Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / vboot_reference / a6fb7a6f5cc88744d7cd948b05b3d90344c63749 / . / utils / kernel_utility.cc
blob: 4e12c6d6a4402950599637322ea25a25727fc758 [file] [log] [blame]
Gaurav Shah80d129b2010-03-03 17:58:43 -0800[diff] [blame]1// Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4//
5// Utility for manipulating verified boot firmware images.
6//
7
8#include "kernel_utility.h"
9
10#include <errno.h>
11#include <getopt.h>
Gaurav Shaha6fb7a62010-03-04 15:00:50 -0800[diff] [blame^]12#include <stdio.h>
Gaurav Shah80d129b2010-03-03 17:58:43 -0800[diff] [blame]13#include <stdint.h> // Needed for UINT16_MAX.
14#include <stdlib.h>
15#include <unistd.h>
16
17#include <iostream>
18
19extern "C" {
20#include "file_keys.h"
21#include "kernel_image.h"
22#include "padding.h"
23#include "rsa_utility.h"
24#include "sha_utility.h"
25#include "utility.h"
26}
27
28extern int errno;
29using std::cerr;
30
31namespace vboot_reference {
32
33KernelUtility::KernelUtility(): image_(NULL),
34 firmware_key_pub_(NULL),
35 header_version_(1),
36 firmware_sign_algorithm_(-1),
37 kernel_sign_algorithm_(-1),
38 kernel_key_version_(-1),
39 kernel_version_(-1),
40 is_generate_(false),
41 is_verify_(false) {
42 // Populate kernel config options with defaults.
43 options_.version[0] = 1;
44 options_.version[1] = 0;
45 options_.kernel_len = 0;
46 options_.kernel_load_addr = 0;
47 options_.kernel_entry_addr = 0;
48}
49
50KernelUtility::~KernelUtility() {
51 RSAPublicKeyFree(firmware_key_pub_);
52 KernelImageFree(image_);
53}
54
55void KernelUtility::PrintUsage(void) {
56 cerr <<
57 "Utility to generate/verify a verified boot kernel image\n\n"
58 "Usage: firmware_utility <--generate|--verify> [OPTIONS]\n\n"
59 "For \"--verify\", required OPTIONS are:\n"
60 "--in <infile>\t\t\tVerified boot kernel image to verify.\n"
61 "--firmware_key_pub <pubkeyfile>\tPre-processed public firmware key "
62 "to use for verification.\n\n"
63 "For \"--generate\", required OPTIONS are:\n"
64 "--firmware_key <privkeyfile>\tPrivate firmware signing key file\n"
65 "--kernel_key <privkeyfile>\tPrivate kernel signing key file\n"
66 "--kernel_key_pub <pubkeyfile>\tPre-processed public kernel signing"
67 " key\n"
68 "--firmware_sign_algorithm <algoid>\tSigning algorithm used by "
69 "the firmware\n"
70 "--kernel_sign_algorithm <algoid>\tSigning algorithm to use for kernel\n"
71 "--kernel_key_version <version#>\tKernel signing Key Version#\n"
72 "--kernel_version <version#>\tKernel Version#\n"
73 "--in <infile>\t\tKernel Image to sign\n"
74 "--out <outfile>\t\tOutput file for verified boot Kernel image\n\n"
75 "Optional arguments for \"--generate\" include:\n"
76 "--config_version <version>\n"
77 "--kernel_load_addr <addr>\n"
78 "--kernel_entry_addr <addr>\n\n"
79 "<algoid> (for --*_sign_algorithm) is one of the following:\n";
80 for (int i = 0; i < kNumAlgorithms; i++) {
81 cerr << i << " for " << algo_strings[i] << "\n";
82 }
83 cerr << "\n\n";
84}
85
86bool KernelUtility::ParseCmdLineOptions(int argc, char* argv[]) {
87 int option_index;
88 static struct option long_options[] = {
89 {"firmware_key", 1, 0, 0},
90 {"firmware_key_pub", 1, 0, 0},
91 {"kernel_key", 1, 0, 0},
92 {"kernel_key_pub", 1, 0, 0},
93 {"firmware_sign_algorithm", 1, 0, 0},
94 {"kernel_sign_algorithm", 1, 0, 0},
95 {"kernel_key_version", 1, 0, 0},
96 {"kernel_version", 1, 0, 0},
97 {"in", 1, 0, 0},
98 {"out", 1, 0, 0},
99 {"generate", 0, 0, 0},
100 {"verify", 0, 0, 0},
101 {"config_version", 1, 0, 0},
102 {"kernel_load_addr", 1, 0, 0},
103 {"kernel_entry_addr", 1, 0, 0},
104 {NULL, 0, 0, 0}
105 };
106 while (1) {
107 int i = getopt_long(argc, argv, "", long_options, &option_index);
108 if (-1 == i) // Done with option processing.
