1 /* Copyright 2010 The ChromiumOS Authors
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 */
5
6 /* Routines for verifying a file's signature. Useful in testing the core
7 * RSA verification implementation.
8 */
9
10 #include <fcntl.h>
11 #include <stdio.h>
12 #include <stdlib.h>
13 #include <string.h>
14 #include <sys/stat.h>
15 #include <sys/types.h>
16 #include <unistd.h>
17
18 #include "2common.h"
19 #include "2rsa.h"
20 #include "2sha.h"
21 #include "2sysincludes.h"
22 #include "file_keys.h"
23 #include "host_common.h"
24
25 /* ANSI Color coding sequences. */
26 #define COL_GREEN "\e[1;32m"
27 #define COL_RED "\e[0;31m"
28 #define COL_STOP "\e[m"
29
main(int argc,char * argv[])30 int main(int argc, char* argv[])
31 {
32 uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]
33 __attribute__((aligned(VB2_WORKBUF_ALIGN)));
34 struct vb2_workbuf wb;
35 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
36
37 int return_code = 1; /* Default to error. */
38 uint8_t digest[VB2_MAX_DIGEST_SIZE];
39 struct vb2_packed_key *pk = NULL;
40 uint8_t *signature = NULL;
41 uint32_t sig_len = 0;
42
43 if (argc != 5) {
44 int i;
45 fprintf(stderr,
46 "Usage: %s <algorithm> <key file> <signature file>"
47 " <input file>\n\n", argv[0]);
48 fprintf(stderr,
49 "where <algorithm> depends on the signature algorithm"
50 " used:\n");
51 for (i = 0; i < VB2_ALG_COUNT; i++)
52 fprintf(stderr, "\t%d for %s\n", i,
53 vb2_get_crypto_algorithm_name(i));
54 return -1;
55 }
56
57 int algorithm = atoi(argv[1]);
58 if (algorithm >= VB2_ALG_COUNT) {
59 fprintf(stderr, "Invalid algorithm %d\n", algorithm);
60 goto error;
61 }
62
63 pk = vb2_read_packed_keyb(argv[2], algorithm, 0);
64 if (!pk) {
65 fprintf(stderr, "Can't read RSA public key.\n");
66 goto error;
67 }
68
69 struct vb2_public_key k2;
70 if (VB2_SUCCESS != vb2_unpack_key(&k2, pk)) {
71 fprintf(stderr, "Can't unpack RSA public key.\n");
72 goto error;
73 }
74
75 if (VB2_SUCCESS != vb2_read_file(argv[3], &signature, &sig_len)) {
76 fprintf(stderr, "Can't read signature.\n");
77 goto error;
78 }
79
80 uint32_t expect_sig_size =
81 vb2_rsa_sig_size(vb2_crypto_to_signature(algorithm));
82 if (sig_len != expect_sig_size) {
83 fprintf(stderr, "Expected signature size %u, got %u\n",
84 expect_sig_size, sig_len);
85 goto error;
86 }
87
88 if (VB2_SUCCESS != DigestFile(argv[4], vb2_crypto_to_hash(algorithm),
89 digest, sizeof(digest))) {
90 fprintf(stderr, "Error calculating digest.\n");
91 goto error;
92 }
93
94 if (VB2_SUCCESS == vb2_rsa_verify_digest(&k2, signature, digest, &wb)) {
95 return_code = 0;
96 fprintf(stderr, "Signature Verification "
97 COL_GREEN "SUCCEEDED" COL_STOP "\n");
98 } else {
99 fprintf(stderr, "Signature Verification "
100 COL_RED "FAILED" COL_STOP "\n");
101 }
102
103 error:
104 if (pk)
105 free(pk);
106 if (signature)
107 free(signature);
108
109 return return_code;
110 }
111