OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Common functions between firmware and kernel verified boot. | 5 * Common functions between firmware and kernel verified boot. |
6 * (Firmware portion) | 6 * (Firmware portion) |
7 */ | 7 */ |
8 | 8 |
9 | 9 |
10 #include "vboot_common.h" | 10 #include "vboot_common.h" |
11 #include "utility.h" | 11 #include "utility.h" |
12 | 12 |
13 | 13 |
14 char* kVbootErrors[VBOOT_ERROR_MAX] = { | 14 char* kVbootErrors[VBOOT_ERROR_MAX] = { |
15 "Success.", | 15 "Success.", |
16 "Key block invalid.", | 16 "Key block invalid.", |
17 "Key block signature failed.", | 17 "Key block signature failed.", |
18 "Key block hash failed.", | 18 "Key block hash failed.", |
19 "Public key invalid.", | 19 "Public key invalid.", |
20 "Preamble invalid.", | 20 "Preamble invalid.", |
21 "Preamble signature check failed.", | 21 "Preamble signature check failed.", |
| 22 "Shared data invalid." |
22 }; | 23 }; |
23 | 24 |
24 | 25 |
25 uint64_t OffsetOf(const void *base, const void *ptr) { | 26 uint64_t OffsetOf(const void *base, const void *ptr) { |
26 return (uint64_t)(size_t)ptr - (uint64_t)(size_t)base; | 27 return (uint64_t)(size_t)ptr - (uint64_t)(size_t)base; |
27 } | 28 } |
28 | 29 |
29 | 30 |
30 /* Helper functions to get data pointed to by a public key or signature. */ | 31 /* Helper functions to get data pointed to by a public key or signature. */ |
31 uint8_t* GetPublicKeyData(VbPublicKey* key) { | 32 uint8_t* GetPublicKeyData(VbPublicKey* key) { |
(...skipping 338 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
370 /* Verify body signature is inside the block */ | 371 /* Verify body signature is inside the block */ |
371 if (VerifySignatureInside(preamble, preamble->preamble_size, | 372 if (VerifySignatureInside(preamble, preamble->preamble_size, |
372 &preamble->body_signature)) { | 373 &preamble->body_signature)) { |
373 VBDEBUG(("Kernel body signature off end of preamble\n")); | 374 VBDEBUG(("Kernel body signature off end of preamble\n")); |
374 return VBOOT_PREAMBLE_INVALID; | 375 return VBOOT_PREAMBLE_INVALID; |
375 } | 376 } |
376 | 377 |
377 /* Success */ | 378 /* Success */ |
378 return VBOOT_SUCCESS; | 379 return VBOOT_SUCCESS; |
379 } | 380 } |
| 381 |
| 382 |
| 383 int VbSharedDataInit(VbSharedDataHeader* header, uint64_t size) { |
| 384 if (size < sizeof(VbSharedDataHeader)) { |
| 385 VBDEBUG(("Not enough data for header.\n")); |
| 386 return VBOOT_SHARED_DATA_INVALID; |
| 387 } |
| 388 if (size < VB_SHARED_DATA_MIN_SIZE) { |
| 389 VBDEBUG(("Shared data buffer too small.\n")); |
| 390 return VBOOT_SHARED_DATA_INVALID; |
| 391 } |
| 392 |
| 393 if (!header) |
| 394 return VBOOT_SHARED_DATA_INVALID; |
| 395 |
| 396 /* Zero the header */ |
| 397 Memset(header, 0, sizeof(VbSharedDataHeader)); |
| 398 |
| 399 /* Initialize fields */ |
| 400 header->struct_version = VB_SHARED_DATA_VERSION; |
| 401 header->struct_size = sizeof(VbSharedDataHeader); |
| 402 header->data_size = size; |
| 403 header->data_used = sizeof(VbSharedDataHeader); |
| 404 |
| 405 /* Success */ |
| 406 return VBOOT_SUCCESS; |
| 407 } |
| 408 |
| 409 |
| 410 uint64_t VbSharedDataReserve(VbSharedDataHeader* header, uint64_t size) { |
| 411 uint64_t offs = header->data_used; |
| 412 |
| 413 if (!header || size > header->data_size - header->data_used) { |
| 414 VBDEBUG(("VbSharedData buffer out of space.\n")); |
| 415 return 0; /* Not initialized, or not enough space left. */ |
| 416 } |
| 417 header->data_used += size; |
| 418 return offs; |
| 419 } |
| 420 |
| 421 |
| 422 int VbSharedDataSetKernelKey(VbSharedDataHeader* header, |
| 423 const VbPublicKey* src) { |
| 424 |
| 425 VbPublicKey *kdest = &header->kernel_subkey; |
| 426 |
| 427 if (!header) |
| 428 return VBOOT_SHARED_DATA_INVALID; |
| 429 |
| 430 /* Attempt to allocate space for the key, if it hasn't been allocated yet */ |
| 431 if (!header->kernel_subkey_data_offset) { |
| 432 header->kernel_subkey_data_offset = VbSharedDataReserve(header, |
| 433 src->key_size); |
| 434 if (!header->kernel_subkey_data_offset) |
| 435 return VBOOT_SHARED_DATA_INVALID; |
| 436 header->kernel_subkey_data_size = src->key_size; |
| 437 } |
| 438 |
| 439 /* Copy the kernel sign key blob into the destination buffer */ |
| 440 PublicKeyInit(kdest, (uint8_t*)header + header->kernel_subkey_data_offset, |
| 441 header->kernel_subkey_data_size); |
| 442 |
| 443 return PublicKeyCopy(kdest, src); |
| 444 } |
OLD | NEW |