Android AVB 之 AvbVBMetaImageHeader
external/avