futility: Create signatures using vboot 2.0 APIs
authorRandall Spangler <rspangler@chromium.org>
Fri, 17 Jun 2016 17:48:16 +0000 (10:48 -0700)
committerchrome-bot <chrome-bot@chromium.org>
Thu, 4 Aug 2016 02:40:41 +0000 (19:40 -0700)
Refactor futility to use only vboot 2.0 APIs to create signatures.

BUG=chromium:611535
BRANCH=none
TEST=make runtests

Change-Id: I176e7f424fa556d34d8fe691df5681f1e43210ce
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356128
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
27 files changed:
Makefile
firmware/include/vboot_struct.h
firmware/lib20/include/vb2_struct.h
futility/cmd_show.c
futility/cmd_sign.c
futility/cmd_vbutil_firmware.c
futility/file_type.inc
futility/file_type_bios.c
futility/futility_options.h
host/lib/host_common.c
host/lib/host_common2.c [new file with mode: 0644]
host/lib/host_key2.c [new file with mode: 0644]
host/lib/host_keyblock.c
host/lib/host_signature.c
host/lib/host_signature2.c [new file with mode: 0644]
host/lib/include/host_common.h
host/lib/include/host_key.h
host/lib/include/host_signature.h
host/lib21/host_signature.c
host/lib21/include/host_signature2.h
host/linktest/main.c
tests/gen_preamble_testdata.sh
tests/run_preamble_tests.sh
tests/vb20_common2_tests.c
tests/vb20_common3_tests.c
tests/vb20_common_tests.c
tests/vboot_common_tests.c

index d522533..7b8cbcf 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -460,11 +460,14 @@ UTILLIB_SRCS = \
        host/lib/file_keys.c \
        host/lib/fmap.c \
        host/lib/host_common.c \
+       host/lib/host_common2.c \
        host/lib/host_key.c \
+       host/lib/host_key2.c \
        host/lib/host_keyblock.c \
        host/lib/host_misc.c \
        host/lib/util_misc.c \
        host/lib/host_signature.c \
+       host/lib/host_signature2.c \
        host/lib/signature_digest.c \
        host/lib21/host_fw_preamble.c \
        host/lib21/host_key.c \
index 3a3f534..f270455 100644 (file)
@@ -91,94 +91,6 @@ typedef struct VbKeyBlockHeader {
 
 /****************************************************************************/
 
-#define FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR 2
-#define FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR 1
-
-/*
- * Preamble block for rewritable firmware, version 2.0.  All 2.x versions of
- * this struct must start with the same data, to be compatible with version 2.0
- * readers.
- */
-typedef struct VbFirmwarePreambleHeader2_0 {
-       /*
-        * Size of this preamble, including keys, signatures, and padding, in
-        * bytes
-        */
-       uint64_t preamble_size;
-       /*
-        * Signature for this preamble (header + kernel subkey + body
-        * signature)
-        */
-       VbSignature preamble_signature;
-       /* Version of this header format (= 2) */
-       uint32_t header_version_major;
-       /* Version of this header format (= 0) */
-       uint32_t header_version_minor;
-
-       /* Firmware version */
-       uint64_t firmware_version;
-       /* Key to verify kernel key block */
-       VbPublicKey kernel_subkey;
-       /* Signature for the firmware body */
-       VbSignature body_signature;
-} __attribute__((packed)) VbFirmwarePreambleHeader2_0;
-
-#define EXPECTED_VBFIRMWAREPREAMBLEHEADER2_0_SIZE 104
-
-/* Flags for VbFirmwarePreambleHeader.flags */
-/*
- * Use the normal/dev boot path from the read-only firmware, instead of
- * verifying the body signature.
- */
-#define VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL 0x00000001
-
-/* Premable block for rewritable firmware, version 2.1.
- *
- * The firmware preamble header should be followed by:
- *   1) The kernel_subkey key data, pointed to by kernel_subkey.key_offset.
- *   2) The signature data for the firmware body, pointed to by
- *      body_signature.sig_offset.
- *   3) The signature data for (header + kernel_subkey data + body signature
- *      data), pointed to by preamble_signature.sig_offset.
- */
-typedef struct VbFirmwarePreambleHeader {
-       /*
-        * Size of this preamble, including keys, signatures, and padding, in
-        * bytes
-        */
-       uint64_t preamble_size;
-       /*
-        * Signature for this preamble (header + kernel subkey + body
-        * signature)
-        */
-       VbSignature preamble_signature;
-       /* Version of this header format */
-       uint32_t header_version_major;
-       /* Version of this header format */
-       uint32_t header_version_minor;
-
-       /* Firmware version */
-       uint64_t firmware_version;
-       /* Key to verify kernel key block */
-       VbPublicKey kernel_subkey;
-       /* Signature for the firmware body */
-       VbSignature body_signature;
-
-       /*
-        * Fields added in header version 2.1.  You must verify the header
-        * version before reading these fields!
-        */
-       /*
-        * Flags; see VB_FIRMWARE_PREAMBLE_*.  Readers should return 0 for
-        * header version < 2.1.
-        */
-       uint32_t flags;
-} __attribute__((packed)) VbFirmwarePreambleHeader;
-
-#define EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE 108
-
-/****************************************************************************/
-
 #define KERNEL_PREAMBLE_HEADER_VERSION_MAJOR 2
 #define KERNEL_PREAMBLE_HEADER_VERSION_MINOR 2
 
@@ -187,7 +99,7 @@ typedef struct VbFirmwarePreambleHeader {
  * This should be followed by:
  *   1) The signature data for the kernel body, pointed to by
  *      body_signature.sig_offset.
- *   2) The signature data for (VBFirmwarePreambleHeader + body signature
+ *   2) The signature data for (vb2_kernel_preamble + body signature
  *      data), pointed to by preamble_signature.sig_offset.
  */
 typedef struct VbKernelPreambleHeader2_0 {
@@ -222,7 +134,7 @@ typedef struct VbKernelPreambleHeader2_0 {
  * This should be followed by:
  *   1) The signature data for the kernel body, pointed to by
  *      body_signature.sig_offset.
- *   2) The signature data for (VBFirmwarePreambleHeader + body signature
+ *   2) The signature data for (vb2_fw_preamble + body signature
  *      data), pointed to by preamble_signature.sig_offset.
  *   3) The 16-bit vmlinuz header, which is used for reconstruction of
  *      vmlinuz image.
index eeaf0ce..5220fa3 100644 (file)
@@ -120,8 +120,8 @@ struct vb2_keyblock {
 #define FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR 1
 
