Vboot Reference: Refactor Code.
This CL does the following:
1) It adds a SignatureBuf function which uses the OpenSSL library to generate RSA signature. This is more robust than the previous way of invoking the command line "openssl" utility and capturing its output. No more unnecessary temporary files for signature operations.
2) It adds functions that allow direct manipulation of binary verified Firmware and Kernel Image blobs in memory.
3) It changes the structure field members for FirmwareImage to make it consistent with KernelImage. Now it's clearer which key is used when.
4) Minor bug fixes and slightly improved API for dealing verified boot firmware and kernel images.
5) Renames the RSA_verify function to prevent conflicts with OpenSSL since it's linked into the firmware utility binary.
Review URL: http://codereview.chromium.org/661353
diff --git a/include/firmware_image.h b/include/firmware_image.h
index 9a6ad19..67250f3 100644
--- a/include/firmware_image.h
+++ b/include/firmware_image.h
@@ -25,12 +25,14 @@
uint8_t magic[FIRMWARE_MAGIC_SIZE];
/* Key Header */
uint16_t header_len; /* Length of the header. */
- uint16_t sign_algorithm; /* Signature algorithm used by the signing key. */
- uint8_t* sign_key; /* Pre-processed public half of signing key. */
- uint16_t key_version; /* Key Version# for preventing rollbacks. */
+ uint16_t firmware_sign_algorithm; /* Signature algorithm used by the signing
+ * key. */
+ uint8_t* firmware_sign_key; /* Pre-processed public half of signing key. */
+ uint16_t firmware_key_version; /* Key Version# for preventing rollbacks. */
uint8_t header_checksum[SHA512_DIGEST_SIZE]; /* SHA-512 hash of the header.*/
- uint8_t key_signature[RSA8192NUMBYTES]; /* Signature of the header above. */
+ uint8_t firmware_key_signature[RSA8192NUMBYTES]; /* Signature of the header
+ * above. */
/* Firmware Preamble. */
uint16_t firmware_version; /* Firmware Version# for preventing rollbacks.*/
@@ -53,29 +55,38 @@
/* Deep free the contents of [fw]. */
void FirmwareImageFree(FirmwareImage* fw);
-/* Read firmware data from file named [input_file]..
+/* Read firmware data from file named [input_file].
*
* Returns a filled up FirmwareImage structure on success, NULL on error.
*/
FirmwareImage* ReadFirmwareImage(const char* input_file);
-/* Write firmware header from [image] to an open file pointed by the
- * file descriptor [fd].
+/* Get firmware header binary blob from an [image].
+ *
+ * Caller owns the returned pointer and must Free() it.
*/
-void WriteFirmwareHeader(int fd, FirmwareImage* image);
+uint8_t* GetFirmwareHeaderBlob(const FirmwareImage* image);
-/* Write firmware preamble from [image] to an open file pointed by the
- * file descriptor [fd].
+/* Get firmware preamble binary blob from an [image].
+ *
+ * Caller owns the returned pointer and must Free() it.
*/
-void WriteFirmwarePreamble(int fd, FirmwareImage* image);
+uint8_t* GetFirmwarePreambleBlob(const FirmwareImage* image);
+/* Get a verified firmware binary blob from an [image] and fill its
+ * length into blob_len.
+ *
+ * Caller owns the returned pointer and must Free() it.
+ */
+uint8_t* GetFirmwareBlob(const FirmwareImage* image, int* blob_len);
/* Write firmware data from [image] into a file named [input_file].
*
- * Return [image] on success, NULL on error.
+ * Return 1 on success, 0 on failure.
*/
-FirmwareImage* WriteFirmwareImage(const char* input_file,
- FirmwareImage* image);
+int WriteFirmwareImage(const char* input_file,
+ const FirmwareImage* image);
+
/* Pretty print the contents of [image]. Only headers and metadata information
* is printed.
@@ -173,7 +184,6 @@
*
* Return 1 on success, 0 on failure.
*/
-int AddFirmwareSignature(FirmwareImage* image, const char* signing_key_file,
- int algorithm);
+int AddFirmwareSignature(FirmwareImage* image, const char* signing_key_file);
#endif /* VBOOT_REFERENCE_FIRMWARE_IMAGE_H_ */
diff --git a/include/firmware_utility.h b/include/firmware_utility.h
index 72cbc85..86e2ad2 100644
--- a/include/firmware_utility.h
+++ b/include/firmware_utility.h
@@ -51,10 +51,10 @@
std::string root_key_file_;
std::string root_key_pub_file_;
int firmware_version_;
- std::string sign_key_file_;
- std::string sign_key_pub_file_;
- int key_version_;
- int sign_algorithm_;
+ std::string firmware_sign_key_file_;
+ std::string firmware_sign_key_pub_file_;
+ int firmware_key_version_;
+ int firmware_sign_algorithm_;
std::string in_file_;
std::string out_file_;
bool is_generate_; // Are we generating a new image?
diff --git a/include/kernel_image.h b/include/kernel_image.h
index c65c614..4fb79ac 100644
--- a/include/kernel_image.h
+++ b/include/kernel_image.h
@@ -74,22 +74,31 @@
*/
KernelImage* ReadKernelImage(const char* input_file);
-/* Write kernel key header from [image] to an open file pointed by the
- * file descriptor [fd].
