blob: 3870288fa7c0c8e08705e687fba60a0f300d308b [file] [log] [blame] [edit]
/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Key unpacking functions
*/
#include "2common.h"
#include "2rsa.h"
#include "2sysincludes.h"
#include "vb2_common.h"
test_mockable
vb2_error_t vb2_unpack_key_buffer(struct vb2_public_key *key,
const uint8_t *buf, uint32_t size)
{
const struct vb2_packed_key *packed_key =
(const struct vb2_packed_key *)buf;
const uint32_t *buf32;
uint32_t expected_key_size;
/* Make sure passed buffer is big enough for the packed key */
VB2_TRY(vb2_verify_packed_key_inside(buf, size, packed_key));
/* Unpack key algorithm */
key->sig_alg = vb2_crypto_to_signature(packed_key->algorithm);
if (key->sig_alg == VB2_SIG_INVALID) {
VB2_DEBUG("Unsupported signature algorithm.\n");
return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
}
key->hash_alg = vb2_crypto_to_hash(packed_key->algorithm);
if (key->hash_alg == VB2_HASH_INVALID) {
VB2_DEBUG("Unsupported hash algorithm.\n");
return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
}
expected_key_size = vb2_packed_key_size(key->sig_alg);
if (!expected_key_size || expected_key_size != packed_key->key_size) {
VB2_DEBUG("Wrong key size for algorithm\n");
return VB2_ERROR_UNPACK_KEY_SIZE;
}
/* Make sure source buffer is 32-bit aligned */
buf32 = (const uint32_t *)vb2_packed_key_data(packed_key);
if (!vb2_aligned(buf32, sizeof(uint32_t)))
return VB2_ERROR_UNPACK_KEY_ALIGN;
/* Validity check key array size */
key->arrsize = buf32[0];
if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg))
return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE;
key->n0inv = buf32[1];
/* Arrays point inside the key data */
key->n = buf32 + 2;
key->rr = buf32 + 2 + key->arrsize;
/* disable hwcrypto for RSA by default */
key->allow_hwcrypto = 0;
#ifdef __COVERITY__
__coverity_tainted_data_sanitize__(key);
__coverity_tainted_data_sanitize__(buf);
#endif
return VB2_SUCCESS;
}
vb2_error_t vb2_unpack_key(struct vb2_public_key *key,
const struct vb2_packed_key *packed_key)
{
if (!packed_key)
return VB2_ERROR_UNPACK_KEY_BUFFER;
return vb2_unpack_key_buffer(key,
(const uint8_t *)packed_key,
packed_key->key_offset +
packed_key->key_size);
}