vboot: move vboot 2.1 functions and structs into host code
These structs and functions need to stick around for futility
to use, but they are no longer supported in firmware code.
Rename host/lib21/include/* files to end in 21 instead of 2.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I01e181e2f03553d60724fbdc826f5ada63777303
Cq-Depend: chromium:1969172
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1963621
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
diff --git a/Makefile b/Makefile
index 1df8e3d..114de23 100644
--- a/Makefile
+++ b/Makefile
@@ -337,7 +337,7 @@
# TPM commands and various external functions that are provided by the BIOS.
ifeq (${FIRMWARE_ARCH},)
INCLUDES += -Ihost/include -Ihost/lib/include
-INCLUDES += -Ihost/lib21/include -Ifirmware/lib21/include
+INCLUDES += -Ihost/lib21/include
endif
# Firmware library, used by the other firmware components (depthcharge,
@@ -348,7 +348,6 @@
# Separate TPM lightweight command library (TLCL)
TLCL = ${BUILD}/tlcl.a
-# Additional firmware library sources needed by VbSelectAndLoadKernel() call
FWLIB_SRCS = \
firmware/lib/cgptlib/cgptlib.c \
firmware/lib/cgptlib/cgptlib_internal.c \
@@ -364,7 +363,6 @@
firmware/lib/vboot_ui_menu.c \
firmware/lib/vboot_ui_wilco.c
-# Code common to both vboot 2.0 (old structs) and 2.1 (new structs)
FWLIB2X_SRCS = \
firmware/2lib/2api.c \
firmware/2lib/2auxfw_sync.c \
@@ -392,10 +390,6 @@
firmware/lib20/misc.c \
firmware/lib20/packed_key.c
-FWLIB21_SRCS = \
- firmware/lib21/common.c \
- firmware/lib21/packed_key.c
-
# TPM lightweight command library
ifeq (${TPM2_MODE},)