+/* Get kernel header binary blob from an [image].
+ *
+ * Caller owns the returned pointer and must Free() it.
*/
-void WriteKernelHeader(int fd, KernelImage* image);
+uint8_t* GetKernelHeaderBlob(const KernelImage* image);
-/* Write kernel config from [image] to an open file pointed by the
- * file descriptor [fd].
+/* Get kernel config binary blob from an [image].
+ *
+ * Caller owns the returned pointer and must Free() it.
*/
-void WriteKernelConfig(int fd, KernelImage* image);
+uint8_t* GetKernelConfigBlob(const KernelImage* image);
+
+/* Get a verified kernel binary blob from an [image] and fill
+ * its length into blob_len.
+ *
+ * Caller owns the returned pointer and must Free() it.
+ */
+uint8_t* GetKernelBlob(const KernelImage* image, int* blob_len);
/* Write kernel data from [image] to a file named [input_file].
*
- * Return [image] on success, NULL on error.
+ * Return 1 on success, 0 on error.
*/
-KernelImage* WriteKernelImage(const char* input_file,
- KernelImage* image);
+int WriteKernelImage(const char* input_file,
+ const KernelImage* image);
/* Pretty print the contents of [image]. Only headers and metadata information
* is printed.
@@ -194,7 +203,7 @@
*
* Return 1 on success, 0 on failure.
*/
-int AddKernelSignature(KernelImage* image, const char* kernel_sigining_key_file,
- int algorithm);
+int AddKernelSignature(KernelImage* image,
+ const char* kernel_sigining_key_file);
#endif /* VBOOT_REFERENCE_KERNEL_IMAGE_H_ */
diff --git a/include/rsa.h b/include/rsa.h
index 1969ab6..8f2ede8 100644
--- a/include/rsa.h
+++ b/include/rsa.h
@@ -28,7 +28,7 @@
/* Verify a RSA PKCS1.5 signature [sig] of [sig_type] and length [sig_len]
* against an expected [hash] using [key]. Returns 0 on failure, 1 on success.
*/
-int RSA_verify(const RSAPublicKey *key,
+int RSAVerify(const RSAPublicKey *key,
const uint8_t* sig,
const int sig_len,
const uint8_t sig_type,
diff --git a/include/signature_digest.h b/include/signature_digest.h
index fcd7275..291c599 100644
--- a/include/signature_digest.h
+++ b/include/signature_digest.h
@@ -13,4 +13,23 @@
*/
uint8_t* prepend_digestinfo(int algorithm, uint8_t* digest);
+/* Function that outputs the message digest of the contents of a buffer in a
+ * format that can be used as input to OpenSSL for an RSA signature.
+ * Needed until the stable OpenSSL release supports SHA-256/512 digests for
+ * RSA signatures.
+ *
+ * Returns DigestInfo || Digest where DigestInfo is the OID depending on the
+ * choice of the hash algorithm (see padding.c). Caller owns the returned
+ * pointer and must Free() it.
+ */
+uint8_t* SignatureDigest(const uint8_t* buf, int len, int algorithm);
+
+/* Calculates the signature on a buffer [buf] of length [len] using
+ * the private RSA key file from [key_file] and signature algorithm
+ * [algorithm].
+ *
+ * Returns the signature. Caller owns the buffer and must Free() it.
+ */
+uint8_t* SignatureBuf(const uint8_t* buf, int len, const char* key_file,
+ int algorithm);
#endif /* VBOOT_REFERENCE_SIGNATURE_DIGEST_H_ */
diff --git a/include/utility.h b/include/utility.h
index 3618263..b26e247 100644
--- a/include/utility.h
+++ b/include/utility.h
@@ -41,7 +41,7 @@
/* Copy [len] bytes into [dst] only if there's enough data to read according
* to [state].
- * On success, return [dst] and update [state]..
+ * On success, return [dst] and update [state].
* On failure, return NULL, set remaining len in state to -1.
*
* Useful for iterating through a binary blob to populate a struct. After the
@@ -49,5 +49,14 @@
*/
void* StatefulMemcpy(MemcpyState* state, void* dst, int len);
+/* Like StatefulMemcpy() but copies in the opposite direction, populating
+ * data from [src] into the buffer encapsulated in state [state].
+ * On success, return [src] and update [state].
+ * On failure, return NULL, set remaining_len in state to -1.
+ *
+ * Useful for iterating through a structure to populate a binary blob. After the
+ * first failure (buffer overrun), successive calls will always fail.
+ */
+const void* StatefulMemcpy_r(MemcpyState* state, const void* src, int len);
#endif /* VBOOT_REFERENCE_UTILITY_H_ */