109 break;
110 if ('?' == i) // Invalid option found.
111 return false;
112
113 if (0 == i) {
114 switch (option_index) {
115 case 0: // firmware_key
116 firmware_key_file_ = optarg;
117 break;
118 case 1: // firmware_key_pub
119 firmware_key_pub_file_ = optarg;
120 break;
121 case 2: // kernel_key
122 kernel_key_file_ = optarg;
123 break;
124 case 3: // kernel_key_pub
125 kernel_key_pub_file_ = optarg;
126 break;
127 case 4: // firmware_sign_algorithm
128 errno = 0; // strtol() returns an error via errno
129 firmware_sign_algorithm_ = strtol(optarg,
130 reinterpret_cast<char**>(NULL), 10);
131 if (errno)
132 return false;
133 break;
134 case 5: // kernel_sign_algorithm
135 errno = 0;
136 kernel_sign_algorithm_ = strtol(optarg,
137 reinterpret_cast<char**>(NULL), 10);
138 if (errno)
139 return false;
140 break;
141 case 6: // kernel_key_version
142 errno = 0;
143 kernel_key_version_ = strtol(optarg,
144 reinterpret_cast<char**>(NULL), 10);
145 if (errno)
146 return false;
147 break;
148 case 7: // kernel_version
149 errno = 0;
150 kernel_version_ = strtol(optarg,
151 reinterpret_cast<char**>(NULL), 10);
152 if (errno)
153 return false;
154 break;
155 case 8: // in
156 in_file_ = optarg;
157 break;
158 case 9: // out
159 out_file_ = optarg;
160 break;
161 case 10: // generate
162 is_generate_ = true;
163 break;
164 case 11: // verify
165 is_verify_ = true;
166 break;
167 case 12: // config_version
168 if (2 != sscanf(optarg, "%d.%d", &options_.version[0],
169 &options_.version[1]))
170 return false;
171 break;
172 case 13: // kernel_load_addr
173 errno = 0;
174 options_.kernel_load_addr =
175 strtol(optarg, reinterpret_cast<char**>(NULL), 10);
176 if (errno)
177 return false;
178 break;
179 case 14: // kernel_entry_addr
180 errno = 0;
181 options_.kernel_entry_addr =
182 strtol(optarg, reinterpret_cast<char**>(NULL), 10);
183
184 if (errno)
185 return false;
186 break;
187 }
188 }
189 }
190 return CheckOptions();
191}
192
193void KernelUtility::OutputSignedImage(void) {
194 if (image_) {
195 if (!WriteKernelImage(out_file_.c_str(), image_)) {
196 cerr << "Couldn't write verified boot kernel image to file "
197 << out_file_ <<".\n";
198 }
199 }
200}
201
202bool KernelUtility::GenerateSignedImage(void) {
203 uint32_t kernel_key_pub_len;
204 uint8_t* header_checksum;
205 DigestContext ctx;
206 image_ = KernelImageNew();
207
208 Memcpy(image_->magic, KERNEL_MAGIC, KERNEL_MAGIC_SIZE);
209
210 // TODO(gauravsh): make this a command line option.
211 image_->header_version = 1;
212 image_->firmware_sign_algorithm = (uint16_t) firmware_sign_algorithm_;
213 // Copy pre-processed public signing key.
214 image_->kernel_sign_algorithm = (uint16_t) kernel_sign_algorithm_;
215 image_->kernel_sign_key = BufferFromFile(kernel_key_pub_file_.c_str(),
216 &kernel_key_pub_len);
217 if (!image_->kernel_sign_key)
218 return false;
219 image_->kernel_key_version = kernel_key_version_;
220
221 // Update header length.
222 image_->header_len = GetKernelHeaderLen(image_);
223
224 // Calculate header checksum.
