vb21: load private key before signing

When we load the private key, it calls out to PKCS11 and sets up the
modulus and ID of the key. Make sure to do that before signing data, so
that PKCS11 keys have the ID copied into the signature block.

BUG=b:413430417
BRANCH=None
TEST=manual
TEST=make runtests

Change-Id: Iba05e451827aecb706fb433a3e03c413955c144e
Signed-off-by: Benjamin Shai <[email protected]>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/6489297
Reviewed-by: Jakub "Kuba" Czapiga <[email protected]>
Commit-Queue: Jakub "Kuba" Czapiga <[email protected]>
Tested-by: Jakub "Kuba" Czapiga <[email protected]>

Author: Benjamin Shai

host/lib21/host_signature.c

@@ -6,6 +6,7 @@
  */
 
 #include <openssl/rsa.h>
+#include <unistd.h>
 
 #include "2common.h"
 #include "2rsa.h"
@@ -17,6 +18,7 @@
 #include "host_misc.h"
 #include "host_p11.h"
 #include "host_signature21.h"
+#include "util_misc.h"
 
 vb2_error_t vb2_digest_info(enum vb2_hash_algorithm hash_alg,
 			    const uint8_t **buf_ptr, uint32_t *size_ptr)
@@ -69,9 +71,26 @@ vb2_error_t vb2_digest_info(enum vb2_hash_algorithm hash_alg,
 }
 
 vb2_error_t vb21_sign_data(struct vb21_signature **sig_ptr, const uint8_t *data,
-			   uint32_t size, const struct vb2_private_key *key,
+			   uint32_t size, struct vb2_private_key *key,
 			   const char *desc)
 {
+	/* Preinitialize these fields used in the error handling. */
+	vb2_error_t rv;
+	*sig_ptr = NULL;
+	uint8_t *sig_digest = NULL;
+
+	if (key->key_location == PRIVATE_KEY_P11) {
+		/* Load keyb from the key to force PKCS11 fields to initialize. */
+		uint8_t *keyb_data;
+		uint32_t keyb_size;
+		if (vb_keyb_from_private_key(key, &keyb_data, &keyb_size)) {
+			fprintf(stderr, "Couldn't extract the public key\n");
+			rv = VB2_ERROR_UNKNOWN;
+			goto done;
+		}
+		free(keyb_data);
+	}
+
 	struct vb21_signature s = {
 		.c.magic = VB21_MAGIC_SIGNATURE,
 		.c.struct_version_major = VB21_SIGNATURE_VERSION_MAJOR,
@@ -83,17 +102,13 @@ vb2_error_t vb21_sign_data(struct vb21_signature **sig_ptr, const uint8_t *data,
 		.id = key->id,
 	};
 
-	vb2_error_t rv;
 	struct vb2_digest_context dc;
 	uint32_t digest_size;
 	const uint8_t *info = NULL;
 	uint32_t info_size = 0;
 	uint32_t sig_digest_size;
-	uint8_t *sig_digest = NULL;
 	uint8_t *buf = NULL;
 
-	*sig_ptr = NULL;
-
 	/* Use key description if no description supplied */
 	if (!desc)
 		desc = key->desc;
@@ -230,7 +245,7 @@ vb2_error_t vb21_sig_size_for_keys(uint32_t *size_ptr,
 }
 
 vb2_error_t vb21_sign_object(uint8_t *buf, uint32_t sig_offset,
-			     const struct vb2_private_key *key,
+			     struct vb2_private_key *key,
 			     const char *desc)
 {
 	struct vb21_struct_common *c = (struct vb21_struct_common *)buf;
@@ -253,7 +268,7 @@ vb2_error_t vb21_sign_object(uint8_t *buf, uint32_t sig_offset,
 }
 
 vb2_error_t vb21_sign_object_multiple(uint8_t *buf, uint32_t sig_offset,
-				      const struct vb2_private_key **key_list,
+				      struct vb2_private_key **key_list,
 				      uint32_t key_count)
 {
 	struct vb21_struct_common *c = (struct vb21_struct_common *)buf;

host/lib21/include/host_signature21.h

@@ -37,7 +37,7 @@ vb2_error_t vb2_digest_info(enum vb2_hash_algorithm hash_alg,
  * @return VB2_SUCCESS, or non-zero error code on failure.
  */
 vb2_error_t vb21_sign_data(struct vb21_signature **sig_ptr, const uint8_t *data,
-			   uint32_t size, const struct vb2_private_key *key,
+			   uint32_t size, struct vb2_private_key *key,
 			   const char *desc);
 
 /**
@@ -76,7 +76,7 @@ vb2_error_t vb21_sig_size_for_keys(uint32_t *size_ptr,
  * @param desc		If non-null, description to use for signature
  */
 vb2_error_t vb21_sign_object(uint8_t *buf, uint32_t sig_offset,
-			     const struct vb2_private_key *key,
+			     struct vb2_private_key *key,
 			     const char *desc);
 
 /**
@@ -90,7 +90,7 @@ vb2_error_t vb21_sign_object(uint8_t *buf, uint32_t sig_offset,
  * @param key_count	Number of keys in list
  */
 vb2_error_t vb21_sign_object_multiple(uint8_t *buf, uint32_t sig_offset,
-				      const struct vb2_private_key **key_list,
+				      struct vb2_private_key **key_list,
 				      uint32_t key_count);
 
 #endif  /* VBOOT_REFERENCE_HOST_SIGNATURE2_H_ */

tests/vb21_host_common_tests.c

@@ -207,15 +207,15 @@ static void test_sig_size(void)
 static void test_verify_hash(void)
 {
 	struct vb21_signature *sig;
-	const struct vb2_private_key *prik;
+	struct vb2_private_key *prik;
 	struct vb2_public_key pubk;
 	uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]
 		 __attribute__((aligned(VB2_WORKBUF_ALIGN)));
 	struct vb2_workbuf wb;
 
 	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
 
-	TEST_SUCC(vb2_private_key_hash(&prik, VB2_HASH_SHA256),
+	TEST_SUCC(vb2_private_key_hash((const struct vb2_private_key **)&prik, VB2_HASH_SHA256),
 		  "create private hash key");
 	TEST_SUCC(vb2_public_key_hash(&pubk, VB2_HASH_SHA256),
 		  "create hash key");

tests/vb21_host_sig_tests.c

@@ -40,8 +40,7 @@ static void sig_tests(const struct alg_combo *combo,
 		      const char *pemfile,
 		      const char *keybfile)
 {
-	struct vb2_private_key *prik, prik2;
-	const struct vb2_private_key *prihash, *priks[2];
+	struct vb2_private_key *prik, prik2, *prihash, *priks[2];
 	struct vb2_public_key *pubk, pubhash;
 	struct vb21_signature *sig, *sig2;
 	uint32_t size;
@@ -70,7 +69,8 @@ static void sig_tests(const struct alg_combo *combo,
 	pubk->hash_alg = combo->hash_alg;
 	vb2_public_key_set_desc(pubk, test_desc);
 
-	TEST_SUCC(vb2_private_key_hash(&prihash, combo->hash_alg),
+	TEST_SUCC(vb2_private_key_hash((const struct vb2_private_key **)&prihash,
+				       combo->hash_alg),
 		  "Private hash key");
 	TEST_SUCC(vb2_public_key_hash(&pubhash, combo->hash_alg),
 		  "Public hash key");
@@ -134,7 +134,8 @@ static void sig_tests(const struct alg_combo *combo,
 	free(buf);
 
 	/* Multiply sign an object */
-	TEST_SUCC(vb21_sig_size_for_keys(&size, priks, 2), "Sigs size");
+	TEST_SUCC(vb21_sig_size_for_keys(&size, (const struct vb2_private_key **)priks, 2),
+		  "Sigs size");
 	bufsize = c_sig_offs + size;
 	buf = calloc(1, bufsize);
 	memset(buf + sizeof(*c), 0x12, 24);