | |
62 close(fd); | |
63 return NULL; | |
64 } | |
65 | |
66 firmware_buf = (uint8_t*) Malloc(fd_stat.st_size); | |
67 image_len = fd_stat.st_size; | |
68 | |
69 /* Read entire file into a buffer. */ | |
70 if (image_len != read(fd, firmware_buf, image_len)) { | |
71 fprintf(stderr, "Couldn't read file data.\n"); | |
72 close(fd); | |
73 return NULL; | |
74 } | |
75 close(fd); | |
76 | 62 |
77 st.remaining_len = image_len; | 63 st.remaining_len = image_len; |
78 st.remaining_buf = firmware_buf; | 64 st.remaining_buf = firmware_buf; |
79 | 65 |
80 /* Read and compare magic bytes. */ | 66 /* Read and compare magic bytes. */ |
81 if (!StatefulMemcpy(&st, &image->magic, FIRMWARE_MAGIC_SIZE)) | 67 if (!StatefulMemcpy(&st, &image->magic, FIRMWARE_MAGIC_SIZE)) |
82 goto parse_failure; | 68 goto parse_failure; |
83 | 69 |
84 if (SafeMemcmp(image->magic, FIRMWARE_MAGIC, FIRMWARE_MAGIC_SIZE)) { | 70 if (SafeMemcmp(image->magic, FIRMWARE_MAGIC, FIRMWARE_MAGIC_SIZE)) { |
85 fprintf(stderr, "Wrong Firmware Magic.\n"); | 71 fprintf(stderr, "Wrong Firmware Magic.\n"); |
86 goto parse_failure; | 72 goto parse_failure; |
87 } | 73 } |
88 | 74 |
89 StatefulMemcpy(&st, &image->header_len, sizeof(image->header_len)); | 75 StatefulMemcpy(&st, &image->header_len, FIELD_LEN(header_len)); |
90 StatefulMemcpy(&st, &image->sign_algorithm, sizeof(image->sign_algorithm)); | 76 StatefulMemcpy(&st, &image->sign_algorithm, FIELD_LEN(sign_algorithm)); |
91 | 77 |
92 /* Valid Algorithm? */ | 78 /* Valid Algorithm? */ |
93 if (image->sign_algorithm > kNumAlgorithms) | 79 if (image->sign_algorithm >= kNumAlgorithms) |
94 goto parse_failure; | 80 goto parse_failure; |
95 | 81 |
96 /* Compute size of pre-processed RSA public key and signature. */ | 82 /* Compute size of pre-processed RSA public key and signature. */ |
97 sign_key_len = (2*siglen_map[image->sign_algorithm]*sizeof(uint32_t) | 83 sign_key_len = RSAProcessedKeySize(image->sign_algorithm); |
98 + sizeof(uint32_t) + sizeof(int)); | |
99 signature_len = siglen_map[image->sign_algorithm] * sizeof(uint32_t); | 84 signature_len = siglen_map[image->sign_algorithm] * sizeof(uint32_t); |
100 | 85 |
101 | 86 |
102 /* Check whether the header length is correct. */ | 87 /* Check whether the header length is correct. */ |
103 header_len = (sizeof(image->header_len) + sizeof(image->sign_algorithm) + | 88 header_len = (FIELD_LEN(header_len) + |
104 sizeof(image->key_version) + | 89 FIELD_LEN(sign_algorithm) + |
105 sizeof(image->header_checksum)); | 90 sign_key_len + |
| 91 FIELD_LEN(key_version) + |
| 92 FIELD_LEN(header_checksum)); |
106 if (header_len != image->header_len) { | 93 if (header_len != image->header_len) { |
107 fprintf(stderr, "Header length mismatch."); | 94 fprintf(stderr, "Header length mismatch. Got: %d Expected: %d\n", |
| 95 image->header_len, header_len); |
108 goto parse_failure; | 96 goto parse_failure; |
109 } | 97 } |
110 | 98 |
111 /* Read pre-processed public half of the sign key. */ | 99 /* Read pre-processed public half of the sign key. */ |
112 image->sign_key = (uint8_t*) Malloc(sign_key_len); | 100 image->sign_key = (uint8_t*) Malloc(sign_key_len); |
113 StatefulMemcpy(&st, image->sign_key, sign_key_len); | 101 StatefulMemcpy(&st, image->sign_key, sign_key_len); |
114 StatefulMemcpy(&st, &image->key_version, sizeof(image->key_version)); | 102 StatefulMemcpy(&st, &image->key_version, FIELD_LEN(key_version)); |
115 StatefulMemcpy(&st, image->header_checksum, sizeof(image->header_checksum)); | 103 StatefulMemcpy(&st, image->header_checksum, FIELD_LEN(header_checksum)); |
116 | 104 |
117 /* Read key signature. */ | 105 /* Read key signature. */ |
