OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Functions for generating and manipulating a verified boot firmware image. | 5 * Functions for generating and manipulating a verified boot firmware image. |
6 */ | 6 */ |
7 | 7 |
8 #include "firmware_image.h" | 8 #include "firmware_image.h" |
9 | 9 |
10 #include <fcntl.h> | 10 #include <fcntl.h> |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
80 if (image->firmware_sign_algorithm >= kNumAlgorithms) { | 80 if (image->firmware_sign_algorithm >= kNumAlgorithms) { |
81 Free(firmware_buf); | 81 Free(firmware_buf); |
82 return NULL; | 82 return NULL; |
83 } | 83 } |
84 | 84 |
85 /* Compute size of pre-processed RSA public key and signature. */ | 85 /* Compute size of pre-processed RSA public key and signature. */ |
86 firmware_sign_key_len = RSAProcessedKeySize(image->firmware_sign_algorithm); | 86 firmware_sign_key_len = RSAProcessedKeySize(image->firmware_sign_algorithm); |
87 signature_len = siglen_map[image->firmware_sign_algorithm]; | 87 signature_len = siglen_map[image->firmware_sign_algorithm]; |
88 | 88 |
89 /* Check whether the header length is correct. */ | 89 /* Check whether the header length is correct. */ |
90 header_len = (FIELD_LEN(header_len) + | 90 header_len = GetFirmwareHeaderLen(image); |
91 FIELD_LEN(firmware_sign_algorithm) + | |
92 firmware_sign_key_len + | |
93 FIELD_LEN(firmware_key_version) + | |
94 FIELD_LEN(header_checksum)); | |
95 if (header_len != image->header_len) { | 91 if (header_len != image->header_len) { |
96 fprintf(stderr, "Header length mismatch. Got: %d Expected: %d\n", | 92 fprintf(stderr, "Header length mismatch. Got: %d Expected: %d\n", |
97 image->header_len, header_len); | 93 image->header_len, header_len); |
98 Free(firmware_buf); | 94 Free(firmware_buf); |
99 return NULL; | 95 return NULL; |
100 } | 96 } |
101 | 97 |
102 /* Read pre-processed public half of the sign key. */ | 98 /* Read pre-processed public half of the sign key. */ |
103 image->firmware_sign_key = (uint8_t*) Malloc(firmware_sign_key_len); | 99 image->firmware_sign_key = (uint8_t*) Malloc(firmware_sign_key_len); |
104 StatefulMemcpy(&st, image->firmware_sign_key, firmware_sign_key_len); | 100 StatefulMemcpy(&st, image->firmware_sign_key, firmware_sign_key_len); |
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
208 firmware_blob = (uint8_t*) Malloc(*blob_len); | 204 firmware_blob = (uint8_t*) Malloc(*blob_len); |
209 st.remaining_len = *blob_len; | 205 st.remaining_len = *blob_len; |
210 st.remaining_buf = firmware_blob; | 206 st.remaining_buf = firmware_blob; |
211 | 207 |
212 header_blob = GetFirmwareHeaderBlob(image); | 208 header_blob = GetFirmwareHeaderBlob(image); |
213 preamble_blob = GetFirmwarePreambleBlob(image); | 209 preamble_blob = GetFirmwarePreambleBlob(image); |
214 | 210 |
215 StatefulMemcpy_r(&st, image->magic, FIELD_LEN(magic)); | 211 StatefulMemcpy_r(&st, image->magic, FIELD_LEN(magic)); |
216 StatefulMemcpy_r(&st, header_blob, GetFirmwareHeaderLen(image)); | 212 StatefulMemcpy_r(&st, header_blob, GetFirmwareHeaderLen(image)); |
217 StatefulMemcpy_r(&st, image->firmware_key_signature, | 213 StatefulMemcpy_r(&st, image->firmware_key_signature, |
218 FIELD_LEN(firmware_key_signature)); | 214 FIELD_LEN(firmware_key_signature)); |
