futility: Remove --devsign and --devkeyblock
This feature has not been needed since pre-2012 devices which have long
since reached their end of life. We can safely remove it to simplify the
code.
Also remove ZGB image, as it is no longer needed.
BUG=b:197114807
TEST=sudo FEATURES=test emerge vboot_reference
BRANCH=none
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Cq-Depend: chromium:3650757
Change-Id: I889dc6300c5cb72bdfcb9c2b66d63e97d3f8c862
Disallow-Recycled-Builds: test-failures
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3578968
Commit-Queue: Jakub Czapiga <czapiga@google.com>
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Tested-by: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
diff --git a/futility/cmd_sign.c b/futility/cmd_sign.c
index 5999997..b35712a 100644
--- a/futility/cmd_sign.c
+++ b/futility/cmd_sign.c
@@ -367,11 +367,6 @@
" [--infile] INFILE Input firmware image (modified\n"
" in place if no OUTFILE given)\n"
"\n"
- "These are required if the A and B firmware differ:\n"
- " -S|--devsign FILE.vbprivk The DEV private firmware data key\n"
- " -B|--devkeyblock FILE.keyblock The keyblock containing the\n"
- " DEV public firmware data key\n"
- "\n"
"Optional PARAMS:\n"
" -v|--version NUM The firmware version number"
" (default %d)\n"
@@ -620,8 +615,6 @@
{"signprivate", 1, NULL, 's'},
{"keyblock", 1, NULL, 'b'},
{"kernelkey", 1, NULL, 'k'},
- {"devsign", 1, NULL, 'S'},
- {"devkeyblock", 1, NULL, 'B'},
{"version", 1, NULL, 'v'},
{"flags", 1, NULL, 'f'},
{"loemdir", 1, NULL, 'd'},
@@ -703,21 +696,6 @@
errorcnt++;
}
break;
- case 'S':
- sign_option.devsignprivate =
- vb2_read_private_key(optarg);
- if (!sign_option.devsignprivate) {
- fprintf(stderr, "Error reading %s\n", optarg);
- errorcnt++;
- }
- break;
- case 'B':
- sign_option.devkeyblock = vb2_read_keyblock(optarg);
- if (!sign_option.devkeyblock) {
- fprintf(stderr, "Error reading %s\n", optarg);
- errorcnt++;
- }
- break;
case 'v':
sign_option.version_specified = 1;
sign_option.version = strtoul(optarg, &e, 0);
diff --git a/futility/file_type_bios.c b/futility/file_type_bios.c
index 17efdde..13428c1 100644
--- a/futility/file_type_bios.c
+++ b/futility/file_type_bios.c
@@ -408,31 +408,11 @@
return 1;
}
- /* Do A & B differ ? */
- if (fw_a->len != fw_b->len ||
- memcmp(fw_a->buf, fw_b->buf, fw_a->len)) {
- /* Yes, must use DEV keys for A */
- if (!sign_option.devsignprivate || !sign_option.devkeyblock) {
- fprintf(stderr,
- "FW A & B differ. DEV keys are required.\n");
- return 1;
- }
- retval |= write_new_preamble(vblock_a, fw_a,
- sign_option.devsignprivate,
- sign_option.devkeyblock);
- } else {
- retval |= write_new_preamble(vblock_a, fw_a,
- sign_option.signprivate,
- sign_option.keyblock);
- }
-
- /* FW B is always normal keys */
- retval |= write_new_preamble(vblock_b, fw_b,
- sign_option.signprivate,
+ retval |= write_new_preamble(vblock_a, fw_a, sign_option.signprivate,
sign_option.keyblock);
-
-
+ retval |= write_new_preamble(vblock_b, fw_b, sign_option.signprivate,
+ sign_option.keyblock);
if (sign_option.loemid) {
retval |= write_loem("A", vblock_a);
diff --git a/futility/futility_options.h b/futility/futility_options.h
index 9c99bba..da83958 100644
--- a/futility/futility_options.h
+++ b/futility/futility_options.h
@@ -34,8 +34,6 @@
struct vb2_private_key *signprivate;
struct vb2_keyblock *keyblock;
struct vb2_packed_key *kernel_subkey;
- struct vb2_private_key *devsignprivate;
- struct vb2_keyblock *devkeyblock;
uint32_t version;
int version_specified;
uint32_t flags;
diff --git a/scripts/image_signing/make_dev_firmware.sh b/scripts/image_signing/make_dev_firmware.sh
index 0db5638..20c8414 100755
--- a/scripts/image_signing/make_dev_firmware.sh
+++ b/scripts/image_signing/make_dev_firmware.sh
@@ -167,8 +167,6 @@
local recovery_pubkey="${FLAGS_keys}/recovery_key.vbpubk"
local firmware_keyblock="${FLAGS_keys}/firmware.keyblock"
local firmware_prvkey="${FLAGS_keys}/firmware_data_key.vbprivk"
- local dev_firmware_keyblock="${FLAGS_keys}/dev_firmware.keyblock"
- local dev_firmware_prvkey="${FLAGS_keys}/dev_firmware_data_key.vbprivk"
local kernel_sub_pubkey="${FLAGS_keys}/kernel_subkey.vbpubk"
local ec_efs_pubkey="${FLAGS_keys}/key_ec_efs.vbpubk2"
local ec_efs_prvkey="${FLAGS_keys}/key_ec_efs.vbprik2"
@@ -281,8 +279,6 @@
echo "Using keyblocks (developer, normal)..."
else
echo "Using keyblocks (normal, normal)..."
- dev_firmware_prvkey="$firmware_prvkey"
- dev_firmware_keyblock="$firmware_keyblock"
fi
debug_msg "Extract firmware version and data key version"
@@ -351,8 +347,6 @@
"${IMAGE_BIOS}" \
"${firmware_prvkey}" \
"${firmware_keyblock}" \
- "${dev_firmware_prvkey}" \
- "${dev_firmware_keyblock}" \
"${kernel_sub_pubkey}" \
"${firmware_version}" \
${optional_opts} ||
diff --git a/scripts/image_signing/resign_firmwarefd.sh b/scripts/image_signing/resign_firmwarefd.sh
index d4cb5b8..ea23315 100755
--- a/scripts/image_signing/resign_firmwarefd.sh
+++ b/scripts/image_signing/resign_firmwarefd.sh
@@ -20,20 +20,12 @@
DST_FD=$2
FIRMWARE_DATAKEY=$3
FIRMWARE_KEYBLOCK=$4
-DEV_FIRMWARE_DATAKEY=$5
-DEV_FIRMWARE_KEYBLOCK=$6
-KERNEL_SUBKEY=$7
+KERNEL_SUBKEY=$5
# optional
-VERSION=$8
-PREAMBLE_FLAG=$9
-LOEM_OUTPUT_DIR=${10}
-LOEMID=${11}
-
-if [ ! -e $DEV_FIRMWARE_KEYBLOCK ] || [ ! -e $DEV_FIRMWARE_DATAKEY ] ; then
- echo "No dev firmware keyblock/datakey found. Reusing normal keys."
- DEV_FIRMWARE_KEYBLOCK="$FIRMWARE_KEYBLOCK"
- DEV_FIRMWARE_DATAKEY="$FIRMWARE_DATAKEY"
-fi
+VERSION=$6
+PREAMBLE_FLAG=$7
+LOEM_OUTPUT_DIR=$8
+LOEMID=$9
# pass optional args
[ -n "$VERSION" ] && VERSION="--version $VERSION"
@@ -44,8 +36,6 @@
exec ${FUTILITY} sign \
--signprivate $FIRMWARE_DATAKEY \
--keyblock $FIRMWARE_KEYBLOCK \
- --devsign $DEV_FIRMWARE_DATAKEY \
- --devkeyblock $DEV_FIRMWARE_KEYBLOCK \
--kernelkey $KERNEL_SUBKEY \
$VERSION \
$PREAMBLE_FLAG \
diff --git a/scripts/image_signing/sign_firmware.sh b/scripts/image_signing/sign_firmware.sh
index 0e7ac7c..ebc6cdc 100755
--- a/scripts/image_signing/sign_firmware.sh
+++ b/scripts/image_signing/sign_firmware.sh
@@ -57,8 +57,6 @@
"${temp_fw}" \
"${key_dir}/firmware_data_key${loem_key}.vbprivk" \
"${key_dir}/firmware${loem_key}.keyblock" \
- "${key_dir}/dev_firmware_data_key${loem_key}.vbprivk" \
- "${key_dir}/dev_firmware${loem_key}.keyblock" \
"${key_dir}/kernel_subkey.vbpubk" \
"${firmware_version}" \
"" \
diff --git a/scripts/image_signing/sign_official_build.sh b/scripts/image_signing/sign_official_build.sh
index 98c8610..e9c219e 100755
--- a/scripts/image_signing/sign_official_build.sh
+++ b/scripts/image_signing/sign_official_build.sh
@@ -515,14 +515,6 @@
local signprivate="${KEY_DIR}/firmware_data_key${key_suffix}.vbprivk"
local keyblock="${KEY_DIR}/firmware${key_suffix}.keyblock"
- local devsign="${KEY_DIR}/dev_firmware_data_key${key_suffix}.vbprivk"
- local devkeyblock="${KEY_DIR}/dev_firmware${key_suffix}.keyblock"
-
- if [ ! -e "${devsign}" ] || [ ! -e "${devkeyblock}" ] ; then
- echo "No dev firmware keyblock/datakey found. Reusing normal keys."
