Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/platform/vboot_reference/utils/kernel_image.c

Issue 660161: Vboot Reference: Add functions to verify signed kernel images. (Closed)
Patch Set: Fix comment. Created 10 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/platform/vboot_reference/utils/Makefile ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Functions for generating and manipulating a verified boot kernel image.
6 */
7
8 #include "kernel_image.h"
9
10 #include <fcntl.h>
11 #include <stdio.h>
12 #include <sys/types.h>
13 #include <sys/stat.h>
14 #include <unistd.h>
15
16 #include "file_keys.h"
17 #include "padding.h"
18 #include "rsa_utility.h"
19 #include "sha_utility.h"
20 #include "utility.h"
21
22 /* Macro to determine the size of a field structure in the KernelImage
23 * structure. */
24 #define FIELD_LEN(field) (sizeof(((KernelImage*)0)->field))
25
26 KernelImage* KernelImageNew(void) {
27 KernelImage* image = (KernelImage*) Malloc(sizeof(KernelImage));
28 if (image) {
29 image->kernel_sign_key = NULL;
30 image->kernel_key_signature = NULL;
31 image->config_signature = NULL;
32 image->kernel_signature = NULL;
33 image->kernel_data = NULL;
34 }
35 return image;
36 }
37
38 void KernelImageFree(KernelImage* image) {
39 if (image) {
40 Free(image->kernel_sign_key);
41 Free(image->kernel_key_signature);
42 Free(image->config_signature);
43 Free(image->kernel_signature);
44 Free(image->kernel_data);
45 Free(image);
46 }
47 }
48
49 KernelImage* ReadKernelImage(const char* input_file) {
50 uint32_t file_size;
51 int image_len = 0; /* Total size of the kernel image. */
52 int header_len = 0;
53 int firmware_sign_key_len;
54 int kernel_key_signature_len;
55 int kernel_sign_key_len;
56 int kernel_signature_len;
57 uint8_t* kernel_buf;
58 MemcpyState st;
59 KernelImage* image = KernelImageNew();
60
61 if (!image)
62 return NULL;
63
64 kernel_buf = BufferFromFile(input_file, &file_size);
65 image_len = file_size;
66
67 st.remaining_len = image_len;
68 st.remaining_buf = kernel_buf;
69
70 /* Read and compare magic bytes. */
71 if (!StatefulMemcpy(&st, &image->magic, KERNEL_MAGIC_SIZE))
72 goto parse_failure;
73
74 if (SafeMemcmp(image->magic, KERNEL_MAGIC, KERNEL_MAGIC_SIZE)) {
75 fprintf(stderr, "Wrong Kernel Magic.\n");
76 goto parse_failure;
77 }
78 StatefulMemcpy(&st, &image->header_version, FIELD_LEN(header_version));
79 StatefulMemcpy(&st, &image->header_len, FIELD_LEN(header_len));
80 StatefulMemcpy(&st, &image->firmware_sign_algorithm,
81 FIELD_LEN(firmware_sign_algorithm));
82 StatefulMemcpy(&st, &image->kernel_sign_algorithm,
83 FIELD_LEN(kernel_sign_algorithm));
84
85 /* Valid Kernel Key signing algorithm. */
86 if (image->firmware_sign_algorithm >= kNumAlgorithms)
87 goto parse_failure;
88
89 /* Valid Kernel Signing Algorithm? */
90 if (image->kernel_sign_algorithm >= kNumAlgorithms)
91 goto parse_failure;
92
93 /* Compute size of pre-processed RSA public keys and signatures. */
94 firmware_sign_key_len = RSAProcessedKeySize(image->firmware_sign_algorithm);
95 /* TODO(gauravsh): Make siglen_map track the signature length in number
96 * of bytes rather than 32-bit words. */
97 kernel_key_signature_len = (siglen_map[image->firmware_sign_algorithm] *
98 sizeof(uint32_t));
99 kernel_sign_key_len = RSAProcessedKeySize(image->kernel_sign_algorithm);