225 DigestInit(&ctx, SHA512_DIGEST_ALGORITHM);
226 DigestUpdate(&ctx, reinterpret_cast<uint8_t*>(&image_->header_version),
227 sizeof(image_->header_version));
228 DigestUpdate(&ctx, reinterpret_cast<uint8_t*>(&image_->header_len),
229 sizeof(image_->header_len));
230 DigestUpdate(&ctx, reinterpret_cast<uint8_t*>(&image_->kernel_sign_algorithm),
231 sizeof(image_->kernel_sign_algorithm));
232 DigestUpdate(&ctx, reinterpret_cast<uint8_t*>(&image_->kernel_key_version),
233 sizeof(image_->kernel_key_version));
234 DigestUpdate(&ctx, image_->kernel_sign_key,
235 RSAProcessedKeySize(image_->kernel_sign_algorithm));
236 header_checksum = DigestFinal(&ctx);
237 Memcpy(image_->header_checksum, header_checksum, SHA512_DIGEST_SIZE);
238 Free(header_checksum);
239
240 image_->kernel_version = kernel_version_;
241 image_->options.version[0] = options_.version[0];
242 image_->options.version[1] = options_.version[1];
243 image_->options.kernel_load_addr = options_.kernel_load_addr;
244 image_->options.kernel_entry_addr = options_.kernel_entry_addr;
245 image_->kernel_data = BufferFromFile(in_file_.c_str(),
246 &image_->options.kernel_len);
247 if (!image_)
248 return false;
249 // Generate and add the signatures.
250 if (!AddKernelKeySignature(image_, firmware_key_file_.c_str())) {
251 cerr << "Couldn't write key signature to verified boot image.\n";
252 return false;
253 }
254
255 if (!AddKernelSignature(image_, kernel_key_file_.c_str())) {
256 cerr << "Couldn't write firmware signature to verified boot image.\n";
257 return false;
258 }
259 return true;
260}
261
262bool KernelUtility::VerifySignedImage(void) {
263 int error;
264 firmware_key_pub_ = RSAPublicKeyFromFile(firmware_key_pub_file_.c_str());
265 image_ = ReadKernelImage(in_file_.c_str());
266
267 if (!firmware_key_pub_) {
268 cerr << "Couldn't read pre-processed public root key.\n";
269 return false;
270 }
271
272 if (!image_) {
273 cerr << "Couldn't read firmware image or malformed image.\n";
274 return false;
275 }
276 if (!(error = VerifyKernelImage(firmware_key_pub_, image_, 0)))
277 return true;
278 cerr << VerifyKernelErrorString(error) << "\n";
279 return false;
280}
281
282bool KernelUtility::CheckOptions(void) {
283 if (is_generate_ == is_verify_) {
284 cerr << "One of --generate or --verify must be specified.\n";
285 return false;
286 }
287 // Common required options.
288 if (in_file_.empty()) {
289 cerr << "No input file specified.\n";
290 return false;
291 }
292 // Required options for --verify.
293 if (is_verify_ && firmware_key_pub_file_.empty()) {
294 cerr << "No pre-processed public firmware key file specified.\n";
295 return false;
296 }
297 // Required options for --generate.
298 if (is_generate_) {
299 if (firmware_key_file_.empty()) {
300 cerr << "No firmware key file specified.\n";
301 return false;
302 }
303 if (kernel_key_file_.empty()) {
304 cerr << "No kernel key file specified.\n";
305 return false;
306 }
307 if (kernel_key_pub_file_.empty()) {
308 cerr << "No pre-processed public kernel key file specified\n";
309 return false;
310 }
311 if (kernel_key_version_ <= 0 || kernel_key_version_ > UINT16_MAX) {
312 cerr << "Invalid or no kernel key version specified.\n";
313 return false;
314 }
315 if (firmware_sign_algorithm_ < 0 ||
316 firmware_sign_algorithm_ >= kNumAlgorithms) {
317 cerr << "Invalid or no firmware signing key algorithm specified.\n";
318 return false;
319 }
320 if (kernel_sign_algorithm_ < 0 ||
321 kernel_sign_algorithm_ >= kNumAlgorithms) {
322 cerr << "Invalid or no kernel signing key algorithm specified.\n";
323 return false;
324 }
325 if (kernel_version_ <=0 || kernel_version_ > UINT16_MAX) {
326 cerr << "Invalid or no kernel version specified.\n";
327 return false;
328 }
329 if (out_file_.empty()) {
330 cerr <<"No output file specified.\n";
331 return false;
332 }
333 }
334 return true;
335}
336
337} // namespace vboot_reference
338
339int main(int argc, char* argv[]) {
340 vboot_reference::KernelUtility fu;
341 if (!fu.ParseCmdLineOptions(argc, argv)) {
342 fu.PrintUsage();
343 return -1;
344 }
345 if (fu.is_generate()) {
346 if (!fu.GenerateSignedImage())
347 return -1;
348 fu.OutputSignedImage();
349 }
350 if (fu.is_verify()) {
351 cerr << "Verification ";
352 if (fu.VerifySignedImage())
353 cerr << "SUCCESS.\n";
354 else
355 cerr << "FAILURE.\n";
356 }
357 return 0;
358}