static void VerifyDigestTest(const VbPublicKey *public_key,
const VbPrivateKey *private_key)
{
const uint8_t test_data[] = "This is some other test data to sign.";
VbSignature *sig;
RSAPublicKey *rsa;
uint8_t *digest;
sig = CalculateSignature(test_data, sizeof(test_data), private_key);
rsa = PublicKeyToRSA(public_key);
digest = DigestBuf(test_data, sizeof(test_data),
(int)public_key->algorithm);
TEST_NEQ(sig && rsa && digest, 0, "VerifyData() prerequisites");
if (!sig || !rsa || !digest)
return;
TEST_EQ(VerifyDigest(digest, sig, rsa), 0, "VerifyDigest() ok");
GetSignatureData(sig)[0] ^= 0x5A;
TEST_EQ(VerifyDigest(digest, sig, rsa), 1, "VerifyDigest() wrong sig");
sig->sig_size = 1;
TEST_EQ(VerifyDigest(digest, sig, rsa), 1, "VerifyDigest() sig size");
RSAPublicKeyFree(rsa);
free(sig);
VbExFree(digest);
}
static void VerifyDataTest(const VbPublicKey *public_key,
const VbPrivateKey *private_key)
{
const uint8_t test_data[] = "This is some test data to sign.";
const uint64_t test_size = sizeof(test_data);
VbSignature *sig;
RSAPublicKey *rsa;
sig = CalculateSignature(test_data, test_size, private_key);
TEST_PTR_NEQ(sig, 0, "VerifyData() calculate signature");
rsa = PublicKeyToRSA(public_key);
TEST_PTR_NEQ(rsa, 0, "VerifyData() calculate rsa");
if (!sig || !rsa)
return;
TEST_EQ(VerifyData(test_data, test_size, sig, rsa), 0,
"VerifyData() ok");
sig->sig_size -= 16;
TEST_EQ(VerifyData(test_data, test_size, sig, rsa), 1,
"VerifyData() wrong sig size");
sig->sig_size += 16;
TEST_EQ(VerifyData(test_data, test_size - 1, sig, rsa), 1,
"VerifyData() input buffer too small");
GetSignatureData(sig)[0] ^= 0x5A;
TEST_EQ(VerifyData(test_data, test_size, sig, rsa), 1,
"VerifyData() wrong sig");
RSAPublicKeyFree(rsa);
free(sig);
}
static void resign_keyblock(struct vb2_keyblock *h, const VbPrivateKey *key)
{
VbSignature *sig =
CalculateSignature((const uint8_t *)h,
h->keyblock_signature.data_size, key);
SignatureCopy((VbSignature *)&h->keyblock_signature, sig);
free(sig);
}
static void resign_fw_preamble(struct vb2_fw_preamble *h,
const VbPrivateKey *key)
{
VbSignature *sig = CalculateSignature(
(const uint8_t *)h, h->preamble_signature.data_size, key);
SignatureCopy((VbSignature *)&h->preamble_signature, sig);
free(sig);
}
static void ReSignKernelPreamble(VbKernelPreambleHeader *h,
const VbPrivateKey *key)
{
VbSignature *sig = CalculateSignature((const uint8_t *)h,
h->preamble_signature.data_size, key);
SignatureCopy(&h->preamble_signature, sig);
free(sig);
}
VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key,
const VbPrivateKey* signing_key,
uint64_t flags) {
VbKeyBlockHeader* h;
uint64_t signed_size = sizeof(VbKeyBlockHeader) + data_key->key_size;
uint64_t block_size = (signed_size + SHA512_DIGEST_SIZE +
(signing_key ?