- devsign="${signprivate}"
- devkeyblock="${keyblock}"
- fi
# Path to bios.bin.
local bios_path="${shellball_dir}/${bios_image}"
@@ -566,8 +558,6 @@
echo "Signing Bios with:" ${FUTILITY} sign \
--signprivate "${signprivate}" \
--keyblock "${keyblock}" \
- --devsign "${devsign}" \
- --devkeyblock "${devkeyblock}" \
--kernelkey "${KEY_DIR}/kernel_subkey.vbpubk" \
--version "${FIRMWARE_VERSION}" \
"${extra_args[@]}" \
@@ -576,8 +566,6 @@
${FUTILITY} sign \
--signprivate "${signprivate}" \
--keyblock "${keyblock}" \
- --devsign "${devsign}" \
- --devkeyblock "${devkeyblock}" \
--kernelkey "${KEY_DIR}/kernel_subkey.vbpubk" \
--version "${FIRMWARE_VERSION}" \
"${extra_args[@]}" \
diff --git a/scripts/keygeneration/create_new_keys.sh b/scripts/keygeneration/create_new_keys.sh
index 2e1fd22..4a2ad33 100755
--- a/scripts/keygeneration/create_new_keys.sh
+++ b/scripts/keygeneration/create_new_keys.sh
@@ -14,7 +14,6 @@
Usage: ${PROG} [options]
Options:
- --devkeyblock Also generate developer firmware keyblock and data key
--android Also generate android keys
--uefi Also generate UEFI keys
--8k Use 8k keys instead of 4k (enables options below)
@@ -36,8 +35,6 @@
main() {
set -e
- # Flag to indicate whether we should be generating a developer keyblock flag.
- local dev_keyblock="false"
local android_keys="false"
local uefi_keys="false"
local root_key_algoid=${ROOT_KEY_ALGOID}
@@ -50,11 +47,6 @@
while [[ $# -gt 0 ]]; do
case $1 in
- --devkeyblock)
- echo "Will also generate developer firmware keyblock and data key."
- dev_keyblock="true"
- ;;
-
--android)
echo "Will also generate Android keys."
android_keys="true"
@@ -158,9 +150,6 @@
make_pair ec_data_key ${EC_DATAKEY_ALGOID} ${eckey_version}
make_pair root_key ${root_key_algoid}
make_pair firmware_data_key ${FIRMWARE_DATAKEY_ALGOID} ${fkey_version}
- if [[ "${dev_keyblock}" == "true" ]]; then
- make_pair dev_firmware_data_key ${DEV_FIRMWARE_DATAKEY_ALGOID} ${fkey_version}
- fi
make_pair kernel_subkey ${KERNEL_SUBKEY_ALGOID} ${ksubkey_version}
make_pair kernel_data_key ${KERNEL_DATAKEY_ALGOID} ${kdatakey_version}
@@ -178,11 +167,6 @@
# Ditto EC keyblock
make_keyblock ec ${EC_KEYBLOCK_MODE} ec_data_key ec_root_key
- if [[ "${dev_keyblock}" == "true" ]]; then
- # Create the dev firmware keyblock for use only in Developer mode.
