vboot: remove VbPublicKey struct
Update all references to vboot2-style struct vb2_packed_key. BUG=b:124141368 TEST=make clean && make runtests BRANCH=none Change-Id: I55a5f6bf315bdb4b83a998759d3732077283998e Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1675871 Tested-by: Joel Kitching <kitching@chromium.org> Commit-Queue: Joel Kitching <kitching@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
This commit is contained in:
parent
9cff6fe1b8
commit
e501b731d8
|
@ -10,24 +10,18 @@
|
|||
#define VBOOT_REFERENCE_VBOOT_STRUCT_H_
|
||||
#include <stdint.h>
|
||||
|
||||
/*
|
||||
* Needed for vb2_packed_key. Use relative path to place nicely with
|
||||
* depthcharge and coreboot.
|
||||
* TODO(kitching): This include should disappear once everything in
|
||||
* this file has either been deprecated or has found a better home.
|
||||
*/
|
||||
#include "../2lib/include/2struct.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif /* __cplusplus */
|
||||
|
||||
/* Public key data */
|
||||
typedef struct VbPublicKey {
|
||||
/* Offset of key data from start of this struct */
|
||||
uint64_t key_offset;
|
||||
/* Size of key data in bytes (NOT strength of key in bits) */
|
||||
uint64_t key_size;
|
||||
/* Signature algorithm used by the key */
|
||||
uint64_t algorithm;
|
||||
/* Key version */
|
||||
uint64_t key_version;
|
||||
} __attribute__((packed)) VbPublicKey;
|
||||
|
||||
#define EXPECTED_VBPUBLICKEY_SIZE 32
|
||||
|
||||
/* Signature data (a secure hash, possibly signed) */
|
||||
typedef struct VbSignature {
|
||||
/* Offset of signature data from start of this struct */
|
||||
|
@ -88,7 +82,7 @@ typedef struct VbKeyBlockHeader {
|
|||
/* Flags for key (KEY_BLOCK_FLAG_*) */
|
||||
uint64_t key_block_flags;
|
||||
/* Key to verify the chunk of data */
|
||||
VbPublicKey data_key;
|
||||
struct vb2_packed_key data_key;
|
||||
} __attribute__((packed)) VbKeyBlockHeader;
|
||||
|
||||
#define EXPECTED_VBKEYBLOCKHEADER_SIZE 112
|
||||
|
@ -409,7 +403,7 @@ typedef struct VbSharedDataHeader {
|
|||
/* Reserved for padding */
|
||||
uint32_t reserved0;
|
||||
/* Kernel subkey, from firmware */
|
||||
VbPublicKey kernel_subkey;
|
||||
struct vb2_packed_key kernel_subkey;
|
||||
/* Offset of kernel subkey data from start of this struct */
|
||||
uint64_t kernel_subkey_data_offset;
|
||||
/* Size of kernel subkey data */
|
||||
|
|
|
@ -9,6 +9,7 @@
|
|||
#define VBOOT_REFERENCE_VBOOT_COMMON_H_
|
||||
|
||||
#include "2api.h"
|
||||
#include "2struct.h"
|
||||
#include "vboot_struct.h"
|
||||
|
||||
/* Test an important condition at compile time, not run time */
|
||||
|
@ -47,8 +48,8 @@ extern const char *kVbootErrors[VBOOT_ERROR_MAX];
|
|||
* Helper functions to get data pointed to by a public key or signature.