100 kernel_signature_len = (siglen_map[image->kernel_sign_algorithm] *
101 sizeof(uint32_t));
102
103 /* Check whether key header length is correct. */
104 header_len = (FIELD_LEN(header_version) +
105 FIELD_LEN(header_len) +
106 FIELD_LEN(firmware_sign_algorithm) +
107 FIELD_LEN(kernel_sign_algorithm) +
108 FIELD_LEN(kernel_key_version) +
109 kernel_sign_key_len +
110 FIELD_LEN(header_checksum));
111
112 if (header_len != image->header_len) {
113 fprintf(stderr, "Header length mismatch. Got: %d, Expected: %d\n",
114 image->header_len, header_len);
115 goto parse_failure;
116 }
117
118 /* Read pre-processed public half of the kernel signing key. */
119 StatefulMemcpy(&st, &image->kernel_key_version,
120 FIELD_LEN(kernel_key_version));
121 image->kernel_sign_key = (uint8_t*) Malloc(kernel_sign_key_len);
122 StatefulMemcpy(&st, image->kernel_sign_key, kernel_sign_key_len);
123 StatefulMemcpy(&st, image->header_checksum, FIELD_LEN(header_checksum));
124
125 /* Read key signature. */
126 StatefulMemcpy(&st, image->kernel_key_signature,
127 FIELD_LEN(kernel_key_signature));
128
129 /* Read the kernel config. */
130 StatefulMemcpy(&st, &image->kernel_version, FIELD_LEN(kernel_version));
131 StatefulMemcpy(&st, &image->options.version, FIELD_LEN(options.version));
132 StatefulMemcpy(&st, &image->options.kernel_len,
133 FIELD_LEN(options.kernel_len));
134 StatefulMemcpy(&st, &image->options.kernel_load_addr,
135 FIELD_LEN(options.kernel_load_addr));
136 StatefulMemcpy(&st, &image->options.kernel_entry_addr,
137 FIELD_LEN(options.kernel_entry_addr));
138
139 /* Read kernel config signature. */
140 image->config_signature = (uint8_t*) Malloc(kernel_signature_len);
141 StatefulMemcpy(&st, image->config_signature, kernel_signature_len);
142
143 image->kernel_signature = (uint8_t*) Malloc(kernel_signature_len);
144 StatefulMemcpy(&st, image->kernel_signature, kernel_signature_len);
145
146 image->kernel_data = (uint8_t*) Malloc(image->options.kernel_len);
147 StatefulMemcpy(&st, image->kernel_data, image->options.kernel_len);
148
149 if(st.remaining_len != 0) /* Overrun or underrun. */
150 goto parse_failure;
151
152 Free(kernel_buf);
153 return image;
154
155 parse_failure:
156 Free(kernel_buf);
157 return NULL;
158 }
159
160 void WriteKernelHeader(int fd, KernelImage* image) {
161 int kernel_sign_key_len;
162 write(fd, &image->header_version, FIELD_LEN(header_version));
163 write(fd, &image->header_len, FIELD_LEN(header_len));
164 write(fd, &image->firmware_sign_algorithm,
165 FIELD_LEN(firmware_sign_algorithm));
166 write(fd, &image->kernel_sign_algorithm,
167 FIELD_LEN(kernel_sign_algorithm));
168 write(fd, &image->kernel_key_version, FIELD_LEN(kernel_key_version));
169 kernel_sign_key_len = (image->header_len -
170 FIELD_LEN(header_version) -
171 FIELD_LEN(header_len) -
172 FIELD_LEN(firmware_sign_algorithm) -
173 FIELD_LEN(kernel_sign_algorithm) -
174 FIELD_LEN(kernel_key_version) -
175 FIELD_LEN(header_checksum));
176 write(fd, image->kernel_sign_key, kernel_sign_key_len);
177 write(fd, &image->header_checksum, FIELD_LEN(header_checksum));
178 }
179
180 void WriteKernelConfig(int fd, KernelImage* image) {
181 write(fd, &image->kernel_version, FIELD_LEN(kernel_version));
182 write(fd, image->options.version, FIELD_LEN(options.version));
183 write(fd, &image->options.kernel_len, FIELD_LEN(options.kernel_len));
