Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(209)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: firmware/lib/vboot_common.c

Issue 6748009: Fix not checking hashed data size (Closed) Base URL: ssh://gitrw.chromium.org:9222/vboot_reference.git@master
Patch Set: Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. 1 /* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be 2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file. 3 * found in the LICENSE file.
4 * 4 *
5 * Common functions between firmware and kernel verified boot. 5 * Common functions between firmware and kernel verified boot.
6 * (Firmware portion) 6 * (Firmware portion)
7 */ 7 */
8 8
9 9
10 #include "vboot_common.h" 10 #include "vboot_common.h"
(...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after
209 209
210 if (VerifySignatureInside(block, block->key_block_size, sig)) { 210 if (VerifySignatureInside(block, block->key_block_size, sig)) {
211 VBDEBUG(("Key block hash off end of block\n")); 211 VBDEBUG(("Key block hash off end of block\n"));
212 return VBOOT_KEY_BLOCK_INVALID; 212 return VBOOT_KEY_BLOCK_INVALID;
213 } 213 }
214 if (sig->sig_size != SHA512_DIGEST_SIZE) { 214 if (sig->sig_size != SHA512_DIGEST_SIZE) {
215 VBDEBUG(("Wrong hash size for key block.\n")); 215 VBDEBUG(("Wrong hash size for key block.\n"));
216 return VBOOT_KEY_BLOCK_INVALID; 216 return VBOOT_KEY_BLOCK_INVALID;
217 } 217 }
218 218
219 /* Make sure advertised signature data sizes are sane. */
220 if (block->key_block_size < sig->data_size) {
221 VBDEBUG(("Signature calculated past end of the block\n"));
222 return VBOOT_KEY_BLOCK_INVALID;
223 }
224
219 VBDEBUG(("Checking key block hash only...\n")); 225 VBDEBUG(("Checking key block hash only...\n"));
220 header_checksum = DigestBuf((const uint8_t*)block, sig->data_size, 226 header_checksum = DigestBuf((const uint8_t*)block, sig->data_size,
221 SHA512_DIGEST_ALGORITHM); 227 SHA512_DIGEST_ALGORITHM);
222 rv = SafeMemcmp(header_checksum, GetSignatureDataC(sig), 228 rv = SafeMemcmp(header_checksum, GetSignatureDataC(sig),
223 SHA512_DIGEST_SIZE); 229 SHA512_DIGEST_SIZE);
224 Free(header_checksum); 230 Free(header_checksum);
225 if (rv) { 231 if (rv) {
226 VBDEBUG(("Invalid key block hash.\n")); 232 VBDEBUG(("Invalid key block hash.\n"));
227 return VBOOT_KEY_BLOCK_HASH; 233 return VBOOT_KEY_BLOCK_HASH;
228 } 234 }
(...skipping 13 matching lines...) Expand all
242 if (!rsa) { 248 if (!rsa) {
243 VBDEBUG(("Invalid public key\n")); 249 VBDEBUG(("Invalid public key\n"));
244 return VBOOT_PUBLIC_KEY_INVALID; 250 return VBOOT_PUBLIC_KEY_INVALID;
245 } 251 }
246 252
247 /* Make sure advertised signature data sizes are sane. */ 253 /* Make sure advertised signature data sizes are sane. */
248 if (block->key_block_size < sig->data_size) { 254 if (block->key_block_size < sig->data_size) {
249 VBDEBUG(("Signature calculated past end of the block\n")); 255 VBDEBUG(("Signature calculated past end of the block\n"));
250 return VBOOT_KEY_BLOCK_INVALID; 256 return VBOOT_KEY_BLOCK_INVALID;
251 } 257 }
258
252 VBDEBUG(("Checking key block signature...\n")); 259 VBDEBUG(("Checking key block signature...\n"));
253 rv = VerifyData((const uint8_t*)block, size, sig, rsa); 260 rv = VerifyData((const uint8_t*)block, size, sig, rsa);
254 RSAPublicKeyFree(rsa); 261 RSAPublicKeyFree(rsa);
255 if (rv) { 262 if (rv) {
256 VBDEBUG(("Invalid key block signature.\n")); 263 VBDEBUG(("Invalid key block signature.\n"));
257 return VBOOT_KEY_BLOCK_SIGNATURE; 264 return VBOOT_KEY_BLOCK_SIGNATURE;
258 } 265 }
259 } 266 }
260 267
261 /* Verify we signed enough data */ 268 /* Verify we signed enough data */
(...skipping 181 matching lines...) Expand 10 before | Expand all | Expand 10 after
443 return VBOOT_SHARED_DATA_INVALID; 450 return VBOOT_SHARED_DATA_INVALID;
444 header->kernel_subkey_data_size = src->key_size; 451 header->kernel_subkey_data_size = src->key_size;
445 } 452 }
446 453
447 /* Copy the kernel sign key blob into the destination buffer */ 454 /* Copy the kernel sign key blob into the destination buffer */
448 PublicKeyInit(kdest, (uint8_t*)header + header->kernel_subkey_data_offset, 455 PublicKeyInit(kdest, (uint8_t*)header + header->kernel_subkey_data_offset,
449 header->kernel_subkey_data_size); 456 header->kernel_subkey_data_size);
450 457
451 return PublicKeyCopy(kdest, src); 458 return PublicKeyCopy(kdest, src);
452 } 459 }
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698