TLCL_SRCS = \
@@ -438,10 +432,8 @@
FWLIB_OBJS = ${FWLIB_SRCS:%.c=${BUILD}/%.o}
FWLIB2X_OBJS = ${FWLIB2X_SRCS:%.c=${BUILD}/%.o}
FWLIB20_OBJS = ${FWLIB20_SRCS:%.c=${BUILD}/%.o}
-FWLIB21_OBJS = ${FWLIB21_SRCS:%.c=${BUILD}/%.o}
TLCL_OBJS = ${TLCL_SRCS:%.c=${BUILD}/%.o}
-ALL_OBJS += ${FWLIB_OBJS} ${FWLIB2X_OBJS} ${FWLIB20_OBJS} ${FWLIB21_OBJS} \
- ${TLCL_OBJS}
+ALL_OBJS += ${FWLIB_OBJS} ${FWLIB2X_OBJS} ${FWLIB20_OBJS} ${TLCL_OBJS}
# Intermediate library for the vboot_reference utilities to link against.
UTILLIB = ${BUILD}/libvboot_util.a
@@ -469,6 +461,7 @@
host/lib/signature_digest.c \
host/lib/subprocess.c \
host/lib/util_misc.c \
+ host/lib21/host_common.c \
host/lib21/host_key.c \
host/lib21/host_misc.c \
host/lib21/host_signature.c
@@ -655,7 +648,7 @@
FUTIL_OBJS = ${FUTIL_SRCS:%.c=${BUILD}/%.o} ${FUTIL_CMD_LIST:%.c=%.o}
-${FUTIL_OBJS}: INCLUDES += -Ihost/lib21/include -Ifirmware/lib21/include
+${FUTIL_OBJS}: INCLUDES += -Ihost/lib21/include
ALL_OBJS += ${FUTIL_OBJS}
@@ -729,8 +722,8 @@
tests/vb20_verify_fw
TEST21_NAMES = \
- tests/vb21_common_tests \
- tests/vb21_common2_tests \
+ tests/vb21_host_common2_tests \
+ tests/vb21_host_common_tests \
tests/vb21_host_key_tests \
tests/vb21_host_misc_tests \
tests/vb21_host_sig_tests
@@ -866,7 +859,7 @@
# TODO: better way to make .a than duplicating this recipe each time?
${UTILLIB}: ${UTILLIB_OBJS} ${FWLIB_OBJS} ${FWLIB2X_OBJS} ${FWLIB20_OBJS} \
- ${FWLIB21_OBJS} ${TLCL_OBJS}
+ ${TLCL_OBJS}
@${PRINTF} " RM $(subst ${BUILD}/,,$@)\n"
${Q}rm -f $@
@${PRINTF} " AR $(subst ${BUILD}/,,$@)\n"
@@ -1231,8 +1224,8 @@
${RUNTEST} ${BUILD_RUN}/tests/vb20_api_kernel_tests
${RUNTEST} ${BUILD_RUN}/tests/vb20_kernel_tests
${RUNTEST} ${BUILD_RUN}/tests/vb20_misc_tests
- ${RUNTEST} ${BUILD_RUN}/tests/vb21_common_tests
- ${RUNTEST} ${BUILD_RUN}/tests/vb21_common2_tests ${TEST_KEYS}
+ ${RUNTEST} ${BUILD_RUN}/tests/vb21_host_common_tests
+ ${RUNTEST} ${BUILD_RUN}/tests/vb21_host_common2_tests ${TEST_KEYS}
${RUNTEST} ${BUILD_RUN}/tests/vb21_host_key_tests ${TEST_KEYS} ${BUILD}
${RUNTEST} ${BUILD_RUN}/tests/vb21_host_misc_tests ${BUILD}
${RUNTEST} ${BUILD_RUN}/tests/vb21_host_sig_tests ${TEST_KEYS}
@@ -1250,7 +1243,7 @@
runlongtests: install_for_test genkeys genfuzztestcases
${RUNTEST} ${BUILD_RUN}/tests/vb2_common2_tests ${TEST_KEYS} --all
${RUNTEST} ${BUILD_RUN}/tests/vb2_common3_tests ${TEST_KEYS} --all
- ${RUNTEST} ${BUILD_RUN}/tests/vb21_common2_tests ${TEST_KEYS} --all
+ ${RUNTEST} ${BUILD_RUN}/tests/vb21_host_common2_tests ${TEST_KEYS} --all
tests/run_preamble_tests.sh --all
tests/run_vbutil_tests.sh --all
diff --git a/firmware/README b/firmware/README
index 754edf1..e5d5256 100644
--- a/firmware/README
+++ b/firmware/README
@@ -34,10 +34,3 @@
This was deployed slightly before it was ready. That's not a problem,
thanks to the binary compatibility, but this directory will be abandoned
Real Soon Now, except for the product support branches.
-
-lib21/
-
- This is where the current development of the second-generation vboot API
- is taking place. It uses the public (2lib/) API, but will NOT be binary
- compatible with vboot1 structs. Because of the early release of the lib20
- stuff, we're actually calling this lib21.