 /* Flags for vb2_fw_preamble.flags */
-/* Reserved; do not use */
-#define VB2_FIRMWARE_PREAMBLE_RESERVED0 0x00000001
+/* Use RO-normal firmware (deprecated; do not use) */
+#define VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL 0x00000001
 /* Do not allow use of any hardware crypto accelerators. */
 #define VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO 0x00000002
 
index d3cfc7f..261197d 100644 (file)
@@ -239,7 +239,7 @@ int ft_show_fw_preamble(const char *name, uint8_t *buf, uint32_t len,
        printf("  Firmware body size:    %d\n", pre2->body_signature.data_size);
        printf("  Preamble flags:        %d\n", flags);
 
-       if (flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
+       if (flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
                printf("Preamble requests USE_RO_NORMAL;"
                       " skipping body verification.\n");
                goto done;
@@ -269,7 +269,7 @@ done:
        /* Can't trust the BIOS unless everything is signed (in which case
         * we've already returned), but standalone files are okay. */
        if (state || (sign_key && good_sig)) {
-               if (!(flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL))
+               if (!(flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL))
                        printf("Body verification succeeded.\n");
                if (state)
                        state->area[state->c].is_valid = 1;
index acaa2f1..6d44840 100644 (file)
@@ -27,6 +27,7 @@
 #include "kernel_blob.h"
 #include "util_misc.h"
 #include "vb1_helper.h"
+#include "vb2_struct.h"
 #include "vb21_common.h"
 #include "host_key2.h"
 #include "vboot_common.h"
@@ -80,6 +81,15 @@ int ft_sign_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data)
                                        strerror(errno));
                                return 1;
                        }
+                       sign_option.signprivate2 = vb2_read_private_key_pem(
+                               sign_option.pem_signpriv,
+                               sign_option.pem_algo);
+                       if (!sign_option.signprivate2) {
+                               fprintf(stderr,
+                                       "Unable to read PEM signing key: %s\n",
+                                       strerror(errno));
+                               return 1;
+                       }
                        vblock = KeyBlockCreate(data_key,
                                                sign_option.signprivate,
                                                sign_option.flags);
@@ -244,21 +254,22 @@ int ft_sign_kern_preamble(const char *name, uint8_t *buf, uint32_t len,
 int ft_sign_raw_firmware(const char *name, uint8_t *buf, uint32_t len,
                         void *data)
 {
-       VbSignature *body_sig;
-       VbFirmwarePreambleHeader *preamble;
+       struct vb2_signature *body_sig;
+       struct vb2_fw_preamble *preamble;
        int rv;
 
-       body_sig = CalculateSignature(buf, len, sign_option.signprivate);
+       body_sig = vb2_calculate_signature(buf, len, sign_option.signprivate2);
        if (!body_sig) {
                fprintf(stderr, "Error calculating body signature\n");
                return 1;
        }
 
-       preamble = CreateFirmwarePreamble(sign_option.version,
-                                         sign_option.kernel_subkey,
-                                         body_sig,
-                                         sign_option.signprivate,
-                                         sign_option.flags);
+       preamble = vb2_create_fw_preamble(
+                       sign_option.version,
+                       (struct vb2_packed_key *)sign_option.kernel_subkey,
+                       body_sig,
+                       sign_option.signprivate2,
+                       sign_option.flags);
        if (!preamble) {
                fprintf(stderr, "Error creating firmware preamble.\n");
                free(body_sig);
@@ -290,7 +301,7 @@ static const char usage_pubkey[] = "\n"
        "    --pem_signpriv   FILE.pem      Signing key in PEM format...\n"
        "    --pem_algo       NUM           AND the algorithm to use (0 - %d)\n"
        "\n"
-       "  If a signing key is not given, the keyblock will not be signed (duh)."
+       "  If a signing key is not given, the keyblock will not be signed."
        "\n\n"
        "And these, too:\n\n"
        "  -f|--flags       NUM             Flags specifying use conditions\n"
@@ -363,7 +374,7 @@ static const char usage_new_kpart[] = "\n"
        "Required PARAMS:\n"
        "  -s|--signprivate FILE.vbprivk"
        "    The private key to sign the kernel blob\n"
-       "  -b|--keyblock    FILE.keyblock   The keyblock containing the public\n"
+       "  -b|--keyblock    FILE.keyblock   Keyblock containing the public\n"
        "                                     key to verify the kernel blob\n"
        "  -v|--version     NUM             The kernel version number\n"
        "  --bootloader     FILE            Bootloader stub\n"
@@ -398,7 +409,7 @@ static const char usage_old_kpart[] = "\n"
        "                                     in place if no OUTFILE given)\n"
        "\n"
        "Optional PARAMS:\n"
-       "  -b|--keyblock    FILE.keyblock   The keyblock containing the public\n"
+       "  -b|--keyblock    FILE.keyblock   Keyblock containing the public\n"
        "                                     key to verify the kernel blob\n"
        "  -v|--version     NUM             The kernel version number\n"
        "  --config         FILE            The kernel commandline file\n"
@@ -651,6 +662,11 @@ static int do_sign(int argc, char *argv[])
                                fprintf(stderr, "Error reading %s\n", optarg);
                                errorcnt++;
                        }
+                       sign_option.signprivate2 = vb2_read_private_key(optarg);
+                       if (!sign_option.signprivate2) {
+                               fprintf(stderr, "Error reading %s\n", optarg);
+                               errorcnt++;
+                       }
                        break;
                case 'b':
                        sign_option.keyblock = KeyBlockRead(optarg);
@@ -667,7 +683,8 @@ static int do_sign(int argc, char *argv[])
                        }
                        break;
                case 'S':
-                       sign_option.devsignprivate = PrivateKeyRead(optarg);
+                       sign_option.devsignprivate =
+                               vb2_read_private_key(optarg);
                        if (!sign_option.devsignprivate) {
                                fprintf(stderr, "Error reading %s\n", optarg);
                                errorcnt++;
@@ -1037,6 +1054,8 @@ done:
 
        if (sign_option.signprivate)
                free(sign_option.signprivate);
+       if (sign_option.signprivate2)
+               free(sign_option.signprivate2);
        if (sign_option.keyblock)
                free(sign_option.keyblock);
        if (sign_option.kernel_subkey)
index 66a05c1..b187d27 100644 (file)
@@ -92,8 +92,6 @@ static int Vblock(const char *outfile, const char *keyblock_file,
 