118 StatefulMemcpy(&st, image->key_signature, sizeof(image->key_signature)); | 106 StatefulMemcpy(&st, image->key_signature, FIELD_LEN(key_signature)); |
119 | 107 |
120 /* Read the firmware preamble. */ | 108 /* Read the firmware preamble. */ |
121 StatefulMemcpy(&st,&image->firmware_version, sizeof(image->firmware_version)); | 109 StatefulMemcpy(&st,&image->firmware_version, FIELD_LEN(firmware_version)); |
122 StatefulMemcpy(&st, &image->firmware_len, sizeof(image->firmware_len)); | 110 StatefulMemcpy(&st, &image->firmware_len, FIELD_LEN(firmware_len)); |
123 StatefulMemcpy(&st, image->preamble, sizeof(image->preamble)); | 111 StatefulMemcpy(&st, image->preamble, FIELD_LEN(preamble)); |
124 | 112 |
125 /* Read firmware preamble signature. */ | 113 /* Read firmware preamble signature. */ |
126 image->preamble_signature = (uint8_t*) Malloc(signature_len); | 114 image->preamble_signature = (uint8_t*) Malloc(signature_len); |
127 StatefulMemcpy(&st, image->preamble_signature, signature_len); | 115 StatefulMemcpy(&st, image->preamble_signature, signature_len); |
128 | 116 |
129 image->firmware_signature = (uint8_t*) Malloc(signature_len); | 117 image->firmware_signature = (uint8_t*) Malloc(signature_len); |
130 StatefulMemcpy(&st, image->firmware_signature, signature_len); | 118 StatefulMemcpy(&st, image->firmware_signature, signature_len); |
131 | 119 |
132 image->firmware_data = (uint8_t*) Malloc(image->firmware_len); | 120 image->firmware_data = (uint8_t*) Malloc(image->firmware_len); |
133 StatefulMemcpy(&st, image->firmware_data, image->firmware_len); | 121 StatefulMemcpy(&st, image->firmware_data, image->firmware_len); |
134 | 122 |
135 if(st.remaining_len != 0) /* Overrun or underrun. */ | 123 if(st.remaining_len != 0) /* Overrun or underrun. */ |
136 goto parse_failure; | 124 goto parse_failure; |
137 | 125 |
138 Free(firmware_buf); | 126 Free(firmware_buf); |
139 return image; | 127 return image; |
140 | 128 |
141 parse_failure: | 129 parse_failure: |
142 Free(firmware_buf); | 130 Free(firmware_buf); |
143 return NULL; | 131 return NULL; |
144 } | 132 } |
145 | 133 |
146 void WriteFirmwareHeader(int fd, FirmwareImage* image) { | 134 void WriteFirmwareHeader(int fd, FirmwareImage* image) { |
147 int sign_key_len; | 135 int sign_key_len; |
148 write(fd, &image->header_len, sizeof(image->header_len)); | 136 write(fd, &image->header_len, FIELD_LEN(header_len)); |
149 write(fd, &image->sign_algorithm, sizeof(image->header_len)); | 137 write(fd, &image->sign_algorithm, FIELD_LEN(header_len)); |
150 sign_key_len = (image->header_len - sizeof(image->header_len) - | 138 sign_key_len = (image->header_len - FIELD_LEN(header_len) - |
151 sizeof(image->sign_algorithm) - | 139 FIELD_LEN(sign_algorithm) - |
152 sizeof(image->key_version) - | 140 FIELD_LEN(key_version) - |
153 sizeof(image->header_checksum)); | 141 FIELD_LEN(header_checksum)); |
154 write(fd, image->sign_key, sign_key_len); | 142 write(fd, image->sign_key, sign_key_len); |
155 write(fd, &image->key_version, sizeof(image->key_version)); | 143 write(fd, &image->key_version, FIELD_LEN(key_version)); |
156 write(fd, &image->header_checksum, sizeof(image->header_checksum)); | 144 write(fd, &image->header_checksum, FIELD_LEN(header_checksum)); |
157 } | 145 } |
158 | 146 |
159 void WriteFirmwarePreamble(int fd, FirmwareImage* image) { | 147 void WriteFirmwarePreamble(int fd, FirmwareImage* image) { |
160 write(fd, &image->firmware_version, | 148 write(fd, &image->firmware_version, |
161 sizeof(image->firmware_version)); | 149 FIELD_LEN(firmware_version)); |
