1 /* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
2  * Use of this source code is governed by a BSD-style license that can be
3  * found in the LICENSE file.
4  *
5  * Host functions for keyblocks
6  */
7 
8 #include "2sysincludes.h"
9 #include "2common.h"
10 #include "2rsa.h"
11 #include "vb2_common.h"
12 #include "host_common.h"
13 #include "host_key2.h"
14 #include "host_keyblock2.h"
15 #include "host_misc.h"
16 #include "host_signature2.h"
17 
vb2_keyblock_create(struct vb2_keyblock ** kb_ptr,const struct vb2_public_key * data_key,const struct vb2_private_key ** signing_keys,uint32_t signing_key_count,uint32_t flags,const char * desc)18 int vb2_keyblock_create(struct vb2_keyblock **kb_ptr,
19 			const struct vb2_public_key *data_key,
20 			const struct vb2_private_key **signing_keys,
21 			uint32_t signing_key_count,
22 			uint32_t flags,
23 			const char *desc)
24 {
25 	struct vb2_keyblock kb = {
26 		.c.magic = VB2_MAGIC_KEYBLOCK,
27 		.c.struct_version_major = VB2_KEYBLOCK_VERSION_MAJOR,
28 		.c.struct_version_minor = VB2_KEYBLOCK_VERSION_MAJOR,
29 		.c.fixed_size = sizeof(kb),
30 		.flags = flags,
31 		.sig_count = signing_key_count,
32 	};
33 
34 	struct vb2_packed_key *key = NULL;
35 	uint32_t sig_size;
36 	uint8_t *buf;
37 
38 	*kb_ptr = NULL;
39 
40 	/* Determine component sizes */
41 	if (!desc)
42 		desc = data_key->desc;
43 	kb.c.desc_size = vb2_desc_size(desc);
44 	kb.key_offset = kb.c.fixed_size + kb.c.desc_size;
45 
46 	if (vb2_sig_size_for_keys(&sig_size, signing_keys, signing_key_count))
47 		return VB2_KEYBLOCK_CREATE_SIG_SIZE;
48 
49 	if (vb2_public_key_pack(&key, data_key))
50 		return VB2_KEYBLOCK_CREATE_DATA_KEY;
51 
52 	kb.sig_offset = kb.key_offset + key->c.total_size;
53 	kb.c.total_size = kb.sig_offset + sig_size;
54 
55 	/* Allocate buffer and copy header and data key */
56 	buf = calloc(1, kb.c.total_size);
57 	if (!buf) {
58 		free(key);
59 		return VB2_KEYBLOCK_CREATE_ALLOC;
60 	}
61 
62 	memcpy(buf, &kb, sizeof(kb));
63 	if (kb.c.desc_size)
64 		strcpy((char *)buf + kb.c.fixed_size, desc);
65 	memcpy(buf + kb.key_offset, key, key->c.total_size);
66 	free(key);
67 
68 	/* Sign the keyblock */
69 	if (vb2_sign_object_multiple(buf, kb.sig_offset, signing_keys,
70 				     signing_key_count)) {
71 		free(buf);
72 		return VB2_KEYBLOCK_CREATE_SIGN;
73 	}
74 
75 	*kb_ptr = (struct vb2_keyblock *)buf;
76 	return VB2_SUCCESS;
77 }
78