- make_keyblock dev_firmware ${DEV_FIRMWARE_KEYBLOCK_MODE} dev_firmware_data_key root_key
- fi
-
# Create the recovery kernel keyblock for use only in Recovery mode.
make_keyblock recovery_kernel ${RECOVERY_KERNEL_KEYBLOCK_MODE} recovery_kernel_data_key recovery_key
diff --git a/tests/futility/data/README b/tests/futility/data/README
index 57038c3..933de02 100644
--- a/tests/futility/data/README
+++ b/tests/futility/data/README
@@ -1,5 +1,4 @@
These are officially signed BIOS images from existing Chromebooks.
- bios_zgb_mp.bin RW firmware A and B are different
bios_link_mp.bin uses the RO_NORMAL flag to skip RW firmware validation
bios_peppy_mp.bin doesn't do any of those things
diff --git a/tests/futility/data/bios_zgb_mp.bin b/tests/futility/data/bios_zgb_mp.bin
deleted file mode 100644
index c85d820..0000000
--- a/tests/futility/data/bios_zgb_mp.bin
+++ /dev/null
Binary files differ
diff --git a/tests/futility/data_bios_zgb_mp.bin_expect.txt b/tests/futility/data_bios_zgb_mp.bin_expect.txt
deleted file mode 100644
index 2a021ce..0000000
--- a/tests/futility/data_bios_zgb_mp.bin_expect.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-9f59876c7f7dc881f02d934786c6b7c2c17dcaac
-9bd99a594c45b6739899a17ec29ac2289ee75463
-a0e4415cd4e271802504cce3a211b54562178fc8
-5d2b220899c4403d564092ada3f12d3cc4483223
-e2c1c92d7d7aa7dfed5e8375edd30b7ae52b7450
-5d2b220899c4403d564092ada3f12d3cc4483223
diff --git a/tests/futility/expect_output/show.tests_futility_data_bios_peppy_mp.bin b/tests/futility/expect_output/show.tests_futility_data_bios_peppy_mp.bin
new file mode 100644
index 0000000..88733c9
--- /dev/null
+++ b/tests/futility/expect_output/show.tests_futility_data_bios_peppy_mp.bin
@@ -0,0 +1,63 @@
+BIOS: tests/futility/data/bios_peppy_mp.bin
+GBB header: GBB
+ Version: 1.1
+ Flags: 0x00000039
+ Regions: offset size
+ hwid 0x00000080 0x00000100
+ bmpvf 0x00001180 0x000ece80
+ rootkey 0x00000180 0x00001000
+ recovery_key 0x000ee000 0x00001000
+ Size: 0x000ef000 / 0x000ef000
+GBB content:
+ HWID: X86 PEPPY TEST 4211
+ digest: <none>
+ Root Key:
+ Vboot API: 1.0
+ Algorithm: 11 RSA8192 SHA512
+ Key Version: 1
+ Key sha1sum: fc68bcb88bf9af1907289a9f377d658b3b9fe5b0
+ Recovery Key:
+ Vboot API: 1.0
+ Algorithm: 11 RSA8192 SHA512
+ Key Version: 1
+ Key sha1sum: bf39d0d3e30cbf6a121416d04df4603ad5310779
+Firmware body: FW_MAIN_A
+ Offset: 0x00210000
+ Size: 0x000c0000
+Firmware body: FW_MAIN_B
+ Offset: 0x00300000
+ Size: 0x000c0000
+Keyblock: VBLOCK_A
+ Signature: valid
+ Size: 0x8b8
+ Flags: 7 !DEV DEV !REC
+ Data key algorithm: 8 RSA4096 SHA512
+ Data key version: 1
+ Data key sha1sum: f917ad29e36aa8a286f978c1aa0550ea31c6a561
+Firmware Preamble:
+ Size: 2164
+ Header version: 2.1
+ Firmware version: 2
+ Kernel key algorithm: 7 RSA4096 SHA256
+ Kernel key version: 2
+ Kernel key sha1sum: cc05423373b76acbec23ec45dfa3696a2ea6dc0f
+ Firmware body size: 146456
+ Preamble flags: 0
+Body verification succeeded.