219 StatefulMemcpy_r(&st, preamble_blob, GetFirmwarePreambleLen(image)); | 215 StatefulMemcpy_r(&st, preamble_blob, GetFirmwarePreambleLen(image)); |
220 StatefulMemcpy_r(&st, image->preamble_signature, firmware_signature_len); | 216 StatefulMemcpy_r(&st, image->preamble_signature, firmware_signature_len); |
221 StatefulMemcpy_r(&st, image->firmware_signature, firmware_signature_len); | 217 StatefulMemcpy_r(&st, image->firmware_signature, firmware_signature_len); |
222 StatefulMemcpy_r(&st, image->firmware_data, image->firmware_len); | 218 StatefulMemcpy_r(&st, image->firmware_data, image->firmware_len); |
223 | 219 |
224 Free(preamble_blob); | 220 Free(preamble_blob); |
225 Free(header_blob); | 221 Free(header_blob); |
226 | 222 |
227 if (st.remaining_len != 0) { /* Underrun or Overrun. */ | 223 if (st.remaining_len != 0) { /* Underrun or Overrun. */ |
228 Free(firmware_blob); | 224 Free(firmware_blob); |
(...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
427 preamble_ptr = (header_ptr + header_len + | 423 preamble_ptr = (header_ptr + header_len + |
428 FIELD_LEN(firmware_key_signature)); | 424 FIELD_LEN(firmware_key_signature)); |
429 if ((error_code = VerifyFirmwarePreamble(firmware_sign_key, preamble_ptr, | 425 if ((error_code = VerifyFirmwarePreamble(firmware_sign_key, preamble_ptr, |
430 algorithm, | 426 algorithm, |
431 &firmware_len))) { | 427 &firmware_len))) { |
432 RSAPublicKeyFree(firmware_sign_key); | 428 RSAPublicKeyFree(firmware_sign_key); |
433 return error_code; /* AKA jump to recovery. */ | 429 return error_code; /* AKA jump to recovery. */ |
434 } | 430 } |
435 /* Only continue if firmware data verification succeeds. */ | 431 /* Only continue if firmware data verification succeeds. */ |
436 firmware_ptr = (preamble_ptr + | 432 firmware_ptr = (preamble_ptr + |
437 FIELD_LEN(firmware_version) + | 433 GetFirmwarePreambleLen(NULL) + |
438 FIELD_LEN(firmware_len) + | |
439 FIELD_LEN(preamble) + | |
440 signature_len); | 434 signature_len); |
441 | 435 |
442 if ((error_code = VerifyFirmwareData(firmware_sign_key, firmware_ptr, | 436 if ((error_code = VerifyFirmwareData(firmware_sign_key, firmware_ptr, |
443 firmware_len, | 437 firmware_len, |
444 algorithm))) { | 438 algorithm))) { |
445 RSAPublicKeyFree(firmware_sign_key); | 439 RSAPublicKeyFree(firmware_sign_key); |
446 return error_code; /* AKA jump to recovery. */ | 440 return error_code; /* AKA jump to recovery. */ |
447 } | 441 } |
448 | 442 |
449 RSAPublicKeyFree(firmware_sign_key); | 443 RSAPublicKeyFree(firmware_sign_key); |
(...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
584 if (!(firmware_signature = SignatureBuf(image->firmware_data, | 578 if (!(firmware_signature = SignatureBuf(image->firmware_data, |
585 image->firmware_len, | 579 image->firmware_len, |
586 signing_key_file, | 580 signing_key_file, |
587 image->firmware_sign_algorithm))) | 581 image->firmware_sign_algorithm))) |
588 return 0; | 582 return 0; |
589 image->firmware_signature = (uint8_t*) Malloc(signature_len); | 583 image->firmware_signature = (uint8_t*) Malloc(signature_len); |
590 Memcpy(image->firmware_signature, firmware_signature, signature_len); | 584 Memcpy(image->firmware_signature, firmware_signature, signature_len); |
591 Free(firmware_signature); | 585 Free(firmware_signature); |
592 return 1; | 586 return 1; |
593 } | 587 } |
OLD | NEW |