Verified boot wrapper - add stub implementations for host
This is part 2 of the wrapper API refactor. It adds stub
implementations for the host, and changes the host-side utilities to
use them. Firmware implementation is unchanged in this CL (other than
a few updates to macros).
BUG=chromium_os:16997
TEST=make && make runtests
Change-Id: I63989bd11de1f2239ddae256beaccd31bfb5acef
Reviewed-on: http://gerrit.chromium.org/gerrit/3256
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
diff --git a/host/Makefile b/host/Makefile
index 7c2866b..c32076a 100644
--- a/host/Makefile
+++ b/host/Makefile
@@ -30,7 +30,8 @@
../firmware/stub/boot_device_stub.c \
../firmware/stub/load_firmware_stub.c \
../firmware/stub/tpm_lite_stub.c \
- ../firmware/stub/utility_stub.c
+ ../firmware/stub/utility_stub.c \
+ ../firmware/stub/vboot_api_stub.c
ALL_SRCS = ${LIB_SRCS} ${STUB_SRCS}
diff --git a/host/arch/x86/lib/crossystem_arch.c b/host/arch/x86/lib/crossystem_arch.c
index 25867e1..670ce36 100644
--- a/host/arch/x86/lib/crossystem_arch.c
+++ b/host/arch/x86/lib/crossystem_arch.c
@@ -180,7 +180,7 @@
if (!f)
break;
- file_buffer = Malloc(fs.st_size + 1);
+ file_buffer = malloc(fs.st_size + 1);
if (!file_buffer)
break;
@@ -192,7 +192,7 @@
/* Each byte in the output will replace two characters and a space
* in the input, so the output size does not exceed input side/3
* (a little less if account for newline characters). */
- output_buffer = Malloc(real_size/3);
+ output_buffer = malloc(real_size/3);
if (!output_buffer)
break;
output_ptr = output_buffer;
@@ -229,10 +229,10 @@
fclose(f);
if (file_buffer)
- Free(file_buffer);
+ free(file_buffer);
if (output_buffer)
- Free(output_buffer);
+ free(output_buffer);
return return_value;
}
@@ -257,7 +257,7 @@
}
if (got_size < expect_size) {
- Free(sh);
+ free(sh);
return NULL;
}
if (sh->data_size > got_size)
@@ -388,7 +388,7 @@
if (sh) {
if (sh->struct_version >= 2)
value = sh->recovery_reason;
- Free(sh);
+ free(sh);
if (-1 != value)
return value;
}
diff --git a/host/lib/crossystem.c b/host/lib/crossystem.c
index 54d0856..72f2c66 100644
--- a/host/lib/crossystem.c
+++ b/host/lib/crossystem.c
@@ -298,7 +298,7 @@
break;
}
- Free(sh);
+ free(sh);
return value;
}
@@ -333,7 +333,7 @@
break;
}
- Free(sh);
+ free(sh);
return value;
}
diff --git a/host/lib/file_keys.c b/host/lib/file_keys.c
index 0c57dff..c311e6a 100644
--- a/host/lib/file_keys.c
+++ b/host/lib/file_keys.c
@@ -1,12 +1,10 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Utility functions for file and key handling.