+Keyblock: VBLOCK_B
+ Signature: valid
+ Size: 0x8b8
+ Flags: 7 !DEV DEV !REC
+ Data key algorithm: 8 RSA4096 SHA512
+ Data key version: 1
+ Data key sha1sum: f917ad29e36aa8a286f978c1aa0550ea31c6a561
+Firmware Preamble:
+ Size: 2164
+ Header version: 2.1
+ Firmware version: 2
+ Kernel key algorithm: 7 RSA4096 SHA256
+ Kernel key version: 2
+ Kernel key sha1sum: cc05423373b76acbec23ec45dfa3696a2ea6dc0f
+ Firmware body size: 146456
+ Preamble flags: 0
+Body verification succeeded.
diff --git a/tests/futility/expect_output/show.tests_futility_data_bios_zgb_mp.bin b/tests/futility/expect_output/show.tests_futility_data_bios_zgb_mp.bin
deleted file mode 100644
index 2f9f807..0000000
--- a/tests/futility/expect_output/show.tests_futility_data_bios_zgb_mp.bin
+++ /dev/null
@@ -1,63 +0,0 @@
-BIOS: tests/futility/data/bios_zgb_mp.bin
-GBB header: GBB
- Version: 1.0
- Flags: 0x00000000
- Regions: offset size
- hwid 0x00000080 0x00000100
- bmpvf 0x00001180 0x0003de80
- rootkey 0x00000180 0x00001000
- recovery_key 0x0003f000 0x00001000
- Size: 0x00040000 / 0x00040000
-GBB content:
- HWID: {FA42644C-CF3A-4692-A9D3-1A667CB232E9}
- digest: <none>
- Root Key:
- Vboot API: 1.0
- Algorithm: 11 RSA8192 SHA512
- Key Version: 1
- Key sha1sum: 9f59876c7f7dc881f02d934786c6b7c2c17dcaac
- Recovery Key:
- Vboot API: 1.0
- Algorithm: 11 RSA8192 SHA512
- Key Version: 1
- Key sha1sum: 9bd99a594c45b6739899a17ec29ac2289ee75463
-Firmware body: FW_MAIN_A
- Offset: 0x00030000
- Size: 0x000dffc0
-Firmware body: FW_MAIN_B
- Offset: 0x00120000
- Size: 0x000dffc0
-Keyblock: VBLOCK_A
- Signature: valid
- Size: 0x8b8
- Flags: 6 DEV !REC
- Data key algorithm: 8 RSA4096 SHA512
- Data key version: 1
- Data key sha1sum: a78aaa1691c2125ef8ccefa1a8a6bea92d38fae6
-Firmware Preamble:
- Size: 2164
- Header version: 2.1
- Firmware version: 2
- Kernel key algorithm: 7 RSA4096 SHA256
- Kernel key version: 2
- Kernel key sha1sum: 0c9fd5b03ab47d37924ba8a7beb64039d84ed0e1
- Firmware body size: 917440
- Preamble flags: 0
-Body verification succeeded.
-Keyblock: VBLOCK_B
- Signature: valid
- Size: 0x8b8
- Flags: 7 !DEV DEV !REC
- Data key algorithm: 8 RSA4096 SHA512
- Data key version: 1
- Data key sha1sum: 4fe08ed739069d6834b68612eb707998a0825f34
-Firmware Preamble:
- Size: 2164
- Header version: 2.1
- Firmware version: 2
- Kernel key algorithm: 7 RSA4096 SHA256
- Kernel key version: 2
- Kernel key sha1sum: 0c9fd5b03ab47d37924ba8a7beb64039d84ed0e1
- Firmware body size: 917440
- Preamble flags: 0
-Body verification succeeded.
diff --git a/tests/futility/test_file_types.c b/tests/futility/test_file_types.c
index d53760c..17388cf 100644
--- a/tests/futility/test_file_types.c
+++ b/tests/futility/test_file_types.c
@@ -26,7 +26,7 @@
{FILE_TYPE_KEYBLOCK, "tests/devkeys/kernel.keyblock"},
{FILE_TYPE_FW_PREAMBLE, "tests/futility/data/fw_vblock.bin"},
{FILE_TYPE_GBB, "tests/futility/data/fw_gbb.bin"},
- {FILE_TYPE_BIOS_IMAGE, "tests/futility/data/bios_zgb_mp.bin"},
+ {FILE_TYPE_BIOS_IMAGE, "tests/futility/data/bios_peppy_mp.bin"},
{FILE_TYPE_KERN_PREAMBLE, "tests/futility/data/kern_preamble.bin"},
{FILE_TYPE_RAW_FIRMWARE, }, /* need a test for this */
{FILE_TYPE_RAW_KERNEL, }, /* need a test for this */
diff --git a/tests/futility/test_file_types.sh b/tests/futility/test_file_types.sh
index 93c6391..c51e38f 100755
--- a/tests/futility/test_file_types.sh
+++ b/tests/futility/test_file_types.sh
@@ -32,7 +32,7 @@
test_case "keyblock" "tests/devkeys/kernel.keyblock"
test_case "fw_pre" "tests/futility/data/fw_vblock.bin"
test_case "gbb" "tests/futility/data/fw_gbb.bin"
-test_case "bios" "tests/futility/data/bios_zgb_mp.bin"
+test_case "bios" "tests/futility/data/bios_peppy_mp.bin"
test_case "kernel" "tests/futility/data/kern_preamble.bin"
# We don't have a way to identify these (yet?)
# test_case "RAW_FIRMWARE"
diff --git a/tests/futility/test_show_contents.sh b/tests/futility/test_show_contents.sh
index 1533ba4..fddebe8 100755
--- a/tests/futility/test_show_contents.sh
+++ b/tests/futility/test_show_contents.sh
@@ -16,7 +16,7 @@
tests/devkeys/kernel.keyblock
tests/futility/data/fw_vblock.bin
tests/futility/data/fw_gbb.bin
- tests/futility/data/bios_zgb_mp.bin
+ tests/futility/data/bios_peppy_mp.bin
tests/futility/data/kern_preamble.bin
tests/futility/data/sample.vbpubk2
tests/futility/data/sample.vbprik2
diff --git a/tests/futility/test_sign_firmware.sh b/tests/futility/test_sign_firmware.sh
index 8e303e3..04eb385 100755
--- a/tests/futility/test_sign_firmware.sh
+++ b/tests/futility/test_sign_firmware.sh
@@ -30,17 +30,6 @@
set -o pipefail
-# We've removed dev_firmware keyblock and private keys from ToT test key dir.
-# It's currently only available on few legacy (alex, zgb) devices' key folders
-# on signer bot. Add them to ${KEYDIR} if you need to test that.
-DEV_FIRMWARE_PARAMS=""
-if [ -f "${KEYDIR}/dev_firmware.keyblock" ]; then
- DEV_FIRMWARE_PARAMS="
- -S ${KEYDIR}/dev_firmware_data_key.vbprivk
- -B ${KEYDIR}/dev_firmware.keyblock"
- INFILES="${INFILES} ${SCRIPT_DIR}/futility/data/bios_zgb_mp.bin"
-fi
-
count=0
for infile in $INFILES; do
@@ -85,7 +74,6 @@
${FUTILITY} sign \
-s ${KEYDIR}/firmware_data_key.vbprivk \
-b ${KEYDIR}/firmware.keyblock \
- ${DEV_FIRMWARE_PARAMS} \
-k ${KEYDIR}/kernel_subkey.vbpubk \
-v 14 \
-f 8 \
@@ -155,7 +143,6 @@
${FUTILITY} sign \
-s ${KEYDIR}/firmware_data_key.vbprivk \
-b ${KEYDIR}/firmware.keyblock \
- ${DEV_FIRMWARE_PARAMS} \
-k ${KEYDIR}/kernel_subkey.vbpubk \
${MORE_OUT} ${MORE_OUT}.2
@@ -172,7 +159,6 @@
${FUTILITY} sign \
-s ${KEYDIR}/firmware_data_key.vbprivk \
-b ${KEYDIR}/firmware.keyblock \
- ${DEV_FIRMWARE_PARAMS} \
-k ${KEYDIR}/kernel_subkey.vbpubk \
${MORE_OUT} ${MORE_OUT}.3
