| OLD | NEW |
|---|
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 * | 4 * |
| 5 * Functions for generating and manipulating a verified boot kernel image. | 5 * Functions for generating and manipulating a verified boot kernel image. |
| 6 */ | 6 */ |
| 7 | 7 |
| 8 #include "kernel_image.h" | 8 #include "kernel_image.h" |
| 9 | 9 |
| 10 #include <fcntl.h> | 10 #include <fcntl.h> |
| (...skipping 386 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 397 | 397 |
| 398 /* Verify if the hash of the header is correct. */ | 398 /* Verify if the hash of the header is correct. */ |
| 399 header_checksum = DigestBuf(header_blob, | 399 header_checksum = DigestBuf(header_blob, |
| 400 header_len - FIELD_LEN(header_checksum), | 400 header_len - FIELD_LEN(header_checksum), |
| 401 SHA512_DIGEST_ALGORITHM); | 401 SHA512_DIGEST_ALGORITHM); |
| 402 if (SafeMemcmp(header_checksum, | 402 if (SafeMemcmp(header_checksum, |
| 403 header_blob + (base_header_checksum_offset + | 403 header_blob + (base_header_checksum_offset + |
| 404 kernel_sign_key_len), | 404 kernel_sign_key_len), |
| 405 FIELD_LEN(header_checksum))) { | 405 FIELD_LEN(header_checksum))) { |
| 406 Free(header_checksum); | 406 Free(header_checksum); |
| 407 fprintf(stderr, "VerifyKernelHeader: Invalid header hash\n"); |
| 407 return VERIFY_KERNEL_INVALID_IMAGE; | 408 return VERIFY_KERNEL_INVALID_IMAGE; |
| 408 } | 409 } |
| 409 Free(header_checksum); | 410 Free(header_checksum); |
| 410 | 411 |
| 411 /* Verify kernel key signature unless we are in dev mode. */ | 412 /* Verify kernel key signature unless we are in dev mode. */ |
| 412 if (!dev_mode) { | 413 if (!dev_mode) { |
| 413 if (!RSAVerifyBinary_f(firmware_key_blob, NULL, /* Key to use */ | 414 if (!RSAVerifyBinary_f(firmware_key_blob, NULL, /* Key to use */ |
| 414 header_blob, /* Data to verify */ | 415 header_blob, /* Data to verify */ |
| 415 header_len, /* Length of data */ | 416 header_len, /* Length of data */ |
| 416 header_blob + header_len, /* Expected Signature */ | 417 header_blob + header_len, /* Expected Signature */ |
| (...skipping 259 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 676 kernel_signing_key_file, | 677 kernel_signing_key_file, |
| 677 image->kernel_sign_algorithm))) { | 678 image->kernel_sign_algorithm))) { |
| 678 fprintf(stderr, "Could not compute signature on the kernel.\n"); | 679 fprintf(stderr, "Could not compute signature on the kernel.\n"); |
| 679 return 0; | 680 return 0; |
| 680 } | 681 } |
| 681 image->kernel_signature = (uint8_t*) Malloc(signature_len); | 682 image->kernel_signature = (uint8_t*) Malloc(signature_len); |
| 682 Memcpy(image->kernel_signature, kernel_signature, signature_len); | 683 Memcpy(image->kernel_signature, kernel_signature, signature_len); |
| 683 Free(kernel_signature); | 684 Free(kernel_signature); |
| 684 return 1; | 685 return 1; |
| 685 } | 686 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 975007:
Add fuzz testing driver programs for kernel and firmware verification. (Closed)