184 write(fd, &image->options.kernel_load_addr,
185 FIELD_LEN(options.kernel_load_addr));
186 write(fd, &image->options.kernel_entry_addr,
187 FIELD_LEN(options.kernel_entry_addr));
188 }
189
190 KernelImage* WriteKernelImage(const char* input_file,
191 KernelImage* image) {
192 int fd;
193 int kernel_key_signature_len;
194 int kernel_signature_len;
195 if (!image)
196 return NULL;
197 if (-1 == (fd = creat(input_file,
198 S_IRUSR | S_IWUSR))) { /* Owner has R/W permissions. */
199 fprintf(stderr, "Couldn't open file for writing.\n");
200 return NULL;
201 }
202
203 kernel_key_signature_len = (siglen_map[image->firmware_sign_algorithm] *
204 sizeof(uint32_t));
205 kernel_signature_len = (siglen_map[image->kernel_sign_algorithm] *
206 sizeof(uint32_t));
207
208 write(fd, image->magic, FIELD_LEN(magic));
209 WriteKernelHeader(fd, image);
210 write(fd, image->kernel_key_signature, kernel_key_signature_len);
211 WriteKernelConfig(fd, image);
212 write(fd, image->config_signature, kernel_signature_len);
213 write(fd, image->kernel_signature, kernel_signature_len);
214 write(fd, image->kernel_data, image->options.kernel_len);
215
216 close(fd);
217 return image;
218 }
219
220 void PrintKernelImage(const KernelImage* image) {
221 if (!image)
222 return;
223
224 /* Print header. */
225 printf("Header Length = %d\n"
226 "Firmware Signing key algorithm id = %d\n"
227 "Kernel Signing key algorithm id = %d\n"
228 "Kernel Signature Algorithm = %s\n"
229 "Kernel Key Version = %d\n\n",
230 image->header_len,
231 image->firmware_sign_algorithm,
232 image->kernel_sign_algorithm,
233 algo_strings[image->kernel_sign_algorithm],
234 image->kernel_key_version);
235 /* TODO(gauravsh): Output hash and key signature here? */
236 /* Print preamble. */
237 printf("Kernel Version = %d\n"
238 "Kernel Config Version = %d.%d\n"
239 "kernel Length = %d\n"
240 "Kernel Load Address = %" PRId64 "\n"
241 "Kernel Entry Address = %" PRId64 "\n\n",
242 image->kernel_version,
243 image->options.version[0], image->options.version[1],
244 image->options.kernel_len,
245 image->options.kernel_load_addr,
246 image->options.kernel_entry_addr);
247 /* TODO(gauravsh): Output kernel signature here? */
248 }
249
250 char* kVerifyKernelErrors[VERIFY_KERNEL_MAX] = {
251 "Success.",
252 "Invalid Image.",
253 "Kernel Key Signature Failed.",
254 "Invalid Kernel Verification Algorithm.",
255 "Config Signature Failed.",
256 "Kernel Signature Failed.",
257 "Wrong Kernel Magic.",
258 };
259
260 int VerifyKernelHeader(const uint8_t* firmware_key_blob,
261 const uint8_t* header_blob,
262 const int dev_mode,
263 int* firmware_algorithm,
264 int* kernel_algorithm,
265 int* kernel_header_len) {
266 int kernel_sign_key_len;
267 int firmware_sign_key_len;
268 uint16_t header_version, header_len;
269 uint16_t firmware_sign_algorithm, kernel_sign_algorithm;
270 uint8_t* header_checksum = NULL;
271
272 /* Base Offset for the header_checksum field. Actual offset is
273 * this + kernel_sign_key_len. */
274 int base_header_checksum_offset = (FIELD_LEN(header_version) +
275 FIELD_LEN(header_len) +
276 FIELD_LEN(firmware_sign_algorithm) +
277 FIELD_LEN(kernel_sign_algorithm) +
278 FIELD_LEN(kernel_key_version));
279
280 Memcpy(&header_version, header_blob, sizeof(header_version));
281 Memcpy(&header_len, header_blob + FIELD_LEN(header_version),
282 sizeof(header_len));