*/
-#include "file_keys.h"
-
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
@@ -16,8 +14,9 @@
#include <unistd.h>
#include "cryptolib.h"
+#include "file_keys.h"
+#include "host_common.h"
#include "signature_digest.h"
-#include "utility.h"
uint8_t* BufferFromFile(const char* input_file, uint64_t* len) {
int fd;
@@ -35,9 +34,9 @@
}
*len = stat_fd.st_size;
- buf = (uint8_t*) Malloc(*len);
+ buf = (uint8_t*)malloc(*len);
if (!buf) {
- error("Couldn't allocate %ld bytes for file %s\n", *len, input_file);
+ VbExError("Couldn't allocate %ld bytes for file %s\n", *len, input_file);
return NULL;
}
@@ -56,7 +55,7 @@
uint8_t* buf = BufferFromFile(input_file, &len);
if (buf)
key = RSAPublicKeyFromBuf(buf, len);
- Free(buf);
+ free(buf);
return key;
}
@@ -98,21 +97,21 @@
strlen(key_file) + 1 + /* +1 for space. */
strlen(input_file) +
1); /* For the trailing '\0'. */
- cmd = (char*) Malloc(cmd_len);
+ cmd = (char*) malloc(cmd_len);
snprintf(cmd, cmd_len, "%s %u %s %s", sign_utility, algorithm, key_file,
input_file);
cmd_out = popen(cmd, "r");
- Free(cmd);
+ free(cmd);
if (!cmd_out) {
VBDEBUG(("Couldn't execute: %s\n", cmd));
return NULL;
}
- signature = (uint8_t*) Malloc(signature_size);
+ signature = (uint8_t*) malloc(signature_size);
if (fread(signature, signature_size, 1, cmd_out) != 1) {
VBDEBUG(("Couldn't read signature.\n"));
pclose(cmd_out);
- Free(signature);
+ free(signature);
return NULL;
}
diff --git a/host/lib/host_common.c b/host/lib/host_common.c
index 952a629..9e0a5d9 100644
--- a/host/lib/host_common.c
+++ b/host/lib/host_common.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
@@ -31,7 +31,7 @@
VbSignature *sigtmp;
/* Allocate key block */
- h = (VbFirmwarePreambleHeader*)Malloc(block_size);
+ h = (VbFirmwarePreambleHeader*)malloc(block_size);
if (!h)
return NULL;
kernel_subkey_dest = (uint8_t*)(h + 1);
@@ -60,7 +60,7 @@
/* Calculate signature */
sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key);
SignatureCopy(&h->preamble_signature, sigtmp);
- Free(sigtmp);
+ free(sigtmp);
/* Return the header */
return h;
@@ -68,7 +68,7 @@
/* Creates a kernel preamble, signed with [signing_key].
- * Caller owns the returned pointer, and must free it with Free().
+ * Caller owns the returned pointer, and must free it with free().
*
* Returns NULL if error. */
VbKernelPreambleHeader* CreateKernelPreamble(
@@ -93,7 +93,7 @@
block_size = desired_size;
/* Allocate key block */
- h = (VbKernelPreambleHeader*)Malloc(block_size);
+ h = (VbKernelPreambleHeader*)malloc(block_size);
Memset(h, 0, block_size);
if (!h)
@@ -121,7 +121,7 @@
/* Calculate signature */
sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key);
SignatureCopy(&h->preamble_signature, sigtmp);
- Free(sigtmp);
+ free(sigtmp);
/* Return the header */
return h;
diff --git a/host/lib/host_key.c b/host/lib/host_key.c
index 33d911f..e2736f9 100644
--- a/host/lib/host_key.c
+++ b/host/lib/host_key.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
@@ -17,11 +17,10 @@
#include <stdlib.h>
#include <unistd.h>
-#include "host_key.h"
-
#include "cryptolib.h"
+#include "host_common.h"
+#include "host_key.h"
#include "host_misc.h"
-#include "utility.h"
#include "vboot_common.h"
@@ -51,7 +50,7 @@
}
/* Store key and algorithm in our struct */
- key = (VbPrivateKey*)Malloc(sizeof(VbPrivateKey));
