/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved. * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. * * Host functions for verified boot. * * TODO: change all 'return 0', 'return 1' into meaningful return codes. */ #include <string.h> #include "host_common.h" #include "cryptolib.h" #include "utility.h" #include "vboot_common.h" VbFirmwarePreambleHeader *CreateFirmwarePreamble( uint64_t firmware_version, const VbPublicKey *kernel_subkey, const VbSignature *body_signature, const VbPrivateKey *signing_key, uint32_t flags) { VbFirmwarePreambleHeader *h; uint64_t signed_size = (sizeof(VbFirmwarePreambleHeader) + kernel_subkey->key_size + body_signature->sig_size); uint64_t block_size = signed_size + siglen_map[signing_key->algorithm]; uint8_t *kernel_subkey_dest; uint8_t *body_sig_dest; uint8_t *block_sig_dest; VbSignature *sigtmp; /* Allocate key block */ h = (VbFirmwarePreambleHeader *)malloc(block_size); if (!h) return NULL; Memset(h, 0, block_size); kernel_subkey_dest = (uint8_t *)(h + 1); body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size; block_sig_dest = body_sig_dest + body_signature->sig_size; h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR; h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR; h->preamble_size = block_size; h->firmware_version = firmware_version; h->flags = flags; /* Copy data key */ PublicKeyInit(&h->kernel_subkey, kernel_subkey_dest, kernel_subkey->key_size); PublicKeyCopy(&h->kernel_subkey, kernel_subkey); /* Copy body signature */ SignatureInit(&h->body_signature, body_sig_dest, body_signature->sig_size, 0); SignatureCopy(&h->body_signature, body_signature); /* Set up signature struct so we can calculate the signature */ SignatureInit(&h->preamble_signature, block_sig_dest, siglen_map[signing_key->algorithm], signed_size); /* Calculate signature */ sigtmp = CalculateSignature((uint8_t *)h, signed_size, signing_key); SignatureCopy(&h->preamble_signature, sigtmp); free(sigtmp); /* Return the header */ return h; } VbKernelPreambleHeader *CreateKernelPreamble( uint64_t kernel_version, uint64_t body_load_address, uint64_t bootloader_address, uint64_t bootloader_size, const VbSignature *body_signature, uint64_t vmlinuz_header_address, uint64_t vmlinuz_header_size, uint32_t flags, uint64_t desired_size, const VbPrivateKey *signing_key) { VbKernelPreambleHeader *h; uint64_t signed_size = (sizeof(VbKernelPreambleHeader) + body_signature->sig_size); uint64_t block_size = signed_size + siglen_map[signing_key->algorithm]; uint8_t *body_sig_dest; uint8_t *block_sig_dest; VbSignature *sigtmp; /* If the block size is smaller than the desired size, pad it */ if (block_size < desired_size) block_size = desired_size; /* Allocate key block */ h = (VbKernelPreambleHeader *)malloc(block_size); if (!h) return NULL; Memset(h, 0, block_size); body_sig_dest = (uint8_t *)(h + 1); block_sig_dest = body_sig_dest + body_signature->sig_size; h->header_version_major = KERNEL_PREAMBLE_HEADER_VERSION_MAJOR; h->header_version_minor = KERNEL_PREAMBLE_HEADER_VERSION_MINOR; h->preamble_size = block_size; h->kernel_version = kernel_version; h->body_load_address = body_load_address; h->bootloader_address = bootloader_address; h->bootloader_size = bootloader_size; h->vmlinuz_header_address = vmlinuz_header_address; h->vmlinuz_header_size = vmlinuz_header_size; h->flags = flags; /* Copy body signature */ SignatureInit(&h->body_signature, body_sig_dest, body_signature->sig_size, 0); SignatureCopy(&h->body_signature, body_signature); /* Set up signature struct so we can calculate the signature */ SignatureInit(&h->preamble_signature, block_sig_dest, siglen_map[signing_key->algorithm], signed_size); /* Calculate signature */ sigtmp = CalculateSignature((uint8_t *)h, signed_size, signing_key); SignatureCopy(&h->preamble_signature, sigtmp); free(sigtmp); /* Return the header */ return h; }