        VbPrivateKey *signing_key;
        VbPublicKey *kernel_subkey;
-       VbSignature *body_sig;
-       VbFirmwarePreambleHeader *preamble;
        VbKeyBlockHeader *key_block;
        uint64_t key_block_size;
        uint8_t *fv_data;
@@ -127,6 +125,12 @@ static int Vblock(const char *outfile, const char *keyblock_file,
                VbExError("Error reading signing key.\n");
                return 1;
        }
+       struct vb2_private_key *signing_key2 =
+               vb2_read_private_key(signprivate);
+       if (!signing_key2) {
+               VbExError("Error reading signing key.\n");
+               return 1;
+       }
 
        kernel_subkey = PublicKeyRead(kernelkey_file);
        if (!kernel_subkey) {
@@ -142,7 +146,8 @@ static int Vblock(const char *outfile, const char *keyblock_file,
                VbExError("Empty firmware volume file\n");
                return 1;
        }
-       body_sig = CalculateSignature(fv_data, fv_size, signing_key);
+       struct vb2_signature *body_sig =
+               vb2_calculate_signature(fv_data, fv_size, signing_key2);
        if (!body_sig) {
                VbExError("Error calculating body signature\n");
                return 1;
@@ -150,10 +155,10 @@ static int Vblock(const char *outfile, const char *keyblock_file,
        free(fv_data);
 
        /* Create preamble */
-       preamble = CreateFirmwarePreamble(version,
-                                         kernel_subkey,
-                                         body_sig,
-                                         signing_key, preamble_flags);
+       struct vb2_fw_preamble *preamble =
+               vb2_create_fw_preamble(version,
+                                      (struct vb2_packed_key *)kernel_subkey,
+                                      body_sig, signing_key2, preamble_flags);
        if (!preamble) {
                VbExError("Error creating preamble.\n");
                return 1;
@@ -284,7 +289,7 @@ static int Verify(const char *infile, const char *signpubkey,
        /* TODO: verify body size same as signature size */
 
        /* Verify body */
-       if (flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
+       if (flags & VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
                printf("Preamble requests USE_RO_NORMAL;"
                       " skipping body verification.\n");
        } else if (VB2_SUCCESS ==
index fe76759..f5a941d 100644 (file)
@@ -27,7 +27,7 @@ FILE_TYPE(GBB,              "gbb",           "GBB",
          R_(ft_recognize_gbb),
          S_(ft_show_gbb),
          NONE)
-FILE_TYPE(FW_PREAMBLE,      "fw_pre",        "VbFirmwarePreamble (VBLOCK_A/B)",
+FILE_TYPE(FW_PREAMBLE,      "fw_pre",        "firmware preamble (VBLOCK_A/B)",
          R_(ft_recognize_vblock1),
          S_(ft_show_fw_preamble),
          NONE)
index 037a007..dc51828 100644 (file)
@@ -285,8 +285,8 @@ static int fmap_sign_fw_preamble(const char *name, uint8_t *buf, uint32_t len,
                goto whatever;
        }
        uint32_t more = key_block->key_block_size;
-       VbFirmwarePreambleHeader *preamble =
-               (VbFirmwarePreambleHeader *)(buf + more);
+       struct vb2_fw_preamble *preamble =
+               (struct vb2_fw_preamble *)(buf + more);
        uint32_t fw_size = preamble->body_signature.data_size;
        struct bios_area_s *fw_body_area = 0;
 
@@ -322,23 +322,23 @@ whatever:
 
 static int write_new_preamble(struct bios_area_s *vblock,
                              struct bios_area_s *fw_body,
-                             VbPrivateKey *signkey,
+                             struct vb2_private_key *signkey,
                              VbKeyBlockHeader *keyblock)
 {
-       VbSignature *body_sig;
-       VbFirmwarePreambleHeader *preamble;
+       struct vb2_signature *body_sig;
+       struct vb2_fw_preamble *preamble;
 
-       body_sig = CalculateSignature(fw_body->buf, fw_body->len, signkey);
+       body_sig = vb2_calculate_signature(fw_body->buf, fw_body->len, signkey);
        if (!body_sig) {
                fprintf(stderr, "Error calculating body signature\n");
                return 1;
        }
 
-       preamble = CreateFirmwarePreamble(sign_option.version,
-                                         sign_option.kernel_subkey,
-                                         body_sig,
-                                         signkey,
-                                         sign_option.flags);
+       preamble = vb2_create_fw_preamble(sign_option.version,
+                       (struct vb2_packed_key *)sign_option.kernel_subkey,
+                       body_sig,
+                       signkey,
+                       sign_option.flags);
        if (!preamble) {
                fprintf(stderr, "Error creating firmware preamble.\n");
                free(body_sig);
@@ -420,13 +420,13 @@ static int sign_bios_at_end(struct bios_state_s *state)
                                             sign_option.devkeyblock);
        } else {
                retval |= write_new_preamble(vblock_a, fw_a,
-                                            sign_option.signprivate,
+                                            sign_option.signprivate2,
                                             sign_option.keyblock);
        }
 
        /* FW B is always normal keys */
        retval |= write_new_preamble(vblock_b, fw_b,
-                                    sign_option.signprivate,
+                                    sign_option.signprivate2,
                                     sign_option.keyblock);
 
 
index 92d9a95..456ee34 100644 (file)
@@ -34,9 +34,10 @@ extern struct show_option_s show_option;
 
 struct sign_option_s {
        VbPrivateKey *signprivate;
+       struct vb2_private_key *signprivate2;
        VbKeyBlockHeader *keyblock;
        VbPublicKey *kernel_subkey;
-       VbPrivateKey *devsignprivate;
+       struct vb2_private_key *devsignprivate;
        VbKeyBlockHeader *devkeyblock;
        uint32_t version;
        int version_specified;
index 959b65a..a666e80 100644 (file)
 #include "utility.h"
 #include "vboot_common.h"
 