+ key = (VbPrivateKey*)malloc(sizeof(VbPrivateKey));
if (!key) {
RSA_free(rsa_key);
return NULL;
@@ -69,7 +68,7 @@
return;
if (key->rsa_private_key)
RSA_free(key->rsa_private_key);
- Free(key);
+ free(key);
}
@@ -81,33 +80,33 @@
buflen = i2d_RSAPrivateKey(key->rsa_private_key, &outbuf);
if (buflen <= 0) {
- error("Unable to write private key buffer\n");
+ VbExError("Unable to write private key buffer\n");
return 1;
}
f = fopen(filename, "wb");
if (!f) {
- error("Unable to open file %s\n", filename);
- Free(outbuf);
+ VbExError("Unable to open file %s\n", filename);
+ free(outbuf);
return 1;
}
if (1 != fwrite(&key->algorithm, sizeof(key->algorithm), 1, f)) {
- error("Unable to write to file %s\n", filename);
+ VbExError("Unable to write to file %s\n", filename);
fclose(f);
- Free(outbuf);
+ free(outbuf);
unlink(filename); /* Delete any partial file */
}
if (1 != fwrite(outbuf, buflen, 1, f)) {
- error("Unable to write to file %s\n", filename);
+ VbExError("Unable to write to file %s\n", filename);
fclose(f);
unlink(filename); /* Delete any partial file */
- Free(outbuf);
+ free(outbuf);
}
fclose(f);
- Free(outbuf);
+ free(outbuf);
return 0;
}
@@ -119,14 +118,14 @@
buffer = ReadFile(filename, &filelen);
if (!buffer) {
- error("unable to read from file %s\n", filename);
+ VbExError("unable to read from file %s\n", filename);
return 0;
}
- key = (VbPrivateKey*)Malloc(sizeof(VbPrivateKey));
+ key = (VbPrivateKey*)malloc(sizeof(VbPrivateKey));
if (!key) {
- error("Unable to allocate VbPrivateKey\n");
- Free(buffer);
+ VbExError("Unable to allocate VbPrivateKey\n");
+ free(buffer);
return 0;
}
@@ -137,13 +136,13 @@
filelen - sizeof(key->algorithm));
if (!key->rsa_private_key) {
- error("Unable to parse RSA private key\n");
- Free(buffer);
- Free(key);
+ VbExError("Unable to parse RSA private key\n");
+ free(buffer);
+ free(key);
return 0;
}
- Free(buffer);
+ free(buffer);
return key;
}
@@ -151,7 +150,7 @@
/* Allocate a new public key with space for a [key_size] byte key. */
VbPublicKey* PublicKeyAlloc(uint64_t key_size, uint64_t algorithm,
uint64_t version) {
- VbPublicKey* key = (VbPublicKey*)Malloc(sizeof(VbPublicKey) + key_size);
+ VbPublicKey* key = (VbPublicKey*)malloc(sizeof(VbPublicKey) + key_size);
if (!key)
return NULL;
@@ -186,18 +185,18 @@
if (!RSAProcessedKeySize(algorithm, &expected_key_size) ||
expected_key_size != key_size) {
VBDEBUG(("PublicKeyReadKeyb() wrong key size for algorithm\n"));
- Free(key_data);
+ free(key_data);
return NULL;
}
key = PublicKeyAlloc(key_size, algorithm, version);
if (!key) {
- Free(key_data);
+ free(key_data);
return NULL;
}
Memcpy(GetPublicKeyData(key), key_data, key_size);
- Free(key_data);
+ free(key_data);
return key;
}
@@ -237,7 +236,7 @@
} while(0);
/* Error */
- Free(key);
+ free(key);
return NULL;
}
@@ -250,12 +249,12 @@
if (!kcopy)
return 1;
if (0 != PublicKeyCopy(kcopy, key)) {
- Free(kcopy);
+ free(kcopy);
return 1;
}
/* Write the copy, then free it */
rv = WriteFile(filename, kcopy, kcopy->key_offset + kcopy->key_size);
- Free(kcopy);
+ free(kcopy);
return rv;
}
diff --git a/host/lib/host_keyblock.c b/host/lib/host_keyblock.c
index 97a5d12..b12f024 100644
--- a/host/lib/host_keyblock.c
+++ b/host/lib/host_keyblock.c
@@ -1,15 +1,14 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Host functions for verified boot.