siglen_map[signing_key->algorithm] : 0));
uint8_t* data_key_dest;
uint8_t* block_sig_dest;
uint8_t* block_chk_dest;
VbSignature *sigtmp;
/* Allocate key block */
h = (VbKeyBlockHeader*)malloc(block_size);
if (!h)
return NULL;
data_key_dest = (uint8_t*)(h + 1);
block_chk_dest = data_key_dest + data_key->key_size;
block_sig_dest = block_chk_dest + SHA512_DIGEST_SIZE;
Memcpy(h->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE);
h->header_version_major = KEY_BLOCK_HEADER_VERSION_MAJOR;
h->header_version_minor = KEY_BLOCK_HEADER_VERSION_MINOR;
h->key_block_size = block_size;
h->key_block_flags = flags;
/* Copy data key */
PublicKeyInit(&h->data_key, data_key_dest, data_key->key_size);
PublicKeyCopy(&h->data_key, data_key);
/* Set up signature structs so we can calculate the signatures */
SignatureInit(&h->key_block_checksum, block_chk_dest,
SHA512_DIGEST_SIZE, signed_size);
if (signing_key)
SignatureInit(&h->key_block_signature, block_sig_dest,
siglen_map[signing_key->algorithm], signed_size);
else
Memset(&h->key_block_signature, 0, sizeof(VbSignature));
/* Calculate checksum */
sigtmp = CalculateChecksum((uint8_t*)h, signed_size);
SignatureCopy(&h->key_block_checksum, sigtmp);
free(sigtmp);
/* Calculate signature */
if (signing_key) {
sigtmp = CalculateSignature((uint8_t*)h, signed_size, signing_key);
SignatureCopy(&h->key_block_signature, sigtmp);
free(sigtmp);
}
/* Return the header */
return h;
}
VbKernelPreambleHeader *CreateKernelPreamble(
uint64_t kernel_version,
uint64_t body_load_address,
uint64_t bootloader_address,
uint64_t bootloader_size,
const VbSignature *body_signature,
uint64_t desired_size,
const VbPrivateKey *signing_key)
{
VbKernelPreambleHeader *h;
uint64_t signed_size = (sizeof(VbKernelPreambleHeader) +
body_signature->sig_size);
uint64_t block_size = signed_size + siglen_map[signing_key->algorithm];
uint8_t *body_sig_dest;
uint8_t *block_sig_dest;
VbSignature *sigtmp;
/* If the block size is smaller than the desired size, pad it */
if (block_size < desired_size)
block_size = desired_size;
/* Allocate key block */
h = (VbKernelPreambleHeader *)malloc(block_size);
if (!h)
return NULL;
Memset(h, 0, block_size);
body_sig_dest = (uint8_t *)(h + 1);
block_sig_dest = body_sig_dest + body_signature->sig_size;
h->header_version_major = KERNEL_PREAMBLE_HEADER_VERSION_MAJOR;
h->header_version_minor = KERNEL_PREAMBLE_HEADER_VERSION_MINOR;
h->preamble_size = block_size;
h->kernel_version = kernel_version;
h->body_load_address = body_load_address;
h->bootloader_address = bootloader_address;
h->bootloader_size = bootloader_size;
/* Copy body signature */
SignatureInit(&h->body_signature, body_sig_dest,
body_signature->sig_size, 0);
SignatureCopy(&h->body_signature, body_signature);
/* Set up signature struct so we can calculate the signature */
SignatureInit(&h->preamble_signature, block_sig_dest,
siglen_map[signing_key->algorithm], signed_size);
/* Calculate signature */
sigtmp = CalculateSignature((uint8_t *)h, signed_size, signing_key);
SignatureCopy(&h->preamble_signature, sigtmp);
free(sigtmp);
/* Return the header */
return h;
}
VbFirmwarePreambleHeader *CreateFirmwarePreamble(
uint64_t firmware_version,
const VbPublicKey *kernel_subkey,
const VbSignature *body_signature,
const VbPrivateKey *signing_key,
uint32_t flags)
{
VbFirmwarePreambleHeader *h;
uint64_t signed_size = (sizeof(VbFirmwarePreambleHeader) +
kernel_subkey->key_size +
body_signature->sig_size);
uint64_t block_size = signed_size + siglen_map[signing_key->algorithm];
uint8_t *kernel_subkey_dest;
uint8_t *body_sig_dest;
uint8_t *block_sig_dest;
VbSignature *sigtmp;
/* Allocate key block */
h = (VbFirmwarePreambleHeader *)malloc(block_size);
if (!h)
return NULL;
Memset(h, 0, block_size);
kernel_subkey_dest = (uint8_t *)(h + 1);
body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size;
block_sig_dest = body_sig_dest + body_signature->sig_size;
h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR;
h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR;
h->preamble_size = block_size;
h->firmware_version = firmware_version;
h->flags = flags;
/* Copy data key */
