mirror of
https://github.com/acidanthera/OpenCorePkg.git
synced 2025-12-08 19:25:01 +00:00
35bcb134f1
Fix operation of `sign.command` when printable characters occur immediately before `=BEGIN OC VAULT=`. `strings` finds the location of the first printable character in such a sequence. `hexdump` automatically works on 16 byte boundaries, so still finds the correct offset. Use `BASE_ALIGNAS` to enforce the required alignment, which will not be correct on all builds unless enforced (note alignment is required purely for locating the structure correctly from external script as above, not for reading in C). Remove struct packing, since structs had better be naturally packed anyway (if not, reading from them without arbitrary-alignment-safe code, as we do, would be undefined behaviour). Add static asserts to confirm expected size as required by `sign.command`. Update the docs to refer to `sign.command` rather than to include the signing commands explicitly - otherwise we have two places that need to be kept in sync for signing commands, and note that the commands in the two places were already out of sync. Signed-off-by: Mike Beaton <mjsbeaton@gmail.com>
71 lines
1.8 KiB
C
71 lines
1.8 KiB
C
/** @file
|
|
OpenCore driver.
|
|
|
|
Copyright (c) 2019, vit9696. All rights reserved.<BR>
|
|
This program and the accompanying materials
|
|
are licensed and made available under the terms and conditions of the BSD License
|
|
which accompanies this distribution. The full text of the license may be found at
|
|
http://opensource.org/licenses/bsd-license.php
|
|
|
|
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
|
|
**/
|
|
|
|
#include <Library/OcMainLib.h>
|
|
|
|
typedef struct {
|
|
OC_RSA_PUBLIC_KEY_HDR Hdr;
|
|
UINT64 Data[(2 * (2048 / OC_CHAR_BIT)) / sizeof (UINT64)];
|
|
} OC_RSA_PUBLIC_KEY_2048;
|
|
|
|
typedef struct {
|
|
CHAR8 StartMagic[16];
|
|
OC_RSA_PUBLIC_KEY_2048 VaultKey;
|
|
CHAR8 EndMagic[16];
|
|
} OC_BUILTIN_VAULT_KEY;
|
|
|
|
BASE_ALIGNAS (16)
|
|
STATIC
|
|
OC_BUILTIN_VAULT_KEY
|
|
mOpenCoreVaultKey = {
|
|
.StartMagic = { '=', 'B', 'E', 'G', 'I', 'N', ' ', 'O', 'C', ' ', 'V', 'A', 'U', 'L', 'T', '=' },
|
|
.EndMagic = { '=', '=', 'E', 'N', 'D', ' ', 'O', 'C', ' ', 'V', 'A', 'U', 'L', 'T', '=', '=' }
|
|
};
|
|
|
|
OC_RSA_PUBLIC_KEY *
|
|
OcGetVaultKey (
|
|
VOID
|
|
)
|
|
{
|
|
UINT32 Index;
|
|
BOOLEAN AllZero;
|
|
|
|
STATIC_ASSERT (
|
|
sizeof (OC_RSA_PUBLIC_KEY_2048) == 528,
|
|
"sizeof(OC_RSA_PUBLIC_KEY_2048)"
|
|
);
|
|
STATIC_ASSERT (
|
|
sizeof (OC_BUILTIN_VAULT_KEY) == sizeof (OC_RSA_PUBLIC_KEY_2048) + 32,
|
|
"sizeof(OC_BUILTIN_VAULT_KEY)"
|
|
);
|
|
|
|
//
|
|
// TODO: Perhaps try to get the key from firmware too?
|
|
//
|
|
|
|
AllZero = TRUE;
|
|
for (Index = 0; Index < sizeof (OC_RSA_PUBLIC_KEY); ++Index) {
|
|
if (((UINT8 *)&mOpenCoreVaultKey.VaultKey)[Index] != 0) {
|
|
AllZero = FALSE;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (!AllZero) {
|
|
return (OC_RSA_PUBLIC_KEY *)&mOpenCoreVaultKey.VaultKey;
|
|
}
|
|
|
|
return NULL;
|
|
}
|