OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Functions for verifying a verified boot kernel image. | 5 * Functions for verifying a verified boot kernel image. |
6 * (Firmware portion) | 6 * (Firmware portion) |
7 */ | 7 */ |
8 | 8 |
9 #include "kernel_image_fw.h" | 9 #include "kernel_image_fw.h" |
10 | 10 |
(...skipping 232 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
243 StatefulSkip(&st, kernel_sign_key_len); | 243 StatefulSkip(&st, kernel_sign_key_len); |
244 StatefulMemcpy(&st, image->header_checksum, FIELD_LEN(header_checksum)); | 244 StatefulMemcpy(&st, image->header_checksum, FIELD_LEN(header_checksum)); |
245 | 245 |
246 /* Parse signing key into RSAPublicKey structure since it is | 246 /* Parse signing key into RSAPublicKey structure since it is |
247 * required multiple times. */ | 247 * required multiple times. */ |
248 *kernel_sign_key = RSAPublicKeyFromBuf(image->kernel_sign_key, | 248 *kernel_sign_key = RSAPublicKeyFromBuf(image->kernel_sign_key, |
249 kernel_sign_key_len); | 249 kernel_sign_key_len); |
250 kernel_signature_len = siglen_map[kernel_sign_algorithm]; | 250 kernel_signature_len = siglen_map[kernel_sign_algorithm]; |
251 kernel_key_signature_len = siglen_map[firmware_sign_algorithm]; | 251 kernel_key_signature_len = siglen_map[firmware_sign_algorithm]; |
252 image->kernel_key_signature = (uint8_t*)st.remaining_buf; | 252 image->kernel_key_signature = (uint8_t*)st.remaining_buf; |
253 StatefulSkip(&st, kernel_signature_len); | 253 StatefulSkip(&st, kernel_key_signature_len); |
254 | 254 |
255 /* Only continue if preamble verification succeeds. */ | 255 /* Only continue if preamble verification succeeds. */ |
256 /* TODO: should pass the remaining len into VerifyKernelPreamble() */ | 256 /* TODO: should pass the remaining len into VerifyKernelPreamble() */ |
257 preamble_ptr = (const uint8_t*)st.remaining_buf; | 257 preamble_ptr = (const uint8_t*)st.remaining_buf; |
258 if ((error_code = VerifyKernelPreamble(*kernel_sign_key, preamble_ptr, | 258 if ((error_code = VerifyKernelPreamble(*kernel_sign_key, preamble_ptr, |
259 kernel_sign_algorithm, | 259 kernel_sign_algorithm, |
260 &kernel_len))) { | 260 &kernel_len))) { |
261 RSAPublicKeyFree(*kernel_sign_key); | 261 RSAPublicKeyFree(*kernel_sign_key); |
| 262 *kernel_sign_key = NULL; |
262 return error_code; /* AKA jump to recovery. */ | 263 return error_code; /* AKA jump to recovery. */ |
263 } | 264 } |
264 | 265 |
265 /* Copy preamble fields */ | 266 /* Copy preamble fields */ |
266 StatefulMemcpy(&st, &image->kernel_version, FIELD_LEN(kernel_version)); | 267 StatefulMemcpy(&st, &image->kernel_version, FIELD_LEN(kernel_version)); |
267 StatefulMemcpy(&st, &image->kernel_len, FIELD_LEN(kernel_len)); | 268 StatefulMemcpy(&st, &image->kernel_len, FIELD_LEN(kernel_len)); |
268 StatefulMemcpy(&st, &image->bootloader_offset, FIELD_LEN(bootloader_offset)); | 269 StatefulMemcpy(&st, &image->bootloader_offset, FIELD_LEN(bootloader_offset)); |
269 StatefulMemcpy(&st, &image->bootloader_size, FIELD_LEN(bootloader_size)); | 270 StatefulMemcpy(&st, &image->bootloader_size, FIELD_LEN(bootloader_size)); |
270 StatefulMemcpy(&st, &image->padded_header_size, | 271 StatefulMemcpy(&st, &image->padded_header_size, |
271 FIELD_LEN(padded_header_size)); | 272 FIELD_LEN(padded_header_size)); |
(...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
374 | 375 |
375 kernel_key_signature_len = siglen_map[firmware_sign_algorithm]; | 376 kernel_key_signature_len = siglen_map[firmware_sign_algorithm]; |
376 kernel_sign_key_len = RSAProcessedKeySize(kernel_sign_algorithm); | 377 kernel_sign_key_len = RSAProcessedKeySize(kernel_sign_algorithm); |
377 kernel_ptr += (FIELD_LEN(kernel_key_version) + | 378 kernel_ptr += (FIELD_LEN(kernel_key_version) + |
378 kernel_sign_key_len + | 379 kernel_sign_key_len + |
379 FIELD_LEN(header_checksum) + | 380 FIELD_LEN(header_checksum) + |
380 kernel_key_signature_len); | 381 kernel_key_signature_len); |
381 Memcpy(&kernel_version, kernel_ptr, sizeof(kernel_version)); | 382 Memcpy(&kernel_version, kernel_ptr, sizeof(kernel_version)); |
382 return CombineUint16Pair(kernel_key_version, kernel_version); | 383 return CombineUint16Pair(kernel_key_version, kernel_version); |
383 } | 384 } |
OLD | NEW |