283 Memcpy(&firmware_sign_algorithm,
284 header_blob + (FIELD_LEN(header_version) +
285 FIELD_LEN(header_len)),
286 sizeof(firmware_sign_algorithm));
287 Memcpy(&kernel_sign_algorithm,
288 header_blob + (FIELD_LEN(header_version) +
289 FIELD_LEN(header_len) +
290 FIELD_LEN(firmware_sign_algorithm)),
291 sizeof(kernel_sign_algorithm));
292
293 /* TODO(gauravsh): Make this return two different error types depending
294 * on whether the firmware or kernel signing algorithm is invalid. */
295 if (firmware_sign_algorithm >= kNumAlgorithms)
296 return VERIFY_KERNEL_INVALID_ALGORITHM;
297 if (kernel_sign_algorithm >= kNumAlgorithms)
298 return VERIFY_KERNEL_INVALID_ALGORITHM;
299
300 *firmware_algorithm = (int) firmware_sign_algorithm;
301 *kernel_algorithm = (int) kernel_sign_algorithm;
302 kernel_sign_key_len = RSAProcessedKeySize(kernel_sign_algorithm);
303 firmware_sign_key_len = RSAProcessedKeySize(firmware_sign_algorithm);
304
305
306 /* Verify if header len is correct? */
307 if (header_len != (base_header_checksum_offset +
308 kernel_sign_key_len +
309 FIELD_LEN(header_checksum))) {
310 fprintf(stderr, "VerifyKernelHeader: Header length mismatch\n");
311 return VERIFY_KERNEL_INVALID_IMAGE;
312 }
313 *kernel_header_len = (int) header_len;
314
315 /* Verify if the hash of the header is correct. */
316 header_checksum = DigestBuf(header_blob,
317 header_len - FIELD_LEN(header_checksum),
318 SHA512_DIGEST_ALGORITHM);
319 if (SafeMemcmp(header_checksum,
320 header_blob + (base_header_checksum_offset +
321 kernel_sign_key_len),
322 FIELD_LEN(header_checksum))) {
323 Free(header_checksum);
324 return VERIFY_KERNEL_INVALID_IMAGE;
325 }
326 Free(header_checksum);
327
328 /* Verify kernel key signature unless we are in dev mode. */
329 if (!dev_mode) {
330 if (!RSAVerifyBinary_f(firmware_key_blob, NULL, /* Key to use */
331 header_blob, /* Data to verify */
332 header_len, /* Length of data */
333 header_blob + header_len, /* Expected Signature */
334 firmware_sign_algorithm))
335 return VERIFY_KERNEL_KEY_SIGNATURE_FAILED;
336 }
337 return 0;
338 }
339
340 int VerifyKernelConfig(RSAPublicKey* kernel_sign_key,
341 const uint8_t* config_blob,
342 int algorithm,
343 int* kernel_len) {
344 uint32_t len, config_len;
345 config_len = (FIELD_LEN(kernel_version) +
346 FIELD_LEN(options.version)+
347 FIELD_LEN(options.kernel_len) +
348 FIELD_LEN(options.kernel_load_addr) +
349 FIELD_LEN(options.kernel_entry_addr));
350 if (!RSAVerifyBinary_f(NULL, kernel_sign_key, /* Key to use */
351 config_blob, /* Data to verify */
352 config_len, /* Length of data */
353 config_blob + config_len, /* Expected Signature */
354 algorithm))
355 return VERIFY_KERNEL_CONFIG_SIGNATURE_FAILED;
356
357 Memcpy(&len, config_blob + (FIELD_LEN(kernel_version)+
358 FIELD_LEN(options.version)),
359 sizeof(len));
360 *kernel_len = (int) len;
361 return 0;
362 }
363
364 int VerifyKernelData(RSAPublicKey* kernel_sign_key,
365 const uint8_t* kernel_data_start,
366 int kernel_len,
367 int algorithm) {
368 int signature_len = siglen_map[algorithm] * sizeof(uint32_t);
369 if (!RSAVerifyBinary_f(NULL, kernel_sign_key, /* Key to use. */
370 kernel_data_start + signature_len, /* Data to
371 * verify */
372 kernel_len, /* Length of data. */
373 kernel_data_start, /* Expected Signature */
374 algorithm))
375 return VERIFY_KERNEL_SIGNATURE_FAILED;