|
||||
*/
|
||||
|
||||
uint8_t *GetPublicKeyData(VbPublicKey *key);
|
||||
const uint8_t *GetPublicKeyDataC(const VbPublicKey *key);
|
||||
uint8_t *GetPublicKeyData(struct vb2_packed_key *key);
|
||||
const uint8_t *GetPublicKeyDataC(const struct vb2_packed_key *key);
|
||||
uint8_t *GetSignatureData(VbSignature *sig);
|
||||
const uint8_t *GetSignatureDataC(const VbSignature *sig);
|
||||
|
||||
|
@ -58,7 +59,7 @@ const uint8_t *GetSignatureDataC(const VbSignature *sig);
|
|||
*/
|
||||
|
||||
int VerifyPublicKeyInside(const void *parent, uint64_t parent_size,
|
||||
const VbPublicKey *key);
|
||||
const struct vb2_packed_key *key);
|
||||
|
||||
int VerifySignatureInside(const void *parent, uint64_t parent_size,
|
||||
const VbSignature *sig);
|
||||
|
@ -66,14 +67,16 @@ int VerifySignatureInside(const void *parent, uint64_t parent_size,
|
|||
/**
|
||||
* Initialize a public key to refer to [key_data].
|
||||
*/
|
||||
void PublicKeyInit(VbPublicKey *key, uint8_t *key_data, uint64_t key_size);
|
||||
void PublicKeyInit(struct vb2_packed_key *key,
|
||||
uint8_t *key_data, uint64_t key_size);
|
||||
|
||||
/**
|
||||
* Copy a public key from [src] to [dest].
|
||||
*
|
||||
* Returns 0 if success, non-zero if error.
|
||||
*/
|
||||
int PublicKeyCopy(VbPublicKey *dest, const VbPublicKey *src);
|
||||
int PublicKeyCopy(struct vb2_packed_key *dest,
|
||||
const struct vb2_packed_key *src);
|
||||
|
||||
/**
|
||||
* Retrieve the 16-bit vmlinuz header address and size from the kernel preamble
|
||||
|
@ -122,7 +125,7 @@ uint64_t VbSharedDataReserve(VbSharedDataHeader *header, uint64_t size);
|
|||
* Returns 0 if success, non-zero if error.
|
||||
*/
|
||||
int VbSharedDataSetKernelKey(VbSharedDataHeader *header,
|
||||
const VbPublicKey *src);
|
||||
const struct vb2_packed_key *src);
|
||||
|
||||
/**
|
||||
* Check whether recovery is allowed or not.
|
||||
|
|
|
@ -30,12 +30,12 @@ const char *kVbootErrors[VBOOT_ERROR_MAX] = {
|
|||
|
||||
/* Helper functions to get data pointed to by a public key or signature. */
|
||||
|
||||
uint8_t *GetPublicKeyData(VbPublicKey *key)
|
||||
uint8_t *GetPublicKeyData(struct vb2_packed_key *key)
|
||||
{
|
||||
return (uint8_t *)key + key->key_offset;
|
||||
}
|
||||
|
||||
const uint8_t *GetPublicKeyDataC(const VbPublicKey *key)
|
||||
const uint8_t *GetPublicKeyDataC(const struct vb2_packed_key *key)
|
||||
{
|
||||
return (const uint8_t *)key + key->key_offset;
|
||||
}
|
||||
|
@ -56,10 +56,10 @@ const uint8_t *GetSignatureDataC(const VbSignature *sig)
|
|||
*/
|
||||
|
||||
int VerifyPublicKeyInside(const void *parent, uint64_t parent_size,
|
||||
const VbPublicKey *key)
|
||||
const struct vb2_packed_key *key)
|
||||
{
|
||||
return vb2_verify_member_inside(parent, parent_size,
|
||||
key, sizeof(VbPublicKey),
|
||||