-VbFirmwarePreambleHeader *CreateFirmwarePreamble(
-       uint64_t firmware_version,
-       const VbPublicKey *kernel_subkey,
-       const VbSignature *body_signature,
-       const VbPrivateKey *signing_key,
-       uint32_t flags)
-{
-       VbFirmwarePreambleHeader *h;
-       uint64_t signed_size = (sizeof(VbFirmwarePreambleHeader) +
-                               kernel_subkey->key_size +
-                               body_signature->sig_size);
-       uint64_t block_size = signed_size + siglen_map[signing_key->algorithm];
-       uint8_t *kernel_subkey_dest;
-       uint8_t *body_sig_dest;
-       uint8_t *block_sig_dest;
-       VbSignature *sigtmp;
-
-       /* Allocate key block */
-       h = (VbFirmwarePreambleHeader *)malloc(block_size);
-       if (!h)
-               return NULL;
-
-       Memset(h, 0, block_size);
-       kernel_subkey_dest = (uint8_t *)(h + 1);
-       body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size;
-       block_sig_dest = body_sig_dest + body_signature->sig_size;
-
-       h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR;
-       h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR;
-       h->preamble_size = block_size;
-       h->firmware_version = firmware_version;
-       h->flags = flags;
-
-       /* Copy data key */
-       PublicKeyInit(&h->kernel_subkey, kernel_subkey_dest,
-                     kernel_subkey->key_size);
-       PublicKeyCopy(&h->kernel_subkey, kernel_subkey);
-
-       /* Copy body signature */
-       SignatureInit(&h->body_signature, body_sig_dest,
-                     body_signature->sig_size, 0);
-       SignatureCopy(&h->body_signature, body_signature);
-
-       /* Set up signature struct so we can calculate the signature */
-       SignatureInit(&h->preamble_signature, block_sig_dest,
-                     siglen_map[signing_key->algorithm], signed_size);
-
-       /* Calculate signature */
-       sigtmp = CalculateSignature((uint8_t *)h, signed_size, signing_key);
-       SignatureCopy(&h->preamble_signature, sigtmp);
-       free(sigtmp);
-
-       /* Return the header */
-       return h;
-}
-
 VbKernelPreambleHeader *CreateKernelPreamble(
        uint64_t kernel_version,
        uint64_t body_load_address,
diff --git a/host/lib/host_common2.c b/host/lib/host_common2.c
new file mode 100644 (file)
index 0000000..ae02b8b
--- /dev/null
@@ -0,0 +1,74 @@
+/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Host functions for verified boot.
+ *
+ * TODO: change all 'return 0', 'return 1' into meaningful return codes.
+ */
+
+#include <string.h>
+
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2rsa.h"
+#include "host_common.h"
+#include "host_key2.h"
+#include "cryptolib.h"
+#include "utility.h"
+#include "vb2_common.h"
+#include "vboot_common.h"
+
+struct vb2_fw_preamble *vb2_create_fw_preamble(
+       uint32_t firmware_version,
+       const struct vb2_packed_key *kernel_subkey,
+       const struct vb2_signature *body_signature,
+       const struct vb2_private_key *signing_key,
+       uint32_t flags)
+{
+       uint32_t signed_size = (sizeof(struct vb2_fw_preamble) +
+                               kernel_subkey->key_size +
+                               body_signature->sig_size);
+       uint32_t block_size = signed_size +
+               vb2_rsa_sig_size(signing_key->sig_alg);
+
+       /* Allocate preamble */
+       struct vb2_fw_preamble *h =
+               (struct vb2_fw_preamble *)calloc(block_size, 1);
+       if (!h)
+               return NULL;
+
+       uint8_t *kernel_subkey_dest = (uint8_t *)(h + 1);
+       uint8_t *body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size;
+       uint8_t *block_sig_dest = body_sig_dest + body_signature->sig_size;
+
+       h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR;
+       h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR;
+       h->preamble_size = block_size;
+       h->firmware_version = firmware_version;
+       h->flags = flags;
+
+       /* Copy data key */
+       PublicKeyInit((VbPublicKey *)&h->kernel_subkey, kernel_subkey_dest,
+                     kernel_subkey->key_size);
+       PublicKeyCopy((VbPublicKey *)&h->kernel_subkey,
+                     (VbPublicKey *)kernel_subkey);
+
+       /* Copy body signature */
+       vb2_init_signature(&h->body_signature,
+                          body_sig_dest, body_signature->sig_size, 0);
+       vb2_copy_signature(&h->body_signature, body_signature);
+
+       /* Set up signature struct so we can calculate the signature */
+       vb2_init_signature(&h->preamble_signature, block_sig_dest,
+                          vb2_rsa_sig_size(signing_key->sig_alg), signed_size);
+
+       /* Calculate signature */
+       struct vb2_signature *sig =
+               vb2_calculate_signature((uint8_t *)h, signed_size, signing_key);
+       vb2_copy_signature(&h->preamble_signature, sig);
+       free(sig);
+
+       /* Return the header */
+       return h;
+}
diff --git a/host/lib/host_key2.c b/host/lib/host_key2.c
new file mode 100644 (file)
index 0000000..28f02af
--- /dev/null
@@ -0,0 +1,105 @@
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Host functions for keys.
+ */
+
+/* TODO: change all 'return 0', 'return 1' into meaningful return codes */
+
+#include <openssl/pem.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2rsa.h"
+#include "2sha.h"
+#include "cryptolib.h"
+#include "host_common.h"
+#include "host_key.h"
+#include "host_key2.h"
+#include "host_misc.h"
+#include "vb2_common.h"
+#include "vboot_common.h"
+
+struct vb2_private_key *vb2_read_private_key(const char *filename)
+{
+       uint8_t *buf = NULL;
+       uint32_t bufsize = 0;
+       if (VB2_SUCCESS != vb2_read_file(filename, &buf, &bufsize)) {
+               VbExError("unable to read from file %s\n", filename);
+               return NULL;
+       }
+
+       struct vb2_private_key *key =
+               (struct vb2_private_key *)calloc(sizeof(*key), 1);
+       if (!key) {
+               VbExError("Unable to allocate private key\n");
+               free(buf);
+               return NULL;
+       }
+
+       uint64_t alg = *(uint64_t *)buf;
+       key->hash_alg = vb2_crypto_to_hash(alg);
+       key->sig_alg = vb2_crypto_to_signature(alg);
+       const unsigned char *start = buf + sizeof(alg);
+
+       key->rsa_private_key =
+               d2i_RSAPrivateKey(0, &start, bufsize - sizeof(alg));
+
+       if (!key->rsa_private_key) {
+               VbExError("Unable to parse RSA private key\n");
+               free(buf);
+               free(key);
+               return NULL;
+       }
+
+       free(buf);
+       return key;
+}
+
+struct vb2_private_key *vb2_read_private_key_pem(
+               const char* filename,
+               enum vb2_crypto_algorithm algorithm)
+{
+       RSA *rsa_key;
+       FILE *f;
+
+       if (algorithm >= VB2_ALG_COUNT) {
+               VB2_DEBUG("%s() called with invalid algorithm!\n",
+                         __FUNCTION__);
+               return NULL;
+       }
+
+       /* Read private key */
+       f = fopen(filename, "r");
+       if (!f) {
+               VB2_DEBUG("%s(): Couldn't open key file: %s\n",
+                         __FUNCTION__, filename);
+               return NULL;
+       }
+       rsa_key = PEM_read_RSAPrivateKey(f, NULL, NULL, NULL);
+       fclose(f);
+       if (!rsa_key) {
+               VB2_DEBUG("%s(): Couldn't read private key from file: %s\n",
+                        __FUNCTION__, filename);
+               return NULL;
+       }
+
+       /* Store key and algorithm in our struct */
+       struct vb2_private_key *key =
+               (struct vb2_private_key *)calloc(sizeof(*key), 1);
+       if (!key) {
+               RSA_free(rsa_key);
+               return NULL;
+       }
+       key->rsa_private_key = rsa_key;
+       key->hash_alg = vb2_crypto_to_hash(algorithm);
+       key->sig_alg = vb2_crypto_to_signature(algorithm);
+
+       /* Return the key */
+       return key;
+}
index 333b7d4..982013f 100644 (file)
@@ -57,9 +57,9 @@ VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key,
     Memset(&h->key_block_signature, 0, sizeof(VbSignature));
 