376 return 0;
377 }
378
379 int VerifyKernel(const uint8_t* firmware_key_blob,
380 const uint8_t* kernel_blob,
381 const int dev_mode) {
382 int error_code;
383 int firmware_sign_algorithm; /* Firmware signing key algorithm. */
384 int kernel_sign_algorithm; /* Kernel Signing key algorithm. */
385 RSAPublicKey* kernel_sign_key;
386 int kernel_sign_key_len, kernel_key_signature_len, kernel_signature_len,
387 header_len, kernel_len;
388 const uint8_t* header_ptr; /* Pointer to header. */
389 const uint8_t* kernel_sign_key_ptr; /* Pointer to signing key. */
390 const uint8_t* config_ptr; /* Pointer to kernel config block. */
391 const uint8_t* kernel_ptr; /* Pointer to kernel signature/data. */
392
393 /* Note: All the offset calculations are based on struct FirmwareImage which
394 * is defined in include/firmware_image.h. */
395
396 /* Compare magic bytes. */
397 if (SafeMemcmp(kernel_blob, KERNEL_MAGIC, KERNEL_MAGIC_SIZE))
398 return VERIFY_KERNEL_WRONG_MAGIC;
399 header_ptr = kernel_blob + KERNEL_MAGIC_SIZE;
400
401 /* Only continue if header verification succeeds. */
402 if ((error_code = VerifyKernelHeader(firmware_key_blob, header_ptr, dev_mode,
403 &firmware_sign_algorithm,
404 &kernel_sign_algorithm, &header_len))) {
405 fprintf(stderr, "VerifyKernel: Kernel header verification failed.\n");
406 return error_code; /* AKA jump to recovery. */
407 }
408 /* Parse signing key into RSAPublicKey structure since it is required multiple
409 * times. */
410 kernel_sign_key_len = RSAProcessedKeySize(kernel_sign_algorithm);
411 kernel_sign_key_ptr = header_ptr + (FIELD_LEN(header_version) +
412 FIELD_LEN(header_len) +
413 FIELD_LEN(firmware_sign_algorithm) +
414 FIELD_LEN(kernel_sign_algorithm) +
415 FIELD_LEN(kernel_key_version));
416 kernel_sign_key = RSAPublicKeyFromBuf(kernel_sign_key_ptr,
417 kernel_sign_key_len);
418 kernel_signature_len = siglen_map[kernel_sign_algorithm] * sizeof(uint32_t);
419 kernel_key_signature_len = siglen_map[firmware_sign_algorithm] *
420 sizeof(uint32_t);
421
422 /* Only continue if config verification succeeds. */
423 config_ptr = (header_ptr + header_len + kernel_key_signature_len);
424 if ((error_code = VerifyKernelConfig(kernel_sign_key, config_ptr,
425 kernel_sign_algorithm,
426 &kernel_len)))
427 return error_code; /* AKA jump to recovery. */
428 /* Only continue if kernel data verification succeeds. */
429 kernel_ptr = (config_ptr +
430 FIELD_LEN(kernel_version) +
431 FIELD_LEN(options.version) +
432 FIELD_LEN(options.kernel_len) +
433 FIELD_LEN(options.kernel_entry_addr) +
434 FIELD_LEN(options.kernel_load_addr) +
435 kernel_signature_len);
436
437 if ((error_code = VerifyKernelData(kernel_sign_key, kernel_ptr, kernel_len,
438 kernel_sign_algorithm)))
439 return error_code; /* AKA jump to recovery. */
440 return 0; /* Success! */
441 }
442
443 int VerifyKernelImage(const RSAPublicKey* firmware_key,
444 const KernelImage* image,
445 const int dev_mode) {
446 RSAPublicKey* kernel_sign_key;
447 uint8_t* header_digest = NULL;
448 uint8_t* config_digest = NULL;
449 uint8_t* kernel_digest = NULL;
450 int kernel_sign_key_size;
451 int kernel_signature_size;
452 int error_code = 0;
453 DigestContext ctx;
454
455 if (!image)
456 return VERIFY_KERNEL_INVALID_IMAGE;
457
458 /* Verify kernel key signature on the key header if we
459 * are not in dev mode.