162 write(fd, &image->firmware_len, sizeof(image->firmware_len)); | 150 write(fd, &image->firmware_len, FIELD_LEN(firmware_len)); |
163 write(fd, image->preamble, sizeof(image->preamble)); | 151 write(fd, image->preamble, FIELD_LEN(preamble)); |
164 } | 152 } |
165 | 153 |
166 FirmwareImage* WriteFirmwareImage(const char* input_file, | 154 FirmwareImage* WriteFirmwareImage(const char* input_file, |
167 FirmwareImage* image) { | 155 FirmwareImage* image) { |
168 int fd; | 156 int fd; |
169 int signature_len; | 157 int signature_len; |
170 | 158 |
171 if (!image) | 159 if (!image) |
172 return NULL; | 160 return NULL; |
173 if (-1 == (fd = creat(input_file, S_IRWXU))) { | 161 if (-1 == (fd = creat(input_file, S_IRWXU))) { |
174 fprintf(stderr, "Couldn't open file for writing.\n"); | 162 fprintf(stderr, "Couldn't open file for writing.\n"); |
175 return NULL; | 163 return NULL; |
176 } | 164 } |
177 | 165 |
178 write(fd, image->magic, sizeof(image->magic)); | 166 write(fd, image->magic, FIELD_LEN(magic)); |
179 WriteFirmwareHeader(fd, image); | 167 WriteFirmwareHeader(fd, image); |
180 write(fd, image->key_signature, sizeof(image->key_signature)); | 168 write(fd, image->key_signature, FIELD_LEN(key_signature)); |
181 signature_len = siglen_map[image->sign_algorithm] * sizeof(uint32_t); | 169 signature_len = siglen_map[image->sign_algorithm] * sizeof(uint32_t); |
182 WriteFirmwarePreamble(fd, image); | 170 WriteFirmwarePreamble(fd, image); |
183 write(fd, image->preamble_signature, signature_len); | 171 write(fd, image->preamble_signature, signature_len); |
184 write(fd, image->firmware_signature, signature_len); | 172 write(fd, image->firmware_signature, signature_len); |
185 write(fd, image->firmware_data, image->firmware_len); | 173 write(fd, image->firmware_data, image->firmware_len); |
186 | 174 |
187 close(fd); | 175 close(fd); |
188 return image; | 176 return image; |
189 } | 177 } |
190 | 178 |
191 void PrintFirmware(const FirmwareImage* image) { | 179 void PrintFirmwareImage(const FirmwareImage* image) { |
192 if (!image) | 180 if (!image) |
193 return; | 181 return; |
194 | 182 |
195 /* Print header. */ | 183 /* Print header. */ |
196 printf("Header Length = %d\n" | 184 printf("Header Length = %d\n" |
197 "Algorithm Id = %d\n" | 185 "Algorithm Id = %d\n" |
198 "Signature Algorithm = %s\n" | 186 "Signature Algorithm = %s\n" |
199 "Key Version = %d\n\n", | 187 "Key Version = %d\n\n", |
200 image->header_len, | 188 image->header_len, |
201 image->sign_algorithm, | 189 image->sign_algorithm, |
(...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
388 /* Verify root key signature on the sign key header if we | 376 /* Verify root key signature on the sign key header if we |
389 * are not in dev mode. | 377 * are not in dev mode. |
390 * | 378 * |
391 * TODO(gauravsh): Add additional sanity checks here for: | 379 * TODO(gauravsh): Add additional sanity checks here for: |
392 * 1) verifying the header length is correct. | 380 * 1) verifying the header length is correct. |
393 * 2) header_checksum is correct. | 381 * 2) header_checksum is correct. |
394 */ | 382 */ |
395 if (!dev_mode) { | 383 if (!dev_mode) { |
396 DigestInit(&ctx, ROOT_SIGNATURE_ALGORITHM); | 384 DigestInit(&ctx, ROOT_SIGNATURE_ALGORITHM); |
397 DigestUpdate(&ctx, (uint8_t*) &image->header_len, | 385 DigestUpdate(&ctx, (uint8_t*) &image->header_len, |
398 sizeof(image->header_len)); | 386 FIELD_LEN(header_len)); |
399 DigestUpdate(&ctx, (uint8_t*) &image->sign_algorithm, | 387 DigestUpdate(&ctx, (uint8_t*) &image->sign_algorithm, |
400 sizeof(image->sign_algorithm)); | 388 FIELD_LEN(sign_algorithm)); |