diff --git a/firmware/lib21/packed_key.c b/firmware/lib21/packed_key.c
deleted file mode 100644
index bb6eb04..0000000
--- a/firmware/lib21/packed_key.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Key unpacking functions
- */
-
-#include "2common.h"
-#include "2rsa.h"
-#include "2sysincludes.h"
-#include "vb21_common.h"
-
-vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key,
- const uint8_t *key_data, uint32_t key_size)
-{
- const uint32_t *buf32 = (const uint32_t *)key_data;
- uint32_t expected_key_size = vb2_packed_key_size(key->sig_alg);
-
- /* Make sure buffer is the correct length */
- if (!expected_key_size || expected_key_size != key_size) {
- VB2_DEBUG("Wrong key size for algorithm\n");
- return VB2_ERROR_UNPACK_KEY_SIZE;
- }
-
- /* Check for alignment */
- if (!vb2_aligned(buf32, sizeof(uint32_t)))
- return VB2_ERROR_UNPACK_KEY_ALIGN;
-
- key->arrsize = buf32[0];
-
- /* Sanity check key array size */
- if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg))
- return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE;
-
- key->n0inv = buf32[1];
-
- /* Arrays point inside the key data */
- key->n = buf32 + 2;
- key->rr = buf32 + 2 + key->arrsize;
-
- return VB2_SUCCESS;
-}
-
-vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf,
- uint32_t size)
-{
- const struct vb21_packed_key *pkey =
- (const struct vb21_packed_key *)buf;
- uint32_t sig_size;
- uint32_t min_offset = 0;
- vb2_error_t rv;
-
- /* Check magic number */
- if (pkey->c.magic != VB21_MAGIC_PACKED_KEY)
- return VB2_ERROR_UNPACK_KEY_MAGIC;
-
- rv = vb21_verify_common_header(buf, size);
- if (rv)
- return rv;
-
- /* Make sure key data is inside */
- rv = vb21_verify_common_member(pkey, &min_offset,
- pkey->key_offset, pkey->key_size);
- if (rv)
- return rv;
-
- /*
- * Check for compatible version. No need to check minor version, since
- * that's compatible across readers matching the major version, and we
- * haven't added any new fields.
- */
- if (pkey->c.struct_version_major != VB21_PACKED_KEY_VERSION_MAJOR)
- return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION;
-
- /* Copy key algorithms */
- key->hash_alg = pkey->hash_alg;
- if (!vb2_digest_size(key->hash_alg))
- return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
-
- key->sig_alg = pkey->sig_alg;
- if (key->sig_alg != VB2_SIG_NONE) {
- sig_size = vb2_rsa_sig_size(key->sig_alg);
- if (!sig_size)
- return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
- rv = vb2_unpack_key_data(
- key,
- (const uint8_t *)pkey + pkey->key_offset,
- pkey->key_size);
- if (rv)
- return rv;
- }
-
- /* Key description */
- key->desc = vb21_common_desc(pkey);
- key->version = pkey->key_version;
- key->id = &pkey->id;
-
- return VB2_SUCCESS;
-}
diff --git a/futility/cmd_create.c b/futility/cmd_create.c
index a3cb8b5..2f7a8d5 100644
--- a/futility/cmd_create.c
+++ b/futility/cmd_create.c
@@ -16,12 +16,12 @@
#include "2sysincludes.h"
#include "futility.h"
#include "futility_options.h"
-#include "host_key2.h"
+#include "host_common21.h"
#include "host_key.h"
-#include "host_misc2.h"
+#include "host_key21.h"
+#include "host_misc21.h"
#include "openssl_compat.h"
#include "util_misc.h"
-#include "vb21_common.h"
#include "vb2_common.h"
/* Command line options */
diff --git a/futility/cmd_show.c b/futility/cmd_show.c
index 402b133..f3b9163 100644
--- a/futility/cmd_show.c
+++ b/futility/cmd_show.c
@@ -28,7 +28,7 @@
#include "futility.h"
#include "futility_options.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
#include "util_misc.h"
#include "vb1_helper.h"
#include "vb2_common.h"
diff --git a/futility/cmd_sign.c b/futility/cmd_sign.c
index 117a653..980e6d1 100644
--- a/futility/cmd_sign.c
+++ b/futility/cmd_sign.c
@@ -18,17 +18,17 @@
#include <unistd.h>
#include "2common.h"
-#include "file_type_bios.h"
#include "file_type.h"
+#include "file_type_bios.h"
#include "fmap.h"
#include "futility.h"
#include "futility_options.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_common21.h"
+#include "host_key21.h"
#include "kernel_blob.h"
#include "util_misc.h"
#include "vb1_helper.h"
-#include "vb21_common.h"
#include "vb2_common.h"
/* Options */
diff --git a/futility/cmd_vbutil_firmware.c b/futility/cmd_vbutil_firmware.c
index d5a8686..7659ed2 100644
--- a/futility/cmd_vbutil_firmware.c
+++ b/futility/cmd_vbutil_firmware.c
@@ -18,7 +18,7 @@
#include "2sysincludes.h"
#include "futility.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
#include "kernel_blob.h"
#include "util_misc.h"
#include "vb1_helper.h"
diff --git a/futility/cmd_vbutil_key.c b/futility/cmd_vbutil_key.c
index b0b7675..0d81254 100644
--- a/futility/cmd_vbutil_key.c
+++ b/futility/cmd_vbutil_key.c
@@ -14,7 +14,7 @@
#include "futility.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
#include "util_misc.h"
#include "vb1_helper.h"
#include "vb2_common.h"
diff --git a/futility/cmd_vbutil_keyblock.c b/futility/cmd_vbutil_keyblock.c
index 2be7a85..977b4aa 100644
--- a/futility/cmd_vbutil_keyblock.c
+++ b/futility/cmd_vbutil_keyblock.c
@@ -16,7 +16,7 @@
#include "2sysincludes.h"
#include "futility.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
#include "util_misc.h"
#include "vb1_helper.h"
#include "vb2_common.h"
diff --git a/futility/file_type_rwsig.c b/futility/file_type_rwsig.c
index bcccb2d..a09782c 100644
--- a/futility/file_type_rwsig.c
+++ b/futility/file_type_rwsig.c
@@ -23,11 +23,11 @@
#include "futility.h"
#include "futility_options.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_common21.h"
+#include "host_key21.h"
#include "host_misc.h"
-#include "host_signature2.h"
+#include "host_signature21.h"
#include "util_misc.h"
-#include "vb21_common.h"
#define SIGNATURE_RSVD_SIZE 1024
#define EC_RW_FILENAME "EC_RW.bin"
diff --git a/futility/file_type_usbpd1.c b/futility/file_type_usbpd1.c
index 42cb62c..658b48c 100644
--- a/futility/file_type_usbpd1.c
+++ b/futility/file_type_usbpd1.c
@@ -24,10 +24,10 @@
#include "futility.h"
#include "futility_options.h"
#include "host_common.h"
-#include "host_key2.h"
-#include "host_signature2.h"
+#include "host_common21.h"
+#include "host_key21.h"
+#include "host_signature21.h"
#include "util_misc.h"
-#include "vb21_common.h"
/* Return 1 if okay, 0 if not */
static int parse_size_opts(uint32_t len,
diff --git a/futility/vb2_helper.c b/futility/vb2_helper.c
index f5b7978..fb0362a 100644
--- a/futility/vb2_helper.c
+++ b/futility/vb2_helper.c
@@ -14,11 +14,11 @@
#include "futility.h"
#include "futility_options.h"
#include "host_common.h"
-#include "host_key2.h"
-#include "host_misc2.h"
+#include "host_common21.h"
+#include "host_key21.h"
+#include "host_misc21.h"
#include "openssl_compat.h"
#include "util_misc.h"
-#include "vb21_common.h"
int vb2_lookup_hash_alg(const char *str, enum vb2_hash_algorithm *alg)
{
diff --git a/host/lib/host_common.c b/host/lib/host_common.c
index 1833c62..00f9100 100644
--- a/host/lib/host_common.c
+++ b/host/lib/host_common.c
@@ -11,7 +11,7 @@
#include "2rsa.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
#include "utility.h"
#include "vb2_common.h"
diff --git a/host/lib/host_key2.c b/host/lib/host_key2.c
index 5849cf7..6984c67 100644
--- a/host/lib/host_key2.c
+++ b/host/lib/host_key2.c
@@ -16,7 +16,7 @@
#include "2sha.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
#include "host_key.h"
#include "host_misc.h"
#include "vb2_common.h"
@@ -296,3 +296,34 @@
return VB2_SUCCESS;
}
+
+vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key,
+ const uint8_t *key_data, uint32_t key_size)
+{
+ const uint32_t *buf32 = (const uint32_t *)key_data;
+ uint32_t expected_key_size = vb2_packed_key_size(key->sig_alg);
+
+ /* Make sure buffer is the correct length */
+ if (!expected_key_size || expected_key_size != key_size) {
+ VB2_DEBUG("Wrong key size for algorithm\n");
+ return VB2_ERROR_UNPACK_KEY_SIZE;
+ }
+
+ /* Check for alignment */
+ if (!vb2_aligned(buf32, sizeof(uint32_t)))
+ return VB2_ERROR_UNPACK_KEY_ALIGN;
+
+ key->arrsize = buf32[0];
+
+ /* Sanity check key array size */
+ if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg))
+ return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE;
+
+ key->n0inv = buf32[1];
+
+ /* Arrays point inside the key data */
+ key->n = buf32 + 2;
+ key->rr = buf32 + 2 + key->arrsize;
+
+ return VB2_SUCCESS;
+}
diff --git a/host/lib/host_keyblock.c b/host/lib/host_keyblock.c
index 522e87a..a7dbede 100644
--- a/host/lib/host_keyblock.c
+++ b/host/lib/host_keyblock.c
@@ -14,7 +14,7 @@
#include "2rsa.h"
#include "2sha.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
#include "host_keyblock.h"
#include "host_key.h"
#include "vb2_common.h"
diff --git a/host/lib/host_signature.c b/host/lib/host_signature.c
index 8cea9f4..db536c6 100644
--- a/host/lib/host_signature.c
+++ b/host/lib/host_signature.c
@@ -20,7 +20,7 @@
#include "2sha.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_signature2.h"
+#include "host_signature21.h"
#include "vb2_common.h"
/* Invoke [external_signer] command with [pem_file] as an argument, contents of
diff --git a/host/lib/host_signature2.c b/host/lib/host_signature2.c
index 6bc900d..f7caa71 100644
--- a/host/lib/host_signature2.c
+++ b/host/lib/host_signature2.c
@@ -20,8 +20,8 @@
#include "2sha.h"
#include "file_keys.h"
#include "host_common.h"
-#include "host_key2.h"
-#include "host_signature2.h"
+#include "host_key21.h"
+#include "host_signature21.h"
#include "vb2_common.h"
struct vb2_signature *vb2_alloc_signature(uint32_t sig_size,
diff --git a/host/lib/include/host_common.h b/host/lib/include/host_common.h
index 7fde53b..5fcc5c5 100644
--- a/host/lib/include/host_common.h
+++ b/host/lib/include/host_common.h
@@ -9,7 +9,7 @@
#define VBOOT_REFERENCE_HOST_COMMON_H_
#include "host_key.h"
-#include "host_key2.h"
+#include "host_key21.h"
#include "host_keyblock.h"
#include "host_misc.h"
#include "host_signature.h"
diff --git a/host/lib/include/host_key.h b/host/lib/include/host_key.h
index 2679272..9b594c6 100644
--- a/host/lib/include/host_key.h
+++ b/host/lib/include/host_key.h
@@ -11,6 +11,7 @@
#include "2crypto.h"
#include "2return_codes.h"
+struct vb2_public_key;
struct vb2_packed_key;
struct vb2_private_key;
@@ -146,4 +147,17 @@
vb2_error_t vb2_write_packed_key(const char *filename,
const struct vb2_packed_key *key);
+/**
+ * Unpack the RSA data fields for a public key
+ *
+ * This is called by vb21_unpack_key() to extract the arrays from a packed key.
+ * These elements of *key will point inside the key_data buffer.
+ *
+ * @param key Destination key for RSA data fields
+ * @param key_data Packed key data (from inside a packed key buffer)
+ * @param key_size Size of packed key data in bytes
+ */
+vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key,
+ const uint8_t *key_data, uint32_t key_size);
+
#endif /* VBOOT_REFERENCE_HOST_KEY_H_ */
diff --git a/host/lib/signature_digest.c b/host/lib/signature_digest.c
index b480798..f6be00a 100644
--- a/host/lib/signature_digest.c
+++ b/host/lib/signature_digest.c
@@ -14,7 +14,7 @@
#include "2sha.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_signature2.h"
+#include "host_signature21.h"
#include "signature_digest.h"
uint8_t* PrependDigestInfo(enum vb2_hash_algorithm hash_alg, uint8_t* digest)
diff --git a/host/lib/util_misc.c b/host/lib/util_misc.c
index 8b9388a..c99947f 100644
--- a/host/lib/util_misc.c
+++ b/host/lib/util_misc.c
@@ -17,7 +17,7 @@
#include "2sha.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
#include "openssl_compat.h"
#include "util_misc.h"
#include "vb2_common.h"
diff --git a/firmware/lib21/common.c b/host/lib21/host_common.c
similarity index 99%
rename from firmware/lib21/common.c
rename to host/lib21/host_common.c
index 19f07bc..245b188 100644
--- a/firmware/lib21/common.c
+++ b/host/lib21/host_common.c
@@ -9,7 +9,7 @@
#include "2rsa.h"
#include "2sha.h"
#include "2sysincludes.h"
-#include "vb21_common.h"
+#include "host_common21.h"
const char *vb21_common_desc(const void *buf)
{
diff --git a/host/lib21/host_key.c b/host/lib21/host_key.c
index 34e5a63..6e3a276 100644
--- a/host/lib21/host_key.c
+++ b/host/lib21/host_key.c
@@ -14,10 +14,10 @@
#include "2sha.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_common21.h"
+#include "host_key21.h"
#include "host_misc.h"
#include "openssl_compat.h"
-#include "vb21_common.h"
const struct vb2_text_vs_enum vb2_text_vs_sig[] = {
{"RSA1024", VB2_SIG_RSA1024},
@@ -651,3 +651,60 @@
free(pkey);
return ret;
}
+
+vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf,
+ uint32_t size)
+{
+ const struct vb21_packed_key *pkey =
+ (const struct vb21_packed_key *)buf;
+ uint32_t sig_size;
+ uint32_t min_offset = 0;
+ vb2_error_t rv;
+
+ /* Check magic number */
+ if (pkey->c.magic != VB21_MAGIC_PACKED_KEY)
+ return VB2_ERROR_UNPACK_KEY_MAGIC;
+
+ rv = vb21_verify_common_header(buf, size);
+ if (rv)
+ return rv;
+
+ /* Make sure key data is inside */
+ rv = vb21_verify_common_member(pkey, &min_offset,
+ pkey->key_offset, pkey->key_size);
+ if (rv)
+ return rv;
+
+ /*
+ * Check for compatible version. No need to check minor version, since
+ * that's compatible across readers matching the major version, and we
+ * haven't added any new fields.
+ */
+ if (pkey->c.struct_version_major != VB21_PACKED_KEY_VERSION_MAJOR)
+ return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION;
+
+ /* Copy key algorithms */
+ key->hash_alg = pkey->hash_alg;
+ if (!vb2_digest_size(key->hash_alg))
+ return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
+
+ key->sig_alg = pkey->sig_alg;
+ if (key->sig_alg != VB2_SIG_NONE) {
+ sig_size = vb2_rsa_sig_size(key->sig_alg);
+ if (!sig_size)
+ return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
+ rv = vb2_unpack_key_data(
+ key,
+ (const uint8_t *)pkey + pkey->key_offset,
+ pkey->key_size);
+ if (rv)
+ return rv;
+ }
+
+ /* Key description */
+ key->desc = vb21_common_desc(pkey);
+ key->version = pkey->key_version;
+ key->id = &pkey->id;
+
+ return VB2_SUCCESS;
+}
diff --git a/host/lib21/host_misc.c b/host/lib21/host_misc.c
index 71a77c5..ebc4eac 100644
--- a/host/lib21/host_misc.c
+++ b/host/lib21/host_misc.c
@@ -14,8 +14,8 @@
#include "2sha.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_misc2.h"
-#include "vb21_common.h"
+#include "host_common21.h"
+#include "host_misc21.h"
vb2_error_t vb2_read_file(const char *filename, uint8_t **data_ptr,
uint32_t *size_ptr)
diff --git a/host/lib21/host_signature.c b/host/lib21/host_signature.c
index e4dead0..77ee448 100644
--- a/host/lib21/host_signature.c
+++ b/host/lib21/host_signature.c
@@ -12,10 +12,10 @@
#include "2sha.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_common21.h"
+#include "host_key21.h"
#include "host_misc.h"
-#include "host_signature2.h"
-#include "vb21_common.h"
+#include "host_signature21.h"
vb2_error_t vb2_digest_info(enum vb2_hash_algorithm hash_alg,
const uint8_t **buf_ptr, uint32_t *size_ptr)
diff --git a/firmware/lib21/include/vb21_common.h b/host/lib21/include/host_common21.h
similarity index 80%
rename from firmware/lib21/include/vb21_common.h
rename to host/lib21/include/host_common21.h
index 442ccb0..fa8086b 100644
--- a/firmware/lib21/include/vb21_common.h
+++ b/host/lib21/include/host_common21.h
@@ -11,7 +11,7 @@
#include "2common.h"
#include "2return_codes.h"
#include "2struct.h"
-#include "vb21_struct.h"
+#include "host_struct21.h"
#ifdef __cplusplus
extern "C" {
@@ -79,33 +79,6 @@
uint32_t member_offset);
/**
- * Unpack a key for use in verification
- *
- * The elements of the unpacked key will point into the source buffer, so don't
- * free the source buffer until you're done with the key.
- *
- * @param key Destintion for unpacked key
- * @param buf Source buffer containing packed key
- * @param size Size of buffer in bytes
- * @return VB2_SUCCESS, or non-zero error code if error.
- */
-vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf,
- uint32_t size);
-
-/**
- * Unpack the RSA data fields for a public key
- *
- * This is called by vb21_unpack_key() to extract the arrays from a packed key.
- * These elements of *key will point inside the key_data buffer.
- *
- * @param key Destination key for RSA data fields
- * @param key_data Packed key data (from inside a packed key buffer)
- * @param key_size Size of packed key data in bytes
- */
-vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key,
- const uint8_t *key_data, uint32_t key_size);
-
-/**
* Verify the integrity of a signature struct
* @param sig Signature struct
* @param size Size of buffer containing signature struct
diff --git a/host/lib21/include/host_key2.h b/host/lib21/include/host_key21.h
similarity index 94%
rename from host/lib21/include/host_key2.h
rename to host/lib21/include/host_key21.h
index d8a90f5..219e98a 100644
--- a/host/lib21/include/host_key2.h
+++ b/host/lib21/include/host_key21.h
@@ -267,4 +267,18 @@
vb2_error_t vb21_public_key_write(const struct vb2_public_key *key,
const char *filename);
+/**
+ * Unpack a key for use in verification
+ *
+ * The elements of the unpacked key will point into the source buffer, so don't
+ * free the source buffer until you're done with the key.
+ *
+ * @param key Destintion for unpacked key
+ * @param buf Source buffer containing packed key
+ * @param size Size of buffer in bytes
+ * @return VB2_SUCCESS, or non-zero error code if error.