key, sizeof(struct vb2_packed_key),
|
||||
key->key_offset, key->key_size);
|
||||
}
|
||||
|
||||
|
@ -71,7 +71,8 @@ int VerifySignatureInside(const void *parent, uint64_t parent_size,
|
|||
sig->sig_offset, sig->sig_size);
|
||||
}
|
||||
|
||||
void PublicKeyInit(VbPublicKey *key, uint8_t *key_data, uint64_t key_size)
|
||||
void PublicKeyInit(struct vb2_packed_key *key,
|
||||
uint8_t *key_data, uint64_t key_size)
|
||||
{
|
||||
key->key_offset = vb2_offset_of(key, key_data);
|
||||
key->key_size = key_size;
|
||||
|
@ -79,7 +80,7 @@ void PublicKeyInit(VbPublicKey *key, uint8_t *key_data, uint64_t key_size)
|
|||
key->key_version = 0;
|
||||
}
|
||||
|
||||
int PublicKeyCopy(VbPublicKey *dest, const VbPublicKey *src)
|
||||
int PublicKeyCopy(struct vb2_packed_key *dest, const struct vb2_packed_key *src)
|
||||
{
|
||||
if (dest->key_size < src->key_size)
|
||||
return 1;
|
||||
|
@ -146,9 +147,10 @@ uint64_t VbSharedDataReserve(VbSharedDataHeader *header, uint64_t size)
|
|||
return offs;
|
||||
}
|
||||
|
||||
int VbSharedDataSetKernelKey(VbSharedDataHeader *header, const VbPublicKey *src)
|
||||
int VbSharedDataSetKernelKey(VbSharedDataHeader *header,
|
||||
const struct vb2_packed_key *src)
|
||||
{
|
||||
VbPublicKey *kdest;
|
||||
struct vb2_packed_key *kdest;
|
||||
|
||||
if (!header)
|
||||
return VBOOT_SHARED_DATA_INVALID;
|
||||
|
|
|
@ -94,7 +94,7 @@ static void Uint8ToString(char *buf, uint8_t val)
|
|||
*buf = trans[val & 0xF];
|
||||
}
|
||||
|
||||
static void FillInSha1Sum(char *outbuf, VbPublicKey *key)
|
||||
static void FillInSha1Sum(char *outbuf, struct vb2_packed_key *key)
|
||||
{
|
||||
uint8_t *buf = ((uint8_t *)key) + key->key_offset;
|
||||
uint64_t buflen = key->key_size;
|
||||
|
@ -371,7 +371,7 @@ VbError_t VbDisplayDebugInfo(struct vb2_context *ctx)
|
|||
struct vb2_workbuf wblocal = wb;
|
||||
ret = vb2_gbb_read_root_key(ctx, &key, NULL, &wblocal);
|
||||
if (!ret) {
|
||||
FillInSha1Sum(sha1sum, (VbPublicKey *)key);
|
||||
FillInSha1Sum(sha1sum, key);
|
||||
used += StrnAppend(buf + used, "\ngbb.rootkey: ",
|
||||
DEBUG_INFO_SIZE - used);
|
||||
used += StrnAppend(buf + used, sha1sum,
|
||||
|
@ -384,7 +384,7 @@ VbError_t VbDisplayDebugInfo(struct vb2_context *ctx)
|
|||
struct vb2_workbuf wblocal = wb;
|
||||
ret = vb2_gbb_read_recovery_key(ctx, &key, NULL, &wblocal);
|
||||
if (!ret) {
|
||||
FillInSha1Sum(sha1sum, (VbPublicKey *)key);
|
||||
FillInSha1Sum(sha1sum, key);
|
||||
used += StrnAppend(buf + used, "\ngbb.recovery_key: ",
|
||||
DEBUG_INFO_SIZE - used);
|
||||
used += StrnAppend(buf + used, sha1sum,
|
||||
|
|
|
@ -80,18 +80,12 @@ static void test_array_size(void)
|
|||
*/
|
||||
static void test_struct_packing(void)
|
||||
{
|
||||
/* Test vboot2 versions of vboot1 structs */
|
||||
TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE,
|
||||
sizeof(struct vb2_packed_key),
|
||||
"sizeof(vb2_packed_key)");
|
||||
TEST_EQ(EXPECTED_VB2_GBB_HEADER_SIZE,
|
||||
sizeof(struct vb2_gbb_header),
|
||||
"sizeof(vb2_gbb_header)");
|
||||
|
||||
/* And make sure they're the same as their vboot1 equivalents */
|
||||
TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE,
|
||||
EXPECTED_VBPUBLICKEY_SIZE,
|
||||
"vboot1->2 packed key sizes same");
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -21,8 +21,6 @@
|
|||
*/
|
||||
static void StructPackingTest(void)
|
||||
{
|
||||
TEST_EQ(EXPECTED_VBPUBLICKEY_SIZE, sizeof(VbPublicKey),
|
||||
"sizeof(VbPublicKey)");
|
||||
TEST_EQ(EXPECTED_VBSIGNATURE_SIZE, sizeof(VbSignature),
|
||||
"sizeof(VbSignature)");
|
||||
TEST_EQ(EXPECTED_VBKEYBLOCKHEADER_SIZE, sizeof(VbKeyBlockHeader),
|
||||
|
@ -43,38 +41,6 @@ static void StructPackingTest(void)
|
|||
/* Helper functions not dependent on specific key sizes */
|
||||
static void VerifyHelperFunctions(void)
|
||||
{
|
||||
{
|
||||
VbPublicKey k = {sizeof(k), 2, 3, 4};
|
||||
TEST_EQ((int)vb2_offset_of(&k, GetPublicKeyData(&k)), sizeof(k),
|
||||
"GetPublicKeyData() adjacent");
|
||||
TEST_EQ((int)vb2_offset_of(&k, GetPublicKeyDataC(&k)), sizeof(k),
|
||||
"GetPublicKeyDataC() adjacent");
|
||||
}
|
||||
|
||||
{
|
||||
VbPublicKey k = {123, 2, 3, 4};
|
||||
TEST_EQ((int)vb2_offset_of(&k, GetPublicKeyData(&k)), 123,
|
||||
"GetPublicKeyData() spaced");
|
||||
TEST_EQ((int)vb2_offset_of(&k, GetPublicKeyDataC(&k)), 123,
|
||||
"GetPublicKeyDataC() spaced");
|
||||
}
|
||||
|
||||
{
|
||||
VbPublicKey k = {sizeof(k), 128, 0, 0};
|
||||
TEST_EQ(VerifyPublicKeyInside(&k, sizeof(k)+128, &k), 0,
|
||||
"PublicKeyInside ok 1");
|
||||
TEST_EQ(VerifyPublicKeyInside(&k - 1, 2*sizeof(k)+128, &k), 0,
|
||||
"PublicKeyInside ok 2");
|
||||
TEST_NEQ(VerifyPublicKeyInside(&k, 128, &k), 0,
|
||||
"PublicKeyInside key too big");
|
||||
}
|
||||
|
||||
{
|
||||
VbPublicKey k = {100, 4, 0, 0};
|
||||
TEST_NEQ(VerifyPublicKeyInside(&k, 99, &k), 0,
|
||||
"PublicKeyInside offset too big");
|
||||
}
|
||||
|
||||
{
|
||||
VbSignature s = {sizeof(s), 128, 2000};
|
||||
TEST_EQ(VerifySignatureInside(&s, sizeof(s)+128, &s), 0,
|
||||
|
@ -95,8 +61,8 @@ static void VerifyHelperFunctions(void)
|
|||
/* Public key utility functions */
|
||||
static void PublicKeyTest(void)
|
||||
{
|
||||
VbPublicKey k[3];
|
||||
VbPublicKey j[5];
|
||||
struct vb2_packed_key k[3];
|
||||
struct vb2_packed_key j[5];
|
||||
|
||||
/* Fill some bits of the public key data */
|
||||
memset(j, 0, sizeof(j));
|
||||
|
@ -104,9 +70,11 @@ static void PublicKeyTest(void)
|
|||
k[1].key_size = 12345;
|
||||
k[2].key_version = 67;
|
||||
|
||||
PublicKeyInit(k, (uint8_t*)(k + 1), 2 * sizeof(VbPublicKey));
|
||||
TEST_EQ(k->key_offset, sizeof(VbPublicKey), "PublicKeyInit key_offset");
|
