Vboot Reference: Add the "real" reference firmware verification function (VerifyFirmware).
The old VerifyFirmware function (now called VerifyFirmwareImage) works on the FirmwareImage structure. This CL adds a verification function which can be used directly on packed binary verified boot firmware blobs. This function can be used as the reference implementation for verified boot in firmware. In addition, all functions that work on FirmwareImage structure have been renames to distinguish them from those which work on binary firmware blobs.
In addition, this adds some new crypto utility functions and refactors old ones.
BUG=670
TEST=Added tests for the new function and they pass.
Review URL: http://codereview.chromium.org/650105
diff --git a/utils/verify_data.c b/utils/verify_data.c
index 5cb33f4..c58b6fb 100644
--- a/utils/verify_data.c
+++ b/utils/verify_data.c
@@ -22,6 +22,11 @@
#include "rsa_utility.h"
#include "verify_data.h"
+/* ANSI Color coding sequences. */
+#define COL_GREEN "\e[1;32m"
+#define COL_RED "\e[0;31m]"
+#define COL_STOP "\e[m"
+
uint8_t* read_signature(char* input_file, int len) {
int i, sigfd;
uint8_t* signature = NULL;
@@ -46,7 +51,6 @@
return signature;
}
-
int main(int argc, char* argv[]) {
int i, algorithm, sig_len;
int return_code = 1; /* Default to error. */
@@ -80,10 +84,11 @@
goto failure;
if(RSA_verify(key, signature, sig_len, algorithm, digest)) {
return_code = 0;
- fprintf(stderr, "Signature Verification SUCCEEDED.\n");
- }
- else {
- fprintf(stderr, "Signature Verification FAILED!\n");
+ fprintf(stderr, "Signature Verification "
+ COL_GREEN "SUCCEEDED" COL_STOP "\n");
+ } else {
+ fprintf(stderr, "Signature Verification "
+ COL_RED "FAILED" COL_STOP "\n");
}
failure: