/* Pack a .keyb file into a .vbpubk, or a .pem into a .vbprivk */ static int Pack(const char *infile, const char *outfile, uint64_t algorithm, uint64_t version) { VbPublicKey* pubkey; VbPrivateKey* privkey; if (!infile || !outfile) { fprintf(stderr, "vbutil_key: Must specify --in and --out\n"); return 1; } if ((pubkey = PublicKeyReadKeyb(infile, algorithm, version))) { if (0 != PublicKeyWrite(outfile, pubkey)) { fprintf(stderr, "vbutil_key: Error writing key.\n"); return 1; } free(pubkey); return 0; } if ((privkey = PrivateKeyReadPem(infile, algorithm))) { if (0 != PrivateKeyWrite(outfile, privkey)) { fprintf(stderr, "vbutil_key: Error writing key.\n"); return 1; } free(privkey); return 0; } VbExError("Unable to parse either .keyb or .pem from %s\n", infile); return 1; }
/* Unpack a .vbpubk or .vbprivk */ static int Unpack(const char *infile, const char *outfile) { VbPublicKey* pubkey; VbPrivateKey* privkey; if (!infile) { fprintf(stderr, "Need file to unpack\n"); return 1; } if ((pubkey = PublicKeyRead(infile))) { printf("Public Key file: %s\n", infile); printf("Algorithm: %" PRIu64 " %s\n", pubkey->algorithm, (pubkey->algorithm < kNumAlgorithms ? algo_strings[pubkey->algorithm] : "(invalid)")); printf("Key Version: %" PRIu64 "\n", pubkey->key_version); printf("Key sha1sum: "); PrintPubKeySha1Sum(pubkey); printf("\n"); if (outfile) { if (0 != PublicKeyWrite(outfile, pubkey)) { fprintf(stderr, "vbutil_key: Error writing key copy.\n"); free(pubkey); return 1; } } free(pubkey); return 0; } if ((privkey = PrivateKeyRead(infile))) { printf("Private Key file: %s\n", infile); printf("Algorithm: %" PRIu64 " %s\n", privkey->algorithm, (privkey->algorithm < kNumAlgorithms ? algo_strings[privkey->algorithm] : "(invalid)")); if (outfile) { if (0 != PrivateKeyWrite(outfile, privkey)) { fprintf(stderr, "vbutil_key: Error writing key copy.\n"); free(privkey); return 1; } } free(privkey); return 0; } VbExError("Unable to parse either .vbpubk or vbprivk from %s\n", infile); return 1; }
static int vb1_make_keypair() { VbPrivateKey *privkey = 0; VbPublicKey *pubkey = 0; RSA *rsa_key = 0; uint8_t *keyb_data = 0; uint32_t keyb_size; enum vb2_signature_algorithm sig_alg; uint64_t vb1_algorithm; FILE *fp; int ret = 1; fp = fopen(infile, "rb"); if (!fp) { fprintf(stderr, "Unable to open %s\n", infile); goto done; } rsa_key = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); fclose(fp); if (!rsa_key) { fprintf(stderr, "Unable to read RSA key from %s\n", infile); goto done; } sig_alg = vb2_rsa_sig_alg(rsa_key); if (sig_alg == VB2_SIG_INVALID) { fprintf(stderr, "Unsupported sig algorithm in RSA key\n"); goto done; } /* combine the sig_alg with the hash_alg to get the vb1 algorithm */ vb1_algorithm = (sig_alg - VB2_SIG_RSA1024) * 3 + opt_hash_alg - VB2_HASH_SHA1; /* Create the private key */ privkey = (VbPrivateKey *)malloc(sizeof(VbPrivateKey)); if (!privkey) goto done; privkey->rsa_private_key = rsa_key; privkey->algorithm = vb1_algorithm; /* Write it out */ strcpy(outext, ".vbprivk"); if (0 != PrivateKeyWrite(outfile, privkey)) { fprintf(stderr, "unable to write private key\n"); goto done; } fprintf(stderr, "wrote %s\n", outfile); /* Create the public key */ ret = vb_keyb_from_rsa(rsa_key, &keyb_data, &keyb_size); if (ret) { fprintf(stderr, "couldn't extract the public key\n"); goto done; } pubkey = PublicKeyAlloc(keyb_size, vb1_algorithm, opt_version); if (!pubkey) goto done; memcpy(GetPublicKeyData(pubkey), keyb_data, keyb_size); /* Write it out */ strcpy(outext, ".vbpubk"); if (0 != PublicKeyWrite(outfile, pubkey)) { fprintf(stderr, "unable to write public key\n"); goto done; } fprintf(stderr, "wrote %s\n", outfile); ret = 0; done: free(privkey); free(pubkey); free(keyb_data); RSA_free(rsa_key); return ret; }