*/
-#include "host_keyblock.h"
#include "cryptolib.h"
#include "host_common.h"
-#include "utility.h"
+#include "host_keyblock.h"
#include "vboot_common.h"
@@ -28,7 +27,7 @@
VbSignature *sigtmp;
/* Allocate key block */
- h = (VbKeyBlockHeader*)Malloc(block_size);
+ h = (VbKeyBlockHeader*)malloc(block_size);
if (!h)
return NULL;
data_key_dest = (uint8_t*)(h + 1);
@@ -57,13 +56,13 @@
/* Calculate checksum */
sigtmp = CalculateChecksum((uint8_t*)h, signed_size);
SignatureCopy(&h->key_block_checksum, sigtmp);
- Free(sigtmp);
+ free(sigtmp);
/* Calculate signature */
if (signing_key) {
sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key);
SignatureCopy(&h->key_block_signature, sigtmp);
- Free(sigtmp);
+ free(sigtmp);
}
/* Return the header */
@@ -88,7 +87,7 @@
VbSignature *sigtmp;
/* Allocate key block */
- h = (VbKeyBlockHeader*)Malloc(block_size);
+ h = (VbKeyBlockHeader*)malloc(block_size);
if (!h)
return NULL;
if (!signing_key_pem_file || !data_key || !external_signer)
@@ -117,21 +116,21 @@
/* Calculate checksum */
sigtmp = CalculateChecksum((uint8_t*)h, signed_size);
SignatureCopy(&h->key_block_checksum, sigtmp);
- Free(sigtmp);
+ free(sigtmp);
/* Calculate signature */
sigtmp = CalculateSignature_external((uint8_t*)h, signed_size,
signing_key_pem_file, algorithm,
external_signer);
SignatureCopy(&h->key_block_signature, sigtmp);
- Free(sigtmp);
+ free(sigtmp);
/* Return the header */
return h;
}
/* Read a key block from a .keyblock file. Caller owns the returned
- * pointer, and must free it with Free().
+ * pointer, and must free it with free().
*
* Returns NULL if error. */
VbKeyBlockHeader* KeyBlockRead(const char* filename) {
@@ -149,7 +148,7 @@
* the public signing key. */
if (0 != KeyBlockVerify(block, file_size, NULL, 1)) {
VBDEBUG(("Invalid key block file: filename\n", filename));
- Free(block);
+ free(block);
return NULL;
}
diff --git a/host/lib/host_misc.c b/host/lib/host_misc.c
index f8dd9b8..ad3b4eb 100644
--- a/host/lib/host_misc.c
+++ b/host/lib/host_misc.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
@@ -12,10 +12,8 @@
#include <string.h>
#include <unistd.h>
-#include "host_common.h"
-
#include "cryptolib.h"
-#include "utility.h"
+#include "host_common.h"
#include "vboot_common.h"
@@ -40,7 +38,7 @@
*size = ftell(f);
rewind(f);
- buf = Malloc(*size);
+ buf = malloc(*size);
if (!buf) {
fclose(f);
return NULL;
@@ -49,7 +47,7 @@
if(1 != fread(buf, *size, 1, f)) {
VBDEBUG(("Unable to read from file %s\n", filename));
fclose(f);
- Free(buf);
+ free(buf);
return NULL;
}
@@ -121,5 +119,5 @@
int i;
for (i=0; i<SHA1_DIGEST_SIZE; i++)
printf("%02x", digest[i]);
- Free(digest);
+ free(digest);
}
diff --git a/host/lib/host_signature.c b/host/lib/host_signature.c
index 6440dd2..4dbac49 100644
--- a/host/lib/host_signature.c
+++ b/host/lib/host_signature.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
@@ -20,13 +20,12 @@
#include "cryptolib.h"
#include "file_keys.h"
-#include "utility.h"
-#include "vboot_common.h"
#include "host_common.h"
+#include "vboot_common.h"
VbSignature* SignatureAlloc(uint64_t sig_size, uint64_t data_size) {
- VbSignature* sig = (VbSignature*)Malloc(sizeof(VbSignature) + sig_size);
+ VbSignature* sig = (VbSignature*)malloc(sizeof(VbSignature) + sig_size);
if (!sig)
return NULL;
@@ -66,7 +65,7 @@
sig = SignatureAlloc(SHA512_DIGEST_SIZE, 0);
if (!sig) {
- Free(header_checksum);
+ free(header_checksum);
return NULL;
}
sig->sig_offset = sizeof(VbSignature);
@@ -75,7 +74,7 @@