PublicKeyInit(&h->kernel_subkey, kernel_subkey_dest,
kernel_subkey->key_size);
PublicKeyCopy(&h->kernel_subkey, kernel_subkey);
/* Copy body signature */
SignatureInit(&h->body_signature, body_sig_dest,
body_signature->sig_size, 0);
SignatureCopy(&h->body_signature, body_signature);
/* Set up signature struct so we can calculate the signature */
SignatureInit(&h->preamble_signature, block_sig_dest,
siglen_map[signing_key->algorithm], signed_size);
/* Calculate signature */
sigtmp = CalculateSignature((uint8_t *)h, signed_size, signing_key);
SignatureCopy(&h->preamble_signature, sigtmp);
free(sigtmp);
/* Return the header */
return h;
}
static int write_new_preamble(struct bios_area_s *vblock,
struct bios_area_s *fw_body,
VbPrivateKey *signkey,
VbKeyBlockHeader *keyblock)
{
VbSignature *body_sig;
VbFirmwarePreambleHeader *preamble;
body_sig = CalculateSignature(fw_body->buf, fw_body->len, signkey);
if (!body_sig) {
fprintf(stderr, "Error calculating body signature\n");
return 1;
}
preamble = CreateFirmwarePreamble(sign_option.version,
sign_option.kernel_subkey,
body_sig,
signkey,
sign_option.flags);
if (!preamble) {
fprintf(stderr, "Error creating firmware preamble.\n");
free(body_sig);
return 1;
}
/* Write the new keyblock */
uint32_t more = keyblock->key_block_size;
memcpy(vblock->buf, keyblock, more);
/* and the new preamble */
memcpy(vblock->buf + more, preamble, preamble->preamble_size);
free(preamble);
free(body_sig);
return 0;
}
dgInt32 dgCollisionSphere::CalculateSignature () const
{
return CalculateSignature(m_radius);
}
/* Create a firmware .vblock */
static int Vblock(const char* outfile, const char* keyblock_file,
const char* signprivate, uint64_t version,
const char* fv_file, const char* kernelkey_file,
uint32_t preamble_flags) {
VbPrivateKey* signing_key;
VbPublicKey* kernel_subkey;
VbSignature* body_sig;
VbFirmwarePreambleHeader* preamble;
VbKeyBlockHeader* key_block;
uint64_t key_block_size;
uint8_t* fv_data;
uint64_t fv_size;
FILE* f;
uint64_t i;
if (!outfile) {
VbExError("Must specify output filename\n");
return 1;
}
if (!keyblock_file || !signprivate || !kernelkey_file) {
VbExError("Must specify all keys\n");
return 1;
}
if (!fv_file) {
VbExError("Must specify firmware volume\n");
return 1;
}
/* Read the key block and keys */
key_block = (VbKeyBlockHeader*)ReadFile(keyblock_file, &key_block_size);
if (!key_block) {
VbExError("Error reading key block.\n");
return 1;
}
signing_key = PrivateKeyRead(signprivate);
if (!signing_key) {
VbExError("Error reading signing key.\n");
return 1;
}
kernel_subkey = PublicKeyRead(kernelkey_file);
if (!kernel_subkey) {
VbExError("Error reading kernel subkey.\n");
return 1;
}
/* Read and sign the firmware volume */
fv_data = ReadFile(fv_file, &fv_size);
if (!fv_data)
return 1;
if (!fv_size) {
VbExError("Empty firmware volume file\n");
return 1;
}
body_sig = CalculateSignature(fv_data, fv_size, signing_key);
if (!body_sig) {
VbExError("Error calculating body signature\n");
return 1;
}
free(fv_data);
/* Create preamble */
preamble = CreateFirmwarePreamble(version,
kernel_subkey,
body_sig,
signing_key,
preamble_flags);
if (!preamble) {
VbExError("Error creating preamble.\n");
return 1;
}
/* Write the output file */
f = fopen(outfile, "wb");
if (!f) {
VbExError("Can't open output file %s\n", outfile);
return 1;
}
i = ((1 != fwrite(key_block, key_block_size, 1, f)) ||
(1 != fwrite(preamble, preamble->preamble_size, 1, f)));
fclose(f);
if (i) {
VbExError("Can't write output file %s\n", outfile);
unlink(outfile);
return 1;
}
/* Success */
return 0;
}
dgInt32 dgCollisionTaperedCapsule::CalculateSignature () const
{
return CalculateSignature (m_radio0, m_radio1, m_height);
}
dgInt32 dgCollisionCone::CalculateSignature () const
{
return CalculateSignature (m_radius, m_height);
}
dgInt32 dgCollisionBox::CalculateSignature () const
{
return CalculateSignature(m_size[0].m_x, m_size[0].m_y, m_size[0].m_z);
}
dgInt32 dgCollisionChamferCylinder::CalculateSignature () const
{
return CalculateSignature (m_radius, m_height);
}
dgInt32 dgCollisionCylinder::CalculateSignature () const
{
return CalculateSignature (m_radio0, m_radio1, m_height);
}