We do whole-file reads in a few places, so unify to a fileio_read_file()
function.
To do this, we change the type of struct image->buf to a uint8_t *.
Where we do pointer manipulation on the image buffer, we need a
temporary void * variable.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
Rather than duplicating the key & certificate loading in each tool,
unify it in a fileio object.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
We're using OpenSSL, so need to grant binary distrbutors permission to
link with it.
Cleared with current contributors.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
The sbsign tools appear to assume that WIN_CERTIFICATE.dwLength is the
length of the signature. It's not, it's the length of the signature
plus the length of the WIN_CERTIFICATE header. UEFI Version 2.3.1,
Errata A explicitly states this in section 27.2.5 (Code Definitions).
I found this because I've been playing around with the tianocore secure
boot UEFI images and I couldn't get efi binaries signed with your tools
to verify. When you apply the fix, I've got the binaries to verify (at
least with X509 KEK signatures).
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
Rather than requiring an explicit image_pecoff_parse, do it
unconditionally in image_load. We don't have any instances where we need
to do this separately.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
Currently, sbverify will segfault when it can't load an image file, as
the image is used unconditionally. This change adds a check to ensure we
continue with a valid image pointer.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
The optstrings for sbsign and sbverify are out of sync with the long
options, this change brings them up to date.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
We'd like to read detached signatures too, so split the
signature-buffer-reading code into a separate function.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
Update the usage output of sbsign and sbverify so that it can be better
parsed by help2man. Also, add --version and --help.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
Add an option (--cert <file>) to specify a root certificate (or
certificates) to use as a trusted CA.
Verification can be disabled with --no-verify.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
Extract the IDC-parsing code from IDC_check_hash, and use it to
initialise a BIO. This BIO can then be used to perform the PKCS7
verification.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
Add a check to match the calculated image's hash against the one found
in the PKCS7 IndirectDataContext
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
GPLv3; the sources include parts of binutils, include parts of ccan,
and have been partially based of osslsigntool.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