   /* Calculate checksum */
-  sigtmp = CalculateChecksum((uint8_t*)h, signed_size);
-  SignatureCopy(&h->key_block_checksum, sigtmp);
-  free(sigtmp);
+  struct vb2_signature *chk = vb2_sha512_signature((uint8_t*)h, signed_size);
+  SignatureCopy(&h->key_block_checksum, (VbSignature *)chk);
+  free(chk);
 
   /* Calculate signature */
   if (signing_key) {
@@ -117,9 +117,9 @@ VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key,
                 siglen_map[algorithm], signed_size);
 
   /* Calculate checksum */
-  sigtmp = CalculateChecksum((uint8_t*)h, signed_size);
-  SignatureCopy(&h->key_block_checksum, sigtmp);
-  free(sigtmp);
+  struct vb2_signature *chk = vb2_sha512_signature((uint8_t*)h, signed_size);
+  SignatureCopy(&h->key_block_checksum, (VbSignature *)chk);
+  free(chk);
 
   /* Calculate signature */
   sigtmp = CalculateSignature_external((uint8_t*)h, signed_size,
index 5767684..33000f1 100644 (file)
@@ -54,54 +54,6 @@ int SignatureCopy(VbSignature* dest, const VbSignature* src) {
   return 0;
 }
 
-
-VbSignature* CalculateChecksum(const uint8_t* data, uint64_t size) {
-
-  uint8_t header_checksum[VB2_SHA512_DIGEST_SIZE];
-  VbSignature* sig;
-
-  if (VB2_SUCCESS != vb2_digest_buffer(data, size, VB2_HASH_SHA512,
-                                      header_checksum,
-                                      sizeof(header_checksum)))
-    return NULL;
-
-  sig = SignatureAlloc(VB2_SHA512_DIGEST_SIZE, 0);
-  if (!sig)
-    return NULL;
-
-  sig->sig_offset = sizeof(VbSignature);
-  sig->sig_size = VB2_SHA512_DIGEST_SIZE;
-  sig->data_size = size;
-
-  /* Signature data immediately follows the header */
-  Memcpy(GetSignatureData(sig), header_checksum, VB2_SHA512_DIGEST_SIZE);
-  return sig;
-}
-
-VbSignature* CalculateHash(const uint8_t* data, uint64_t size,
-                           const VbPrivateKey* key) {
-  int vb2_alg = vb2_crypto_to_hash(key->algorithm);
-  uint8_t digest[VB2_MAX_DIGEST_SIZE];
-  int digest_size = vb2_digest_size(vb2_alg);
-  VbSignature* sig = NULL;
-
-  /* Calculate the digest */
-  if (VB2_SUCCESS != vb2_digest_buffer(data, size, vb2_alg,
-                                      digest, sizeof(digest)))
-    return NULL;
-
-  /* Allocate output signature */
-  sig = SignatureAlloc(digest_size, size);
-  if (!sig)
-    return NULL;
-
-  /* The digest itself is the signature data */
-  Memcpy(GetSignatureData(sig), digest, digest_size);
-
-  /* Return the signature */
-  return sig;
-}
-
 VbSignature* CalculateSignature(const uint8_t* data, uint64_t size,
                                 const VbPrivateKey* key) {
   int vb2_alg = vb2_crypto_to_hash(key->algorithm);
diff --git a/host/lib/host_signature2.c b/host/lib/host_signature2.c
new file mode 100644 (file)
index 0000000..e07f3d0
--- /dev/null
@@ -0,0 +1,135 @@
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Host functions for signature generation.
+ */
+
+#include <openssl/rsa.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2rsa.h"
+#include "2sha.h"
+#include "cryptolib.h"
+#include "file_keys.h"
+#include "host_common.h"
+#include "host_key2.h"
+#include "host_signature2.h"
+#include "vb2_common.h"
+#include "vboot_common.h"
+
+struct vb2_signature *vb2_alloc_signature(uint32_t sig_size,
+                                         uint32_t data_size)
+{
+       struct vb2_signature *sig = (struct vb2_signature *)
+               calloc(sizeof(*sig) + sig_size, 1);
+       if (!sig)
+               return NULL;
+
+       sig->sig_offset = sizeof(*sig);
+       sig->sig_size = sig_size;
+       sig->data_size = data_size;
+
+       return sig;
+}
+
+void vb2_init_signature(struct vb2_signature *sig, uint8_t *sig_data,
+                       uint32_t sig_size, uint32_t data_size)
+{
+       sig->sig_offset = OffsetOf(sig, sig_data);
+       sig->sig_size = sig_size;
+       sig->data_size = data_size;
+}
+
+int vb2_copy_signature(struct vb2_signature *dest,
+                      const struct vb2_signature *src)
+{
+       if (dest->sig_size < src->sig_size)
+               return VB2_ERROR_SIG_SIZE;
+
+       dest->sig_size = src->sig_size;
+       dest->data_size = src->data_size;
+
+       memcpy(vb2_signature_data(dest),
+              vb2_signature_data((struct vb2_signature *)src),
+              src->sig_size);
+
+       return VB2_SUCCESS;
+}
+
+struct vb2_signature *vb2_sha512_signature(const uint8_t *data, uint32_t size)
+{
+       uint8_t digest[VB2_SHA512_DIGEST_SIZE];
+       if (VB2_SUCCESS != vb2_digest_buffer(data, size, VB2_HASH_SHA512,
+                                            digest, sizeof(digest)))
+               return NULL;
+
+       struct vb2_signature *sig =
+               vb2_alloc_signature(VB2_SHA512_DIGEST_SIZE, size);
+       if (!sig)
+               return NULL;
+
+       memcpy(vb2_signature_data(sig), digest, VB2_SHA512_DIGEST_SIZE);
+       return sig;
+}
+
+struct vb2_signature *vb2_calculate_signature(
+               const uint8_t *data, uint32_t size,
+               const struct vb2_private_key *key)
+{
+       uint8_t digest[VB2_MAX_DIGEST_SIZE];
+       uint32_t digest_size = vb2_digest_size(key->hash_alg);
+
+       uint32_t digest_info_size = 0;
+       const uint8_t *digest_info = NULL;
+       if (VB2_SUCCESS != vb2_digest_info(key->hash_alg,
+                                          &digest_info, &digest_info_size))
+               return NULL;
+
+       /* Calculate the digest */
+       if (VB2_SUCCESS != vb2_digest_buffer(data, size, key->hash_alg,
+                                            digest, digest_size))
+               return NULL;
+
+       /* Prepend the digest info to the digest */
+       int signature_digest_len = digest_size + digest_info_size;
+       uint8_t *signature_digest = malloc(signature_digest_len);
+       if (!signature_digest)
+               return NULL;
+
+       memcpy(signature_digest, digest_info, digest_info_size);
+       memcpy(signature_digest + digest_info_size, digest, digest_size);
+
+       /* Allocate output signature */
+       struct vb2_signature *sig = (struct vb2_signature *)
+               vb2_alloc_signature(vb2_rsa_sig_size(key->sig_alg), size);
+       if (!sig) {
+               free(signature_digest);
+               return NULL;
+       }
+
+       /* Sign the signature_digest into our output buffer */
+       int rv = RSA_private_encrypt(signature_digest_len,    /* Input length */
+                                    signature_digest,        /* Input data */
+                                    vb2_signature_data(sig), /* Output sig */
+                                    key->rsa_private_key,    /* Key to use */
+                                    RSA_PKCS1_PADDING);      /* Padding */
+       free(signature_digest);
+
+       if (-1 == rv) {
+               VB2_DEBUG("%s: RSA_private_encrypt() failed.\n", __func__);
+               free(sig);
+               return NULL;
+       }
+
+       /* Return the signature */
+       return sig;
+}
index 895a675..c9f9713 100644 (file)
 #include "vboot_struct.h"
 
 /**
- * Create a firmware preamble, signed with [signing_key].
+ * Create a firmware preamble.
  *
- * Caller owns the returned pointer, and must free it with Free().
+ * @param firmware_version     Firmware version
+ * @param kernel_subkey                Kernel subkey to store in preamble
+ * @param body_signature       Signature of firmware body
+ * @param signing_key          Private key to sign header with
+ * @param flags                        Firmware preamble flags
  *
- * Returns NULL if error.
+ * @return The preamble, or NULL if error.  Caller must free() it.
  */
-VbFirmwarePreambleHeader *CreateFirmwarePreamble(
-       uint64_t firmware_version,
-       const VbPublicKey *kernel_subkey,
-       const VbSignature *body_signature,
-       const VbPrivateKey *signing_key,
+struct vb2_fw_preamble *vb2_create_fw_preamble(
+       uint32_t firmware_version,
+       const struct vb2_packed_key *kernel_subkey,
+       const struct vb2_signature *body_signature,
+       const struct vb2_private_key *signing_key,
        uint32_t flags);
 
 /**
index cdfc81b..25b7f76 100644 (file)
@@ -8,10 +8,12 @@
 #ifndef VBOOT_REFERENCE_HOST_KEY_H_
 #define VBOOT_REFERENCE_HOST_KEY_H_
 
+#include "2crypto.h"
 #include "cryptolib.h"
 #include "vboot_struct.h"
 
 struct vb2_packed_key;
+struct vb2_private_key;
 
 typedef struct rsa_st RSA;
 
@@ -23,9 +25,11 @@ typedef struct VbPrivateKey {
 
 
 /* Read a private key from a .pem file.  Caller owns the returned pointer,
- * and must free it with PrivateKeyFree(). */
+ * and must free() it. */
 VbPrivateKey* PrivateKeyReadPem(const char* filename, uint64_t algorithm);
-
+struct vb2_private_key *vb2_read_private_key_pem(
+               const char *filename,
+               enum vb2_crypto_algorithm algorithm);
 
 /* Free a private key. */
 void PrivateKeyFree(VbPrivateKey* key);
@@ -33,13 +37,12 @@ void PrivateKeyFree(VbPrivateKey* key);
 /* Write a private key to a file in .vbprivk format. */
 int PrivateKeyWrite(const char* filename, const VbPrivateKey* key);
 
-/* Read a privake key from a .vbprivk file.  Caller owns the returned
- * pointer, and must free it with PrivateKeyFree().
+/* Read a private key from a .vbprivk file.  Caller owns the returned
+ * pointer, and must free() it.
  *
  * Returns NULL if error. */
 VbPrivateKey* PrivateKeyRead(const char* filename);
-
-
+struct vb2_private_key *vb2_read_private_key(const char *filename);
 
 /* Allocate a new public key with space for a [key_size] byte key. */
 VbPublicKey* PublicKeyAlloc(uint64_t key_size, uint64_t algorithm,
index fb03c6c..2c7f24a 100644 (file)
 #include "utility.h"
 #include "vboot_struct.h"
 
+struct vb2_private_key;
+struct vb2_signature;
 
-/* Initialize a signature struct. */
+/**
+ * Initialize a signature struct.
+ *
+ * @param sig          Structure to initialize
+ * @param sig_data     Pointer to signature data buffer (after sig)
+ * @param sig_size     Size of signature data buffer in bytes
+ * @param data_size    Amount of data signed in bytes
+ */
 void SignatureInit(VbSignature* sig, uint8_t* sig_data,
                    uint64_t sig_size, uint64_t data_size);
+void vb2_init_signature(struct vb2_signature *sig, uint8_t *sig_data,
+                       uint32_t sig_size, uint32_t data_size);
 
 
-/* Allocate a new signature with space for a [sig_size] byte signature. */
+/**
+ * Allocate a new signature.
+ *
+ * @param sig_size     Size of signature in bytes
+ * @param data_size    Amount of data signed in bytes
+ *
+ * @return The signature or NULL if error.  Caller must free() it.
+ */
 VbSignature* SignatureAlloc(uint64_t sig_size, uint64_t data_size);
+struct vb2_signature *vb2_alloc_signature(uint32_t sig_size,
+                                         uint32_t data_size);
 
-
-/* Copy a signature key from [src] to [dest].
+/**
+ * Copy a signature.
  *
- * Returns 0 if success, non-zero if error. */
+ * @param dest         Destination signature
+ * @param src          Source signature
+ *
+ * @return VB2_SUCCESS, or non-zero if error. */
 int SignatureCopy(VbSignature* dest, const VbSignature* src);
+int vb2_copy_signature(struct vb2_signature *dest,
+                      const struct vb2_signature *src);
 
-
-/* Calculates a SHA-512 checksum.
- * Caller owns the returned pointer, and must free it with Free().
+/**
+ * Calculate a SHA-512 digest-only signature.
  *
- * Returns NULL on error. */
-VbSignature* CalculateChecksum(const uint8_t* data, uint64_t size);
-
-
-/* Calculates a hash of the data using the algorithm from the specified key.
- * Caller owns the returned pointer, and must free it with Free().
+ * Caller owns the returned pointer, and must free() it.
  *
- * Returns NULL on error. */
-VbSignature* CalculateHash(const uint8_t* data, uint64_t size,
-                           const VbPrivateKey* key);
+ * @param data         Pointer to data to hash
+ * @param size         Length of data in bytes
+ *
+ * @return The signature, or NULL if error.
+ */
+struct vb2_signature *vb2_sha512_signature(const uint8_t *data, uint32_t size);
 
 /* Calculates a signature for the data using the specified key.
  * Caller owns the returned pointer, and must free it with Free().
@@ -49,6 +71,9 @@ VbSignature* CalculateHash(const uint8_t* data, uint64_t size,
  * Returns NULL on error. */
 VbSignature* CalculateSignature(const uint8_t* data, uint64_t size,
                                 const VbPrivateKey* key);
+struct vb2_signature *vb2_calculate_signature(
+               const uint8_t *data, uint32_t size,
+               const struct vb2_private_key *key);
 
 /* Calculates a signature for the data using the specified key and
  * an external program.
index 01f4f32..5339b07 100644 (file)
 #include "host_signature2.h"
 #include "host_misc.h"
 
-/**
- * Get the digest info for a hash algorithm
- *
- * @param hash_alg     Hash algorithm
- * @param buf_ptr      On success, points to the digest info
- * @param size_ptr     On success, contains the info size in bytes
- * @return VB2_SUCCESS, or non-zero error code on failure.
- */
-static int vb2_digest_info(enum vb2_hash_algorithm hash_alg,
-                          const uint8_t **buf_ptr,
-                          uint32_t *size_ptr)
+int vb2_digest_info(enum vb2_hash_algorithm hash_alg,
+                   const uint8_t **buf_ptr,
+                   uint32_t *size_ptr)
 {
        *buf_ptr = NULL;
        *size_ptr = 0;
index 8eb95ba..5faf6da 100644 (file)
 #include "2struct.h"
 
 struct vb2_private_key;
+struct vb21_signature;
+
+/**
+ * Get the digest info for a hash algorithm
+ *
+ * @param hash_alg     Hash algorithm
+ * @param buf_ptr      On success, points to the digest info
+ * @param size_ptr     On success, contains the info size in bytes
+ * @return VB2_SUCCESS, or non-zero error code on failure.
+ */
+int vb2_digest_info(enum vb2_hash_algorithm hash_alg,
+                   const uint8_t **buf_ptr,
+                   uint32_t *size_ptr);
 
 /**
  * Sign data buffer
index 5e7aa27..1631ec3 100644 (file)
@@ -36,11 +36,9 @@ int main(void)
   SignatureInit(0, 0, 0, 0);
   SignatureAlloc(0, 0);
   SignatureCopy(0, 0);
-  CalculateChecksum(0, 0);
   CalculateSignature(0, 0, 0);
 
   /* host_common.h */
-  CreateFirmwarePreamble(0, 0, 0, 0, 0);
   CreateKernelPreamble(0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
 
   /* file_keys.h */
index 4bccdf9..661cf9a 100755 (executable)
@@ -4,11 +4,11 @@
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 #
-# This generates the pre-change test data used to ensure that modifications to
-# VbFirmwarePreambleHeader and VbKernelPreambleHeader will not break the
-# signing tools for older releases. This was run *before* any modifications, so
-# be sure to revert the repo back to the correct point if you need to run it
-# again.
+# This generates the pre-change test data used to ensure that
+# modifications to vb2_fw_preamble and VbKernelPreambleHeader will not
+# break the signing tools for older releases. This was run *before*
+# any modifications, so be sure to revert the repo back to the correct
+# point if you need to run it again.
 
 
 # Load common constants and variables for tests.
index df2f54f..be07715 100755 (executable)
@@ -4,10 +4,10 @@
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 #
-# This tests that vblocks using pre-3.0 versions of VbFirmwarePreambleHeader
-# and VbKernelPreambleHeader will still verify (or not) correctly. We need to
-# keep the old versions around to make sure that we can still sign images in
-# the ways that existing devices can validate.
+# This tests that vblocks using pre-3.0 versions of vb2_fw_preamble
+# and VbKernelPreambleHeader will still verify (or not) correctly. We
+# need to keep the old versions around to make sure that we can still
+# sign images in the ways that existing devices can validate.
 
