blob: c3ba044e8b4cf650e2e6aed3aa188ffea33b6d38 [file] [log] [blame]
Randall Spangler8fd1aaf2013-01-25 10:14:10 -08001/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
Randall Spanglerd1836442010-06-10 09:59:04 -07002 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Host functions for verified boot.
6 */
7
Bill Richardson2448d3b2012-05-03 08:40:44 -07008#include <string.h>
Randall Spanglerd1836442010-06-10 09:59:04 -07009
Randall Spanglerd46461c2016-06-22 16:46:23 -070010#include "2sysincludes.h"
11#include "2common.h"
12#include "2rsa.h"
Randall Spanglerd1836442010-06-10 09:59:04 -070013#include "host_common.h"
Randall Spanglerd46461c2016-06-22 16:46:23 -070014#include "host_key2.h"
Randall Spanglerd1836442010-06-10 09:59:04 -070015#include "utility.h"
Randall Spanglera62ffa82016-06-30 11:24:24 -070016#include "vb2_common.h"
Randall Spanglerd1836442010-06-10 09:59:04 -070017#include "vboot_common.h"
18
Randall Spanglera62ffa82016-06-30 11:24:24 -070019struct vb2_fw_preamble *vb2_create_fw_preamble(
20 uint32_t firmware_version,
21 const struct vb2_packed_key *kernel_subkey,
22 const struct vb2_signature *body_signature,
23 const struct vb2_private_key *signing_key,
24 uint32_t flags)
25{
26 uint32_t signed_size = (sizeof(struct vb2_fw_preamble) +
27 kernel_subkey->key_size +
28 body_signature->sig_size);
29 uint32_t block_size = signed_size +
30 vb2_rsa_sig_size(signing_key->sig_alg);
31
32 /* Allocate key block */
33 struct vb2_fw_preamble *h =
34 (struct vb2_fw_preamble *)calloc(block_size, 1);
35 if (!h)
36 return NULL;
37
38 uint8_t *kernel_subkey_dest = (uint8_t *)(h + 1);
39 uint8_t *body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size;
40 uint8_t *block_sig_dest = body_sig_dest + body_signature->sig_size;
41
42 h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR;
43 h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR;
44 h->preamble_size = block_size;
45 h->firmware_version = firmware_version;
46 h->flags = flags;
47
48 /* Copy data key */
49 vb2_init_packed_key(&h->kernel_subkey, kernel_subkey_dest,
50 kernel_subkey->key_size);
51 if (VB2_SUCCESS !=
52 vb2_copy_packed_key(&h->kernel_subkey, kernel_subkey)) {
53 free(h);
54 return NULL;
55 }
56
57 /* Copy body signature */
58 vb2_init_signature(&h->body_signature,
59 body_sig_dest, body_signature->sig_size, 0);
60 if (VB2_SUCCESS !=
61 vb2_copy_signature(&h->body_signature, body_signature)) {
62 free(h);
63 return NULL;
64 }
65
66 /* Set up signature struct so we can calculate the signature */
67 vb2_init_signature(&h->preamble_signature, block_sig_dest,
68 vb2_rsa_sig_size(signing_key->sig_alg), signed_size);
69
70 /* Calculate signature */
71 struct vb2_signature *sig =
72 vb2_calculate_signature((uint8_t *)h, signed_size, signing_key);
73 vb2_copy_signature(&h->preamble_signature, sig);
74 free(sig);
75
76 /* Return the header */
77 return h;
78}
79
80struct vb2_kernel_preamble *vb2_create_kernel_preamble(
81 uint32_t kernel_version,
Randall Spangler8fd1aaf2013-01-25 10:14:10 -080082 uint64_t body_load_address,
83 uint64_t bootloader_address,
Randall Spanglera62ffa82016-06-30 11:24:24 -070084 uint32_t bootloader_size,
85 const struct vb2_signature *body_signature,
Shelley Chenf1f53b32015-01-08 09:13:44 -080086 uint64_t vmlinuz_header_address,
Randall Spanglera62ffa82016-06-30 11:24:24 -070087 uint32_t vmlinuz_header_size,
