| OLD | NEW |
|---|
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 * | 4 * |
| 5 * Functions for generating and manipulating a verified boot firmware image. | 5 * Functions for generating and manipulating a verified boot firmware image. |
| 6 */ | 6 */ |
| 7 | 7 |
| 8 #include "firmware_image.h" | 8 #include "firmware_image.h" |
| 9 | 9 |
| 10 #include <fcntl.h> | 10 #include <fcntl.h> |
| (...skipping 376 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 387 algorithm)) | 387 algorithm)) |
| 388 return VERIFY_FIRMWARE_SIGNATURE_FAILED; | 388 return VERIFY_FIRMWARE_SIGNATURE_FAILED; |
| 389 return 0; | 389 return 0; |
| 390 } | 390 } |
| 391 | 391 |
| 392 int VerifyFirmware(const uint8_t* root_key_blob, | 392 int VerifyFirmware(const uint8_t* root_key_blob, |
| 393 const uint8_t* firmware_blob, | 393 const uint8_t* firmware_blob, |
| 394 const int dev_mode) { | 394 const int dev_mode) { |
| 395 int error_code; | 395 int error_code; |
| 396 int algorithm; /* Signing key algorithm. */ | 396 int algorithm; /* Signing key algorithm. */ |
| 397 RSAPublicKey* firmware_sign_key; | 397 RSAPublicKey* firmware_sign_key = NULL; |
| 398 int firmware_sign_key_len, signature_len, header_len, firmware_len; | 398 int firmware_sign_key_len, signature_len, header_len, firmware_len; |
| 399 const uint8_t* header_ptr; /* Pointer to header. */ | 399 const uint8_t* header_ptr = NULL; /* Pointer to header. */ |
| 400 const uint8_t* firmware_sign_key_ptr; /* Pointer to signing key. */ | 400 const uint8_t* firmware_sign_key_ptr = NULL; /* Pointer to signing key. */ |
| 401 const uint8_t* preamble_ptr; /* Pointer to preamble block. */ | 401 const uint8_t* preamble_ptr = NULL; /* Pointer to preamble block. */ |
| 402 const uint8_t* firmware_ptr; /* Pointer to firmware signature/data. */ | 402 const uint8_t* firmware_ptr = NULL; /* Pointer to firmware signature/data. */ |
| 403 | 403 |
| 404 /* Note: All the offset calculations are based on struct FirmwareImage which | 404 /* Note: All the offset calculations are based on struct FirmwareImage which |
| 405 * is defined in include/firmware_image.h. */ | 405 * is defined in include/firmware_image.h. */ |
| 406 | 406 |
| 407 /* Compare magic bytes. */ | 407 /* Compare magic bytes. */ |
| 408 if (SafeMemcmp(firmware_blob, FIRMWARE_MAGIC, FIRMWARE_MAGIC_SIZE)) | 408 if (SafeMemcmp(firmware_blob, FIRMWARE_MAGIC, FIRMWARE_MAGIC_SIZE)) |
| 409 return VERIFY_FIRMWARE_WRONG_MAGIC; | 409 return VERIFY_FIRMWARE_WRONG_MAGIC; |
| 410 header_ptr = firmware_blob + FIRMWARE_MAGIC_SIZE; | 410 header_ptr = firmware_blob + FIRMWARE_MAGIC_SIZE; |
| 411 | 411 |
| 412 /* Only continue if header verification succeeds. */ | 412 /* Only continue if header verification succeeds. */ |
| 413 if ((error_code = VerifyFirmwareHeader(root_key_blob, header_ptr, dev_mode, | 413 if ((error_code = VerifyFirmwareHeader(root_key_blob, header_ptr, dev_mode, |
| 414 &algorithm, &header_len))) | 414 &algorithm, &header_len))) |
| 415 return error_code; /* AKA jump to revovery. */ | 415 return error_code; /* AKA jump to revovery. */ |
| 416 | 416 |
| 417 /* Parse signing key into RSAPublicKey structure since it is required multiple | 417 /* Parse signing key into RSAPublicKey structure since it is required multiple |
| 418 * times. */ | 418 * times. */ |
| 419 firmware_sign_key_len = RSAProcessedKeySize(algorithm); | 419 firmware_sign_key_len = RSAProcessedKeySize(algorithm); |
| 420 firmware_sign_key_ptr = header_ptr + (FIELD_LEN(header_len) + | 420 firmware_sign_key_ptr = header_ptr + (FIELD_LEN(header_len) + |
| 421 FIELD_LEN(firmware_sign_algorithm)); | 421 FIELD_LEN(firmware_sign_algorithm)); |
| 422 firmware_sign_key = RSAPublicKeyFromBuf(firmware_sign_key_ptr, | 422 firmware_sign_key = RSAPublicKeyFromBuf(firmware_sign_key_ptr, |
| 423 firmware_sign_key_len); | 423 firmware_sign_key_len); |
| 424 signature_len = siglen_map[algorithm]; | 424 signature_len = siglen_map[algorithm]; |
| 425 | 425 |
| 426 /* Only continue if preamble verification succeeds. */ | 426 /* Only continue if preamble verification succeeds. */ |
| 427 preamble_ptr = (header_ptr + header_len + | 427 preamble_ptr = (header_ptr + header_len + |
| 428 FIELD_LEN(firmware_key_signature)); | 428 FIELD_LEN(firmware_key_signature)); |
| 429 if ((error_code = VerifyFirmwarePreamble(firmware_sign_key, preamble_ptr, | 429 if ((error_code = VerifyFirmwarePreamble(firmware_sign_key, preamble_ptr, |
| 430 algorithm, | 430 algorithm, |
| 431 &firmware_len))) | 431 &firmware_len))) { |
| 432 RSAPublicKeyFree(firmware_sign_key); |
| 432 return error_code; /* AKA jump to recovery. */ | 433 return error_code; /* AKA jump to recovery. */ |
| 433 | 434 } |
| 434 /* Only continue if firmware data verification succeeds. */ | 435 /* Only continue if firmware data verification succeeds. */ |
| 435 firmware_ptr = (preamble_ptr + | 436 firmware_ptr = (preamble_ptr + |
| 436 FIELD_LEN(firmware_version) + | 437 FIELD_LEN(firmware_version) + |
| 437 FIELD_LEN(firmware_len) + | 438 FIELD_LEN(firmware_len) + |
| 438 FIELD_LEN(preamble) + | 439 FIELD_LEN(preamble) + |
| 439 signature_len); | 440 signature_len); |
| 440 | 441 |
| 441 if ((error_code = VerifyFirmwareData(firmware_sign_key, firmware_ptr, | 442 if ((error_code = VerifyFirmwareData(firmware_sign_key, firmware_ptr, |
| 442 firmware_len, | 443 firmware_len, |
| 443 algorithm))) | 444 algorithm))) { |
| 445 RSAPublicKeyFree(firmware_sign_key); |
| 444 return error_code; /* AKA jump to recovery. */ | 446 return error_code; /* AKA jump to recovery. */ |
| 447 } |
| 445 | 448 |
| 449 RSAPublicKeyFree(firmware_sign_key); |
| 446 return 0; /* Success! */ | 450 return 0; /* Success! */ |
| 447 } | 451 } |
| 448 | 452 |
| 449 int VerifyFirmwareImage(const RSAPublicKey* root_key, | 453 int VerifyFirmwareImage(const RSAPublicKey* root_key, |
| 450 const FirmwareImage* image, | 454 const FirmwareImage* image, |
| 451 const int dev_mode) { | 455 const int dev_mode) { |
| 452 RSAPublicKey* firmware_sign_key; | 456 RSAPublicKey* firmware_sign_key = NULL; |
| 453 uint8_t* header_digest = NULL; | 457 uint8_t* header_digest = NULL; |
| 454 uint8_t* preamble_digest = NULL; | 458 uint8_t* preamble_digest = NULL; |
| 455 uint8_t* firmware_digest = NULL; | 459 uint8_t* firmware_digest = NULL; |
| 456 int firmware_sign_key_size; | 460 int firmware_sign_key_size; |
| 457 int signature_size; | 461 int signature_size; |
| 458 int error_code = 0; | 462 int error_code = 0; |
| 459 DigestContext ctx; | 463 DigestContext ctx; |
| 460 | 464 |
| 461 if (!image) | 465 if (!image) |
| 462 return VERIFY_FIRMWARE_INVALID_IMAGE; | 466 return VERIFY_FIRMWARE_INVALID_IMAGE; |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 520 image->firmware_len, | 524 image->firmware_len, |
| 521 image->firmware_sign_algorithm); | 525 image->firmware_sign_algorithm); |
| 522 if (!RSAVerify(firmware_sign_key, image->firmware_signature, | 526 if (!RSAVerify(firmware_sign_key, image->firmware_signature, |
| 523 signature_size, image->firmware_sign_algorithm, | 527 signature_size, image->firmware_sign_algorithm, |
| 524 firmware_digest)) { | 528 firmware_digest)) { |
| 525 error_code = VERIFY_FIRMWARE_SIGNATURE_FAILED; | 529 error_code = VERIFY_FIRMWARE_SIGNATURE_FAILED; |
| 526 goto verify_failure; | 530 goto verify_failure; |
| 527 } | 531 } |
| 528 | 532 |
| 529 verify_failure: | 533 verify_failure: |
| 534 RSAPublicKeyFree(firmware_sign_key); |
| 530 Free(firmware_digest); | 535 Free(firmware_digest); |
| 531 Free(preamble_digest); | 536 Free(preamble_digest); |
| 532 Free(header_digest); | 537 Free(header_digest); |
| 533 return error_code; | 538 return error_code; |
| 534 } | 539 } |
| 535 | 540 |
| 536 const char* VerifyFirmwareErrorString(int error) { | 541 const char* VerifyFirmwareErrorString(int error) { |
| 537 return kVerifyFirmwareErrors[error]; | 542 return kVerifyFirmwareErrors[error]; |
| 538 } | 543 } |
| 539 | 544 |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 579 if (!(firmware_signature = SignatureBuf(image->firmware_data, | 584 if (!(firmware_signature = SignatureBuf(image->firmware_data, |
| 580 image->firmware_len, | 585 image->firmware_len, |
| 581 signing_key_file, | 586 signing_key_file, |
| 582 image->firmware_sign_algorithm))) | 587 image->firmware_sign_algorithm))) |
| 583 return 0; | 588 return 0; |
| 584 image->firmware_signature = (uint8_t*) Malloc(signature_len); | 589 image->firmware_signature = (uint8_t*) Malloc(signature_len); |
| 585 Memcpy(image->firmware_signature, firmware_signature, signature_len); | 590 Memcpy(image->firmware_signature, firmware_signature, signature_len); |
| 586 Free(firmware_signature); | 591 Free(firmware_signature); |
| 587 return 1; | 592 return 1; |
| 588 } | 593 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 858008:
VBoot Reference: Fix many memory leaks. (Closed)