/* Signature data immediately follows the header */
Memcpy(GetSignatureData(sig), header_checksum, SHA512_DIGEST_SIZE);
- Free(header_checksum);
+ free(header_checksum);
return sig;
}
@@ -101,19 +100,19 @@
return NULL;
/* Prepend the digest info to the digest */
- signature_digest = Malloc(signature_digest_len);
+ signature_digest = malloc(signature_digest_len);
if (!signature_digest) {
- Free(digest);
+ free(digest);
return NULL;
}
Memcpy(signature_digest, digestinfo, digestinfo_size);
Memcpy(signature_digest + digestinfo_size, digest, digest_size);
- Free(digest);
+ free(digest);
/* Allocate output signature */
sig = SignatureAlloc(siglen_map[key->algorithm], size);
if (!sig) {
- Free(signature_digest);
+ free(signature_digest);
return NULL;
}
@@ -123,11 +122,11 @@
GetSignatureData(sig), /* Output sig */
key->rsa_private_key, /* Key to use */
RSA_PKCS1_PADDING); /* Padding to use */
- Free(signature_digest);
+ free(signature_digest);
if (-1 == rv) {
VBDEBUG(("SignatureBuf(): RSA_private_encrypt() failed.\n"));
- Free(sig);
+ free(sig);
return NULL;
}
@@ -246,19 +245,19 @@
return NULL;
/* Prepend the digest info to the digest */
- signature_digest = Malloc(signature_digest_len);
+ signature_digest = malloc(signature_digest_len);
if (!signature_digest) {
- Free(digest);
+ free(digest);
return NULL;
}
Memcpy(signature_digest, digestinfo, digestinfo_size);
Memcpy(signature_digest + digestinfo_size, digest, digest_size);
- Free(digest);
+ free(digest);
/* Allocate output signature */
sig = SignatureAlloc(siglen_map[key_algorithm], size);
if (!sig) {
- Free(signature_digest);
+ free(signature_digest);
return NULL;
}
@@ -269,11 +268,11 @@
siglen_map[key_algorithm], /* Max Output sig size */
key_file, /* Key file to use */
external_signer); /* External cmd to invoke */
- Free(signature_digest);
+ free(signature_digest);
if (-1 == rv) {
VBDEBUG(("SignatureBuf(): RSA_private_encrypt() failed.\n"));
- Free(sig);
+ free(sig);
return NULL;
}
diff --git a/host/lib/signature_digest.c b/host/lib/signature_digest.c
index 6bf5c82..81c666e 100644
--- a/host/lib/signature_digest.c
+++ b/host/lib/signature_digest.c
@@ -14,13 +14,14 @@
#include <unistd.h>
#include "cryptolib.h"
-#include "utility.h"
+#include "host_common.h"
+
uint8_t* PrependDigestInfo(unsigned int algorithm, uint8_t* digest) {
const int digest_size = hash_size_map[algorithm];
const int digestinfo_size = digestinfo_size_map[algorithm];
const uint8_t* digestinfo = hash_digestinfo_map[algorithm];
- uint8_t* p = Malloc(digestinfo_size + digest_size);
+ uint8_t* p = malloc(digestinfo_size + digest_size);
Memcpy(p, digestinfo, digestinfo_size);
Memcpy(p + digestinfo_size, digest, digest_size);
return p;
@@ -36,7 +37,7 @@
} else if ((digest = DigestBuf(buf, len, algorithm))) {
info_digest = PrependDigestInfo(algorithm, digest);
}
- Free(digest);
+ free(digest);
return info_digest;
}
@@ -51,11 +52,11 @@
key_fp = fopen(key_file, "r");
if (!key_fp) {
VBDEBUG(("SignatureBuf(): Couldn't open key file: %s\n", key_file));
- Free(signature_digest);
+ free(signature_digest);
return NULL;
}
if ((key = PEM_read_RSAPrivateKey(key_fp, NULL, NULL, NULL)))
- signature = (uint8_t*) Malloc(siglen_map[algorithm]);
+ signature = (uint8_t*) malloc(siglen_map[algorithm]);
else
VBDEBUG(("SignatureBuf(): Couldn't read private key from file: %s\n",
key_file));
@@ -70,6 +71,6 @@
fclose(key_fp);
if (key)
RSA_free(key);
- Free(signature_digest);
+ free(signature_digest);
return signature;
}