Furquan Shaikh80e779d2015-02-03 15:34:29 -080088 uint32_t flags,
Randall Spanglera62ffa82016-06-30 11:24:24 -070089 uint32_t desired_size,
Randall Spanglerd46461c2016-06-22 16:46:23 -070090 const struct vb2_private_key *signing_key)
Randall Spangler8fd1aaf2013-01-25 10:14:10 -080091{
Randall Spanglera62ffa82016-06-30 11:24:24 -070092 uint64_t signed_size = (sizeof(struct vb2_kernel_preamble) +
Randall Spangler8fd1aaf2013-01-25 10:14:10 -080093 body_signature->sig_size);
Randall Spanglerd46461c2016-06-22 16:46:23 -070094 uint32_t sig_size = vb2_rsa_sig_size(signing_key->sig_alg);
Randall Spanglera62ffa82016-06-30 11:24:24 -070095 uint32_t block_size = signed_size + sig_size;
Randall Spanglerd1836442010-06-10 09:59:04 -070096
Randall Spangler8fd1aaf2013-01-25 10:14:10 -080097 /* If the block size is smaller than the desired size, pad it */
98 if (block_size < desired_size)
99 block_size = desired_size;
Randall Spanglerd1836442010-06-10 09:59:04 -0700100
Randall Spangler8fd1aaf2013-01-25 10:14:10 -0800101 /* Allocate key block */
Randall Spanglera62ffa82016-06-30 11:24:24 -0700102 struct vb2_kernel_preamble *h =
103 (struct vb2_kernel_preamble *)calloc(block_size, 1);
Randall Spangler8fd1aaf2013-01-25 10:14:10 -0800104 if (!h)
105 return NULL;
Randall Spanglerd1836442010-06-10 09:59:04 -0700106
Randall Spanglera62ffa82016-06-30 11:24:24 -0700107 uint8_t *body_sig_dest = (uint8_t *)(h + 1);
108 uint8_t *block_sig_dest = body_sig_dest + body_signature->sig_size;
Randall Spanglerd1836442010-06-10 09:59:04 -0700109
Randall Spangler8fd1aaf2013-01-25 10:14:10 -0800110 h->header_version_major = KERNEL_PREAMBLE_HEADER_VERSION_MAJOR;
111 h->header_version_minor = KERNEL_PREAMBLE_HEADER_VERSION_MINOR;
112 h->preamble_size = block_size;
113 h->kernel_version = kernel_version;
114 h->body_load_address = body_load_address;
115 h->bootloader_address = bootloader_address;
116 h->bootloader_size = bootloader_size;
Shelley Chenf1f53b32015-01-08 09:13:44 -0800117 h->vmlinuz_header_address = vmlinuz_header_address;
118 h->vmlinuz_header_size = vmlinuz_header_size;
Furquan Shaikh80e779d2015-02-03 15:34:29 -0800119 h->flags = flags;
Randall Spanglerd1836442010-06-10 09:59:04 -0700120
Randall Spangler8fd1aaf2013-01-25 10:14:10 -0800121 /* Copy body signature */
Randall Spanglera62ffa82016-06-30 11:24:24 -0700122 vb2_init_signature(&h->body_signature, body_sig_dest,
123 body_signature->sig_size, 0);
124 vb2_copy_signature(&h->body_signature, body_signature);
Randall Spanglerd1836442010-06-10 09:59:04 -0700125
Randall Spangler8fd1aaf2013-01-25 10:14:10 -0800126 /* Set up signature struct so we can calculate the signature */
Randall Spanglera62ffa82016-06-30 11:24:24 -0700127 vb2_init_signature(&h->preamble_signature, block_sig_dest,
128 sig_size, signed_size);
Randall Spanglerd1836442010-06-10 09:59:04 -0700129
Randall Spangler8fd1aaf2013-01-25 10:14:10 -0800130 /* Calculate signature */
Randall Spanglerd46461c2016-06-22 16:46:23 -0700131 struct vb2_signature *sigtmp =
132 vb2_calculate_signature((uint8_t *)h, signed_size, signing_key);
Randall Spanglera62ffa82016-06-30 11:24:24 -0700133 vb2_copy_signature(&h->preamble_signature, sigtmp);
Randall Spangler8fd1aaf2013-01-25 10:14:10 -0800134 free(sigtmp);
Randall Spanglerd1836442010-06-10 09:59:04 -0700135
Randall Spangler8fd1aaf2013-01-25 10:14:10 -0800136 /* Return the header */
137 return h;
Randall Spanglerd1836442010-06-10 09:59:04 -0700138}