blob: c009c2b1d872a4bb3d686f286063466227ff5cc3 [file] [log] [blame]
Randall Spanglerd274a2e2014-10-23 17:38:18 -07001/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Key unpacking functions
6 */
7
8#include "2sysincludes.h"
9#include "2common.h"
10#include "2rsa.h"
11
12const uint8_t *vb2_packed_key2_data(const struct vb2_packed_key2 *key)
13{
14 return (const uint8_t *)key + key->key_offset;
15}
16
Randall Spanglerd274a2e2014-10-23 17:38:18 -070017int vb2_unpack_key2(struct vb2_public_key *key,
18 const uint8_t *buf,
19 uint32_t size)
20{
21 const struct vb2_packed_key2 *pkey =
22 (const struct vb2_packed_key2 *)buf;
23 const uint32_t *buf32;
24 uint32_t expected_key_size;
25 uint32_t sig_size;
Randall Spangler6b5b8f62014-10-31 15:18:48 -070026 uint32_t min_offset = 0;
Randall Spanglerd274a2e2014-10-23 17:38:18 -070027 int rv;
28
29 /*
30 * Check magic number.
31 *
32 * If it doesn't match, pass through to the old packed key format.
33 *
34 * TODO: remove passthru when signing scripts have switched over to
35 * use the new format.
36 */
37 if (pkey->c.magic != VB2_MAGIC_PACKED_KEY2)
38 return vb2_unpack_key(key, buf, size);
39
Randall Spangler6b5b8f62014-10-31 15:18:48 -070040 rv = vb2_verify_common_header(buf, size);
41 if (rv)
42 return rv;
43
44 /* Make sure key data is inside */
45 rv = vb2_verify_common_member(pkey, &min_offset,
46 pkey->key_offset, pkey->key_size);
Randall Spanglerd274a2e2014-10-23 17:38:18 -070047 if (rv)
48 return rv;
49
50 /*
51 * Check for compatible version. No need to check minor version, since
52 * that's compatible across readers matching the major version, and we
53 * haven't added any new fields.
54 */
55 if (pkey->c.struct_version_major != VB2_PACKED_KEY2_VERSION_MAJOR)
56 return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION;
57
58 /* Copy key algorithms */
Randall Spangler6300a642014-11-01 15:55:26 -070059 key->sig_alg = pkey->sig_alg;
Randall Spanglerd274a2e2014-10-23 17:38:18 -070060 sig_size = vb2_rsa_sig_size(key->sig_alg);
61 if (!sig_size)
62 return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
63
Randall Spangler6300a642014-11-01 15:55:26 -070064 key->hash_alg = pkey->hash_alg;
Randall Spanglerd274a2e2014-10-23 17:38:18 -070065 if (!vb2_digest_size(key->hash_alg))
66 return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
67
68 expected_key_size = vb2_packed_key_size(key->sig_alg);
69 if (!expected_key_size || expected_key_size != pkey->key_size) {
70 VB2_DEBUG("Wrong key size for algorithm\n");
71 return VB2_ERROR_UNPACK_KEY_SIZE;
72 }
73
Randall Spangler6b5b8f62014-10-31 15:18:48 -070074 /* Unpack key data */
Randall Spanglerd274a2e2014-10-23 17:38:18 -070075 buf32 = (const uint32_t *)vb2_packed_key2_data(pkey);
Randall Spanglerd274a2e2014-10-23 17:38:18 -070076
77 /* Sanity check key array size */
78 key->arrsize = buf32[0];
79 if (key->arrsize * sizeof(uint32_t) != sig_size)
80 return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE;
81
82 key->n0inv = buf32[1];
83
84 /* Arrays point inside the key data */
85 key->n = buf32 + 2;
86 key->rr = buf32 + 2 + key->arrsize;
87
88 /* Key description */
89 if (pkey->c.desc_size)
Randall Spangler6f7f5df2014-10-31 11:47:52 -070090 key->desc = (const char *)&(pkey->c) + pkey->c.fixed_size;
Randall Spanglerd274a2e2014-10-23 17:38:18 -070091 else
92 key->desc = "";
93
94 key->version = pkey->key_version;
Randall Spanglerfe211722014-11-06 11:27:46 -080095 key->guid = &pkey->guid;
Randall Spanglerd274a2e2014-10-23 17:38:18 -070096
97 return VB2_SUCCESS;
98}