+ */
+vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf,
+ uint32_t size);
+
#endif /* VBOOT_REFERENCE_HOST_KEY2_H_ */
diff --git a/host/lib21/include/host_misc2.h b/host/lib21/include/host_misc21.h
similarity index 100%
rename from host/lib21/include/host_misc2.h
rename to host/lib21/include/host_misc21.h
diff --git a/host/lib21/include/host_signature2.h b/host/lib21/include/host_signature21.h
similarity index 100%
rename from host/lib21/include/host_signature2.h
rename to host/lib21/include/host_signature21.h
diff --git a/firmware/lib21/include/vb21_struct.h b/host/lib21/include/host_struct21.h
similarity index 100%
rename from firmware/lib21/include/vb21_struct.h
rename to host/lib21/include/host_struct21.h
diff --git a/tests/vb21_common2_tests.c b/tests/vb21_host_common2_tests.c
similarity index 98%
rename from tests/vb21_common2_tests.c
rename to tests/vb21_host_common2_tests.c
index b98b1ac..b2ceb95 100644
--- a/tests/vb21_common2_tests.c
+++ b/tests/vb21_host_common2_tests.c
@@ -13,11 +13,11 @@
#include "2rsa.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_key2.h"
-#include "host_signature2.h"
+#include "host_common21.h"
+#include "host_key21.h"
+#include "host_signature21.h"
#include "test_common.h"
#include "util_misc.h"
-#include "vb21_common.h"
static const uint8_t test_data[] = "This is some test data to sign.";
static const uint32_t test_size = sizeof(test_data);
diff --git a/tests/vb21_common_tests.c b/tests/vb21_host_common_tests.c
similarity index 98%
rename from tests/vb21_common_tests.c
rename to tests/vb21_host_common_tests.c
index 543ebb2..3ab5dbc 100644
--- a/tests/vb21_common_tests.c
+++ b/tests/vb21_host_common_tests.c
@@ -8,10 +8,10 @@
#include "2common.h"
#include "2rsa.h"
#include "2sysincludes.h"
-#include "host_key2.h"
-#include "host_signature2.h"
+#include "host_common21.h"
+#include "host_key21.h"
+#include "host_signature21.h"
#include "test_common.h"
-#include "vb21_common.h"
static const uint8_t test_data[] = "This is some test data to sign.";
diff --git a/tests/vb21_host_key_tests.c b/tests/vb21_host_key_tests.c
index 0be763f..e8eef9b 100644
--- a/tests/vb21_host_key_tests.c
+++ b/tests/vb21_host_key_tests.c
@@ -12,9 +12,9 @@
#include "2rsa.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_common21.h"
+#include "host_key21.h"
#include "test_common.h"
-#include "vb21_common.h"
/* Test only the algorithms we use */
struct alg_combo {
diff --git a/tests/vb21_host_misc_tests.c b/tests/vb21_host_misc_tests.c
index 8a556e9..f437803 100644
--- a/tests/vb21_host_misc_tests.c
+++ b/tests/vb21_host_misc_tests.c
@@ -11,9 +11,9 @@
#include "2common.h"
#include "2sysincludes.h"
#include "host_common.h"
+#include "host_common21.h"
#include "host_misc.h"
#include "test_common.h"
-#include "vb21_common.h"
static void misc_tests(void)
{
diff --git a/tests/vb21_host_sig_tests.c b/tests/vb21_host_sig_tests.c
index b116c5c..f337eaa 100644
--- a/tests/vb21_host_sig_tests.c
+++ b/tests/vb21_host_sig_tests.c
@@ -12,10 +12,10 @@
#include "2rsa.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_key2.h"
-#include "host_signature2.h"
+#include "host_common21.h"
+#include "host_key21.h"
+#include "host_signature21.h"
#include "test_common.h"
-#include "vb21_common.h"
/* Test only the algorithms we use */
struct alg_combo {
diff --git a/tests/vb2_common2_tests.c b/tests/vb2_common2_tests.c
index 4f68f9b..e8c96f7 100644
--- a/tests/vb2_common2_tests.c
+++ b/tests/vb2_common2_tests.c
@@ -13,7 +13,7 @@
#include "2sysincludes.h"
#include "file_keys.h"
#include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
#include "test_common.h"
#include "vb2_common.h"
diff --git a/utility/pad_digest_utility.c b/utility/pad_digest_utility.c
index 718f735..6f91cf3 100644
--- a/utility/pad_digest_utility.c
+++ b/utility/pad_digest_utility.c
@@ -12,7 +12,7 @@
#include "2sha.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_signature2.h"
+#include "host_signature21.h"
#include "signature_digest.h"
static void usage(char* argv[]) {
diff --git a/utility/signature_digest_utility.c b/utility/signature_digest_utility.c
index 9a39317..9f5138f 100644
--- a/utility/signature_digest_utility.c
+++ b/utility/signature_digest_utility.c
@@ -14,7 +14,7 @@
#include "2common.h"
#include "2sysincludes.h"
#include "host_common.h"
-#include "host_signature2.h"
+#include "host_signature21.h"
#include "signature_digest.h"
int main(int argc, char* argv[])