 # Load common constants and variables for tests.
 . "$(dirname "$0")/common.sh"
index e5463e2..623633d 100644 (file)
@@ -140,14 +140,14 @@ int test_algorithm(int key_algorithm, const char *keys_dir)
        char filename[1024];
        int rsa_len = siglen_map[key_algorithm] * 8;
 
-       VbPrivateKey *private_key = NULL;
+       struct vb2_private_key *private_key = NULL;
        struct vb2_signature *sig = NULL;
        struct vb2_packed_key *key1;
 
        printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]);
 
        sprintf(filename, "%s/key_rsa%d.pem", keys_dir, rsa_len);
-       private_key = PrivateKeyReadPem(filename, key_algorithm);
+       private_key = vb2_read_private_key_pem(filename, key_algorithm);
        if (!private_key) {
                fprintf(stderr, "Error reading private_key: %s\n", filename);
                return 1;
@@ -162,8 +162,8 @@ int test_algorithm(int key_algorithm, const char *keys_dir)
        }
 
        /* Calculate good signatures */
-       sig = (struct vb2_signature *)
-               CalculateSignature(test_data, sizeof(test_data), private_key);
+       sig = vb2_calculate_signature(test_data, sizeof(test_data),
+                                     private_key);
        TEST_PTR_NEQ(sig, 0, "Calculate signature");
        if (!sig)
                return 1;
index 9520738..6de4b8a 100644 (file)
@@ -203,18 +203,18 @@ static void test_verify_keyblock(const VbPublicKey *public_key,
 }
 
 static void resign_fw_preamble(struct vb2_fw_preamble *h,
-                              const VbPrivateKey *key)
+                              struct vb2_private_key *key)
 {
-       VbSignature *sig = CalculateSignature(
+       struct vb2_signature *sig = vb2_calculate_signature(
                (const uint8_t *)h, h->preamble_signature.data_size, key);
 
-       SignatureCopy((VbSignature *)&h->preamble_signature, sig);
+       vb2_copy_signature(&h->preamble_signature, sig);
        free(sig);
 }
 
 static void test_verify_fw_preamble(const VbPublicKey *public_key,
-                                   const VbPrivateKey *private_key,
-                                   const VbPublicKey *kernel_subkey)
+                                   struct vb2_private_key *private_key,
+                                   struct vb2_packed_key *kernel_subkey)
 {
        struct vb2_fw_preamble *hdr;
        struct vb2_fw_preamble *h;
@@ -227,17 +227,16 @@ static void test_verify_fw_preamble(const VbPublicKey *public_key,
        vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
 
        /* Create a dummy signature */
-       VbSignature *body_sig = SignatureAlloc(56, 78);
+       struct vb2_signature *body_sig = vb2_alloc_signature(56, 78);
 
        TEST_SUCC(vb2_unpack_key(&rsa, (uint8_t *)public_key,
                                 public_key->key_offset + public_key->key_size),
                  "vb2_verify_fw_preamble() prereq key");
 
-       hdr = (struct vb2_fw_preamble *)
-               CreateFirmwarePreamble(0x1234, kernel_subkey, body_sig,
-                                      private_key, 0x5678);
+       hdr = vb2_create_fw_preamble(0x1234, kernel_subkey, body_sig,
+                                    private_key, 0x5678);
        TEST_PTR_NEQ(hdr, NULL,
-                    "VerifyFirmwarePreamble() prereq test preamble");
+                    "vb2_verify_fw_preamble() prereq test preamble");
        if (!hdr)
                return;
        hsize = (uint32_t) hdr->preamble_size;
@@ -368,7 +367,7 @@ static void test_verify_kernel_preamble(const VbPublicKey *public_key,
        vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
 
        /* Create a dummy signature */
-       VbSignature *body_sig = SignatureAlloc(56, 0x214000);
+       struct vb2_signature *body_sig = vb2_alloc_signature(56, 0x214000);
 
        TEST_SUCC(vb2_unpack_key(&rsa, (uint8_t *)public_key,
                                 public_key->key_offset + public_key->key_size),
@@ -376,7 +375,8 @@ static void test_verify_kernel_preamble(const VbPublicKey *public_key,
 
        hdr = (struct vb2_kernel_preamble *)
                CreateKernelPreamble(0x1234, 0x100000, 0x300000, 0x4000,
-                                    body_sig, 0x304000, 0x10000, 0, 0,
+                                    (VbSignature *)body_sig,
+                                    0x304000, 0x10000, 0, 0,
                                     private_key);
        TEST_PTR_NEQ(hdr, NULL,
                     "vb2_verify_kernel_preamble() prereq test preamble");
@@ -542,6 +542,14 @@ int test_permutation(int signing_key_algorithm, int data_key_algorithm,
                return 1;
        }
 
+       struct vb2_private_key *signing_private_key2 =
+               vb2_read_private_key_pem(filename, signing_key_algorithm);
+       if (!signing_private_key2) {
+               fprintf(stderr, "Error reading signing_private_key: %s\n",
+                       filename);
+               return 1;
+       }
+
        sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, signing_rsa_len);
        signing_public_key = PublicKeyReadKeyb(filename,
                                               signing_key_algorithm, 1);
@@ -564,14 +572,16 @@ int test_permutation(int signing_key_algorithm, int data_key_algorithm,
                            data_public_key);
        test_verify_keyblock(signing_public_key, signing_private_key,
                             data_public_key);
-       test_verify_fw_preamble(signing_public_key, signing_private_key,
-                               data_public_key);
+       test_verify_fw_preamble(signing_public_key, signing_private_key2,
+                               (struct vb2_packed_key *)data_public_key);
        test_verify_kernel_preamble(signing_public_key, signing_private_key);
 
        if (signing_public_key)
                free(signing_public_key);
        if (signing_private_key)
                free(signing_private_key);
+       if (signing_private_key2)
+               free(signing_private_key2);
        if (data_public_key)
                free(data_public_key);
 
index 4f4d681..9cc6dd7 100644 (file)
@@ -43,9 +43,6 @@ static void test_struct_packing(void)
        TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE,
                EXPECTED_VBKEYBLOCKHEADER_SIZE,
                "vboot1->2 keyblock sizes same");
-       TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE,
-               EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE,
-               "vboot1->2 firmware preamble sizes same");
 }
 
 /**
index 3c303a6..875180b 100644 (file)
@@ -25,12 +25,6 @@ static void StructPackingTest(void)
                "sizeof(VbSignature)");
        TEST_EQ(EXPECTED_VBKEYBLOCKHEADER_SIZE, sizeof(VbKeyBlockHeader),
                "sizeof(VbKeyBlockHeader)");
-       TEST_EQ(EXPECTED_VBFIRMWAREPREAMBLEHEADER2_0_SIZE,
-               sizeof(VbFirmwarePreambleHeader2_0),
-               "sizeof(VbFirmwarePreambleHeader2_0)");
-       TEST_EQ(EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE,
-               sizeof(VbFirmwarePreambleHeader),
-               "sizeof(VbFirmwarePreambleHeader)");
        TEST_EQ(EXPECTED_VBKERNELPREAMBLEHEADER2_2_SIZE,
                sizeof(VbKernelPreambleHeader),
                "sizeof(VbKernelPreambleHeader)");