401 DigestUpdate(&ctx, image->sign_key, | 389 DigestUpdate(&ctx, image->sign_key, |
402 RSAProcessedKeySize(image->sign_algorithm)); | 390 RSAProcessedKeySize(image->sign_algorithm)); |
403 DigestUpdate(&ctx, (uint8_t*) &image->key_version, | 391 DigestUpdate(&ctx, (uint8_t*) &image->key_version, |
404 sizeof(image->key_version)); | 392 FIELD_LEN(key_version)); |
405 DigestUpdate(&ctx, image->header_checksum, | 393 DigestUpdate(&ctx, image->header_checksum, |
406 sizeof(image->header_checksum)); | 394 FIELD_LEN(header_checksum)); |
407 header_digest = DigestFinal(&ctx); | 395 header_digest = DigestFinal(&ctx); |
408 if (!RSA_verify(root_key, image->key_signature, | 396 if (!RSA_verify(root_key, image->key_signature, |
409 sizeof(image->key_signature), | 397 FIELD_LEN(key_signature), |
410 ROOT_SIGNATURE_ALGORITHM, | 398 ROOT_SIGNATURE_ALGORITHM, |
411 header_digest)) { | 399 header_digest)) { |
412 error_code = VERIFY_FIRMWARE_ROOT_SIGNATURE_FAILED; | 400 error_code = VERIFY_FIRMWARE_ROOT_SIGNATURE_FAILED; |
413 goto verify_failure; | 401 goto verify_failure; |
414 } | 402 } |
415 } | 403 } |
416 | 404 |
417 /* Get sign key to verify the rest of the firmware. */ | 405 /* Get sign key to verify the rest of the firmware. */ |
418 sign_key_size = RSAProcessedKeySize(image->sign_algorithm); | 406 sign_key_size = RSAProcessedKeySize(image->sign_algorithm); |
419 sign_key = RSAPublicKeyFromBuf(image->sign_key, | 407 sign_key = RSAPublicKeyFromBuf(image->sign_key, |
420 sign_key_size); | 408 sign_key_size); |
421 signature_size = siglen_map[image->sign_algorithm] * sizeof(uint32_t); | 409 signature_size = siglen_map[image->sign_algorithm] * sizeof(uint32_t); |
422 | 410 |
423 if (image->sign_algorithm >= kNumAlgorithms) | 411 if (image->sign_algorithm >= kNumAlgorithms) |
424 return VERIFY_FIRMWARE_INVALID_ALGORITHM; | 412 return VERIFY_FIRMWARE_INVALID_ALGORITHM; |
425 | 413 |
426 /* Verify firmware preamble signature. */ | 414 /* Verify firmware preamble signature. */ |
427 DigestInit(&ctx, image->sign_algorithm); | 415 DigestInit(&ctx, image->sign_algorithm); |
428 DigestUpdate(&ctx, (uint8_t*) &image->firmware_version, | 416 DigestUpdate(&ctx, (uint8_t*) &image->firmware_version, |
429 sizeof(image->firmware_version)); | 417 FIELD_LEN(firmware_version)); |
430 DigestUpdate(&ctx, (uint8_t*) &image->firmware_len, | 418 DigestUpdate(&ctx, (uint8_t*) &image->firmware_len, |
431 sizeof(image->firmware_len)); | 419 FIELD_LEN(firmware_len)); |
432 DigestUpdate(&ctx, (uint8_t*) &image->preamble, | 420 DigestUpdate(&ctx, (uint8_t*) &image->preamble, |
433 sizeof(image->preamble)); | 421 FIELD_LEN(preamble)); |
434 preamble_digest = DigestFinal(&ctx); | 422 preamble_digest = DigestFinal(&ctx); |
435 if (!RSA_verify(sign_key, image->preamble_signature, | 423 if (!RSA_verify(sign_key, image->preamble_signature, |
436 signature_size, image->sign_algorithm, | 424 signature_size, image->sign_algorithm, |
437 preamble_digest)) { | 425 preamble_digest)) { |
438 error_code = VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED; | 426 error_code = VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED; |
439 goto verify_failure; | 427 goto verify_failure; |
440 } | 428 } |
441 | 429 |
442 /* Verify firmware signature. */ | 430 /* Verify firmware signature. */ |
443 firmware_digest = DigestBuf(image->firmware_data, | 431 firmware_digest = DigestBuf(image->firmware_data, |
444 image->firmware_len, | 432 image->firmware_len, |
445 image->sign_algorithm); | 433 image->sign_algorithm); |
446 if(!RSA_verify(sign_key, image->firmware_signature, | 434 if(!RSA_verify(sign_key, image->firmware_signature, |
447 signature_size, image->sign_algorithm, | 435 signature_size, image->sign_algorithm, |
448 firmware_digest)) { | 436 firmware_digest)) { |
449 error_code = VERIFY_FIRMWARE_SIGNATURE_FAILED; | 437 error_code = VERIFY_FIRMWARE_SIGNATURE_FAILED; |
450 goto verify_failure; | 438 goto verify_failure; |
451 } | 439 } |
452 | 440 |
453 verify_failure: | 441 verify_failure: |
454 Free(firmware_digest); | 442 Free(firmware_digest); |
455 Free(preamble_digest); | 443 Free(preamble_digest); |
456 Free(header_digest); | 444 Free(header_digest); |
457 return error_code; | 445 return error_code; |
458 } | 446 } |
459 | 447 |
| 448 const char* VerifyFirmwareErrorString(int error) { |
| 449 return kVerifyFirmwareErrors[error]; |
| 450 } |
460 | 451 |
461 int AddKeySignature(FirmwareImage* image, char* root_key_file) { | 452 int AddFirmwareKeySignature(FirmwareImage* image, const char* root_key_file) { |
462 int tmp_hdr_fd; | 453 int tmp_hdr_fd; |
463 char* tmp_hdr_file = ".tmpHdrFile"; | 454 char* tmp_hdr_file = ".tmpHdrFile"; |
464 uint8_t* signature; | 455 uint8_t* signature; |
465 | 456 |
466 if(-1 == (tmp_hdr_fd = creat(tmp_hdr_file, S_IRWXU))) { | 457 if(-1 == (tmp_hdr_fd = creat(tmp_hdr_file, S_IRWXU))) { |
467 fprintf(stderr, "Could not open temporary file for writing " | 458 fprintf(stderr, "Could not open temporary file for writing " |
468 "firmware header.\n"); | 459 "firmware header.\n"); |
469 return 0; | 460 return 0; |
470 } | 461 } |
471 WriteFirmwareHeader(tmp_hdr_fd, image); | 462 WriteFirmwareHeader(tmp_hdr_fd, image); |
472 close(tmp_hdr_fd); | 463 close(tmp_hdr_fd); |
473 | 464 |
474 if (!(signature = SignatureFile(tmp_hdr_file, root_key_file, | 465 if (!(signature = SignatureFile(tmp_hdr_file, root_key_file, |
475 ROOT_SIGNATURE_ALGORITHM))) | 466 ROOT_SIGNATURE_ALGORITHM))) |
476 return 0; | 467 return 0; |
477 Memcpy(image->key_signature, signature, RSA8192NUMBYTES); | 468 Memcpy(image->key_signature, signature, RSA8192NUMBYTES); |
478 return 1; | 469 return 1; |
479 } | 470 } |
480 | 471 |
481 int AddFirmwareSignature(FirmwareImage* image, char* signing_key_file, | 472 int AddFirmwareSignature(FirmwareImage* image, const char* signing_key_file, |
482 int algorithm) { | 473 int algorithm) { |
483 int tmp_preamble_fd; | 474 int tmp_preamble_fd; |
484 char* tmp_preamble_file = ".tmpPreambleFile"; | 475 char* tmp_preamble_file = ".tmpPreambleFile"; |
485 int tmp_firmware_fd; | 476 int tmp_firmware_fd; |
486 char* tmp_firmware_file = ".tmpFirmwareFile"; | 477 char* tmp_firmware_file = ".tmpFirmwareFile"; |
487 uint8_t* preamble_signature; | 478 uint8_t* preamble_signature; |
488 uint8_t* firmware_signature; | 479 uint8_t* firmware_signature; |
489 int signature_len = siglen_map[algorithm] * sizeof(uint32_t); | 480 int signature_len = siglen_map[algorithm] * sizeof(uint32_t); |
490 | 481 |
491 /* Write preamble to a file. */ | 482 /* Write preamble to a file. */ |
(...skipping 23 matching lines...) Expand all Loading... |
515 algorithm))) { | 506 algorithm))) { |
516 fprintf(stderr, "Could not open temporary file for writing " | 507 fprintf(stderr, "Could not open temporary file for writing " |
517 "firmware.\n"); | 508 "firmware.\n"); |
518 return 0; | 509 return 0; |
519 } | 510 } |
520 image->firmware_signature = (uint8_t*) Malloc(signature_len); | 511 image->firmware_signature = (uint8_t*) Malloc(signature_len); |
521 Memcpy(image->firmware_signature, firmware_signature, signature_len); | 512 Memcpy(image->firmware_signature, firmware_signature, signature_len); |
522 Free(firmware_signature); | 513 Free(firmware_signature); |
523 return 1; | 514 return 1; |
524 } | 515 } |
OLD | NEW |