112 lines
2.7 KiB
C
112 lines
2.7 KiB
C
/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
|
|
* Use of this source code is governed by a BSD-style license that can be
|
|
* found in the LICENSE file.
|
|
*/
|
|
|
|
/* Routines for verifying a file's signature. Useful in testing the core
|
|
* RSA verification implementation.
|
|
*/
|
|
|
|
#include <fcntl.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <sys/stat.h>
|
|
#include <sys/types.h>
|
|
#include <unistd.h>
|
|
|
|
#include "2common.h"
|
|
#include "2rsa.h"
|
|
#include "2sha.h"
|
|
#include "2sysincludes.h"
|
|
#include "file_keys.h"
|
|
#include "host_common.h"
|
|
#include "vb2_common.h"
|
|
|
|
/* ANSI Color coding sequences. */
|
|
#define COL_GREEN "\e[1;32m"
|
|
#define COL_RED "\e[0;31m"
|
|
#define COL_STOP "\e[m"
|
|
|
|
int main(int argc, char* argv[])
|
|
{
|
|
uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]
|
|
__attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
|
|
struct vb2_workbuf wb;
|
|
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
|
|
|
|
int return_code = 1; /* Default to error. */
|
|
uint8_t digest[VB2_MAX_DIGEST_SIZE];
|
|
struct vb2_packed_key *pk = NULL;
|
|
uint8_t *signature = NULL;
|
|
uint32_t sig_len = 0;
|
|
|
|
if (argc != 5) {
|
|
int i;
|
|
fprintf(stderr,
|
|
"Usage: %s <algorithm> <key file> <signature file>"
|
|
" <input file>\n\n", argv[0]);
|
|
fprintf(stderr,
|
|
"where <algorithm> depends on the signature algorithm"
|
|
" used:\n");
|
|
for(i = 0; i < VB2_ALG_COUNT; i++)
|
|
fprintf(stderr, "\t%d for %s\n", i,
|
|
vb2_get_crypto_algorithm_name(i));
|
|
return -1;
|
|
}
|
|
|
|
int algorithm = atoi(argv[1]);
|
|
if (algorithm >= VB2_ALG_COUNT) {
|
|
fprintf(stderr, "Invalid algorithm %d\n", algorithm);
|
|
goto error;
|
|
}
|
|
|
|
pk = vb2_read_packed_keyb(argv[2], algorithm, 0);
|
|
if (!pk) {
|
|
fprintf(stderr, "Can't read RSA public key.\n");
|
|
goto error;
|
|
}
|
|
|
|
struct vb2_public_key k2;
|
|
if (VB2_SUCCESS != vb2_unpack_key(&k2, pk)) {
|
|
fprintf(stderr, "Can't unpack RSA public key.\n");
|
|
goto error;
|
|
}
|
|
|
|
if (VB2_SUCCESS != vb2_read_file(argv[3], &signature, &sig_len)) {
|
|
fprintf(stderr, "Can't read signature.\n");
|
|
goto error;
|
|
}
|
|
|
|
uint32_t expect_sig_size =
|
|
vb2_rsa_sig_size(vb2_crypto_to_signature(algorithm));
|
|
if (sig_len != expect_sig_size) {
|
|
fprintf(stderr, "Expected signature size %u, got %u\n",
|
|
expect_sig_size, sig_len);
|
|
goto error;
|
|
}
|
|
|
|
if (VB2_SUCCESS != DigestFile(argv[4], vb2_crypto_to_hash(algorithm),
|
|
digest, sizeof(digest))) {
|
|
fprintf(stderr, "Error calculating digest.\n");
|
|
goto error;
|
|
}
|
|
|
|
if (VB2_SUCCESS == vb2_rsa_verify_digest(&k2, signature, digest, &wb)) {
|
|
return_code = 0;
|
|
fprintf(stderr, "Signature Verification "
|
|
COL_GREEN "SUCCEEDED" COL_STOP "\n");
|
|
} else {
|
|
fprintf(stderr, "Signature Verification "
|
|
COL_RED "FAILED" COL_STOP "\n");
|
|
}
|
|
|
|
error:
|
|
if (pk)
|
|
free(pk);
|
|
if (signature)
|
|
free(signature);
|
|
|
|
return return_code;
|
|
}
|