460 *
461 * TODO(gauravsh): Add additional sanity checks here for:
462 * 1) verifying the header length is correct.
463 * 2) header_checksum is correct.
464 */
465
466 if (image->firmware_sign_algorithm >= kNumAlgorithms)
467 return VERIFY_KERNEL_INVALID_ALGORITHM;
468 if (image->kernel_sign_algorithm >= kNumAlgorithms)
469 return VERIFY_KERNEL_INVALID_ALGORITHM;
470
471 if (!dev_mode) {
472 DigestInit(&ctx, image->firmware_sign_algorithm);
473 DigestUpdate(&ctx, (uint8_t*) &image->header_version,
474 FIELD_LEN(header_version));
475 DigestUpdate(&ctx, (uint8_t*) &image->header_len,
476 FIELD_LEN(header_len));
477 DigestUpdate(&ctx, (uint8_t*) &image->firmware_sign_algorithm,
478 FIELD_LEN(firmware_sign_algorithm));
479 DigestUpdate(&ctx, (uint8_t*) &image->kernel_sign_algorithm,
480 FIELD_LEN(kernel_sign_algorithm));
481 DigestUpdate(&ctx, (uint8_t*) &image->kernel_key_version,
482 FIELD_LEN(kernel_key_version));
483 DigestUpdate(&ctx, image->kernel_sign_key,
484 RSAProcessedKeySize(image->kernel_sign_algorithm));
485 DigestUpdate(&ctx, image->header_checksum,
486 FIELD_LEN(header_checksum));
487 header_digest = DigestFinal(&ctx);
488 if (!RSA_verify(firmware_key, image->kernel_key_signature,
489 siglen_map[image->firmware_sign_algorithm] *
490 sizeof(uint32_t),
491 image->firmware_sign_algorithm,
492 header_digest)) {
493 fprintf(stderr, "VerifyKernelImage(): Key signature check failed.\n");
494 error_code = VERIFY_KERNEL_KEY_SIGNATURE_FAILED;
495 goto verify_failure;
496 }
497 }
498
499 /* Get kernel signing key to verify the rest of the kernel. */
500 kernel_sign_key_size = RSAProcessedKeySize(image->kernel_sign_algorithm);
501 kernel_sign_key = RSAPublicKeyFromBuf(image->kernel_sign_key,
502 kernel_sign_key_size);
503 kernel_signature_size = siglen_map[image->kernel_sign_algorithm] *
504 sizeof(uint32_t);
505
506 /* Verify kernel config signature. */
507 DigestInit(&ctx, image->kernel_sign_algorithm);
508 DigestUpdate(&ctx, (uint8_t*) &image->kernel_version,
509 FIELD_LEN(kernel_version));
510 DigestUpdate(&ctx, (uint8_t*) &image->options.version,
511 FIELD_LEN(options.version));
512 DigestUpdate(&ctx, (uint8_t*) &image->options.kernel_len,
513 FIELD_LEN(options.kernel_len));
514 DigestUpdate(&ctx, (uint8_t*) &image->options.kernel_load_addr,
515 FIELD_LEN(options.kernel_load_addr));
516 DigestUpdate(&ctx, (uint8_t*) &image->options.kernel_entry_addr,
517 FIELD_LEN(options.kernel_entry_addr));
518 config_digest = DigestFinal(&ctx);
519 if (!RSA_verify(kernel_sign_key, image->config_signature,
520 kernel_signature_size, image->kernel_sign_algorithm,
521 config_digest)) {
522 error_code = VERIFY_KERNEL_CONFIG_SIGNATURE_FAILED;
523 goto verify_failure;
524 }
525
526 /* Verify firmware signature. */
527 kernel_digest = DigestBuf(image->kernel_data,
528 image->options.kernel_len,
529 image->kernel_sign_algorithm);
530 if(!RSA_verify(kernel_sign_key, image->kernel_signature,
531 kernel_signature_size, image->kernel_sign_algorithm,
532 kernel_digest)) {
533 error_code = VERIFY_KERNEL_SIGNATURE_FAILED;
534 goto verify_failure;
535 }
536
537 verify_failure:
538 Free(kernel_digest);
539 Free(config_digest);
540 Free(header_digest);
541 return error_code;
542 }
543
544 const char* VerifyKernelErrorString(int error) {
545 return kVerifyKernelErrors[error];
546 }
547
548 int AddKernelKeySignature(KernelImage* image, const char* firmware_key_file) {
549 int tmp_hdr_fd;
550 char* tmp_hdr_file = ".tmpKernelHdrFile";
551 uint8_t* signature;
552 int signature_len = siglen_map[image->firmware_sign_algorithm] *
553 sizeof(uint32_t);
554
555 if(-1 == (tmp_hdr_fd = creat(tmp_hdr_file, S_IRWXU))) {
556 fprintf(stderr, "Could not open temporary file for writing "
557 "kernel header.\n");
558 return 0;
559 }
560 WriteKernelHeader(tmp_hdr_fd, image);
561 close(tmp_hdr_fd);
562 if (!(signature = SignatureFile(tmp_hdr_file, firmware_key_file,
563 image->firmware_sign_algorithm)))
564 return 0;
565 image->kernel_key_signature = Malloc(signature_len);
566 Memcpy(image->kernel_key_signature, signature, signature_len);
567 return 1;
568 }
569
570 int AddKernelSignature(KernelImage* image, const char* kernel_signing_key_file,
571 int algorithm) {
572 int tmp_config_fd;
573 char* tmp_config_file = ".tmpConfigFile";
574 int tmp_kernel_fd;
575 char* tmp_kernel_file = ".tmpKernelFile";
576 uint8_t* config_signature;
577 uint8_t* kernel_signature;
578 int signature_len = siglen_map[algorithm] * sizeof(uint32_t);
579
580 /* Write config to a file. */
581 if(-1 == (tmp_config_fd = creat(tmp_config_file, S_IRWXU))) {
582 fprintf(stderr, "Could not open temporary file for writing "
583 "kernel config.\n");
584 return 0;
585 }
586 WriteKernelConfig(tmp_config_fd, image);
587 close(tmp_config_fd);
588 if (!(config_signature = SignatureFile(tmp_config_file,
589 kernel_signing_key_file,
590 algorithm)))
591 return 0;
592 image->config_signature = (uint8_t*) Malloc(signature_len);
593 Memcpy(image->config_signature, config_signature, signature_len);
594 Free(config_signature);
595
596 if (-1 == (tmp_kernel_fd = creat(tmp_kernel_file, S_IRWXU))) {
597 fprintf(stderr, "Could not open temporary file for writing "
598 "kernel.\n");
599 return 0;
600 }
601 write(tmp_kernel_fd, image->kernel_data, image->options.kernel_len);
602 close(tmp_kernel_fd);
603
604 if (!(kernel_signature = SignatureFile(tmp_kernel_file,
605 kernel_signing_key_file,
606 algorithm))) {
607 fprintf(stderr, "Could not compute signature on the kernel.\n");
608 return 0;
609 }
610 image->kernel_signature = (uint8_t*) Malloc(signature_len);
611 Memcpy(image->kernel_signature, kernel_signature, signature_len);
612 Free(kernel_signature);
613 return 1;
614 }
OLDNEW
« no previous file with comments | « src/platform/vboot_reference/utils/Makefile ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698