||||
TEST_EQ(k->key_size, 2 * sizeof(VbPublicKey), "PublicKeyInit key_size");
|
||||
PublicKeyInit(k, (uint8_t*)(k + 1), 2 * sizeof(struct vb2_packed_key));
|
||||
TEST_EQ(k->key_offset, sizeof(struct vb2_packed_key),
|
||||
"PublicKeyInit key_offset");
|
||||
TEST_EQ(k->key_size, 2 * sizeof(struct vb2_packed_key),
|
||||
"PublicKeyInit key_size");
|
||||
TEST_EQ(k->algorithm, VB2_ALG_COUNT, "PublicKeyInit algorithm");
|
||||
TEST_EQ(k->key_version, 0, "PublicKeyInit key_version");
|
||||
|
||||
|
@ -115,17 +83,20 @@ static void PublicKeyTest(void)
|
|||
k->key_version = 21;
|
||||
|
||||
/* Copying to a smaller destination should fail */
|
||||
PublicKeyInit(j, (uint8_t*)(j + 1), 2 * sizeof(VbPublicKey) - 1);
|
||||
PublicKeyInit(j, (uint8_t*)(j + 1),
|
||||
2 * sizeof(struct vb2_packed_key) - 1);
|
||||
TEST_NEQ(0, PublicKeyCopy(j, k), "PublicKeyCopy too small");
|
||||
|
||||
/* Copying to same or larger size should succeed */
|
||||
PublicKeyInit(j, (uint8_t*)(j + 2), 2 * sizeof(VbPublicKey) + 1);
|
||||
PublicKeyInit(j, (uint8_t*)(j + 2),
|
||||
2 * sizeof(struct vb2_packed_key) + 1);
|
||||
TEST_EQ(0, PublicKeyCopy(j, k), "PublicKeyCopy same");
|
||||
/* Offset in destination shouldn't have been modified */
|
||||
TEST_EQ(j->key_offset, 2 * sizeof(VbPublicKey),
|
||||
TEST_EQ(j->key_offset, 2 * sizeof(struct vb2_packed_key),
|
||||
"PublicKeyCopy key_offset");
|
||||
/* Size should have been reduced to match the source */
|
||||
TEST_EQ(k->key_size, 2 * sizeof(VbPublicKey), "PublicKeyCopy key_size");
|
||||
TEST_EQ(k->key_size, 2 * sizeof(struct vb2_packed_key),
|
||||
"PublicKeyCopy key_size");
|
||||
/* Other fields should have been copied */
|
||||
TEST_EQ(k->algorithm, j->algorithm, "PublicKeyCopy algorithm");
|
||||
TEST_EQ(k->key_version, j->key_version, "PublicKeyCopy key_version");
|
||||
|
|
|
@ -62,7 +62,7 @@ static void print_help(const char *progname)
|
|||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
VbPublicKey *kernkey;
|
||||
struct vb2_packed_key *kernkey;
|
||||
uint64_t disk_bytes = 0;
|
||||
int rv;
|
||||
|
||||
|
@ -80,7 +80,7 @@ int main(int argc, char *argv[])
|
|||
}
|
||||
|
||||
/* Read public key */
|
||||
kernkey = (VbPublicKey *)vb2_read_packed_key(argv[2]);
|
||||
kernkey = vb2_read_packed_key(argv[2]);
|
||||
if (!kernkey) {
|
||||
fprintf(stderr, "Can't read key file %s\n", argv[2]);
|
||||
return 1;
|
||||
|
|
|
@ -184,7 +184,8 @@ int main(int argc, char* argv[]) {
|
|||
}
|
||||
/* Copy in the key blob, if any */
|
||||
if (key_blob) {
|
||||
if (0 != VbSharedDataSetKernelKey(shared, (VbPublicKey*)key_blob)) {
|
||||
if (0 != VbSharedDataSetKernelKey(shared,
|
||||
(struct vb2_packed_key *)key_blob)) {
|
||||
fprintf(stderr, "Unable to set key in shared data\n");
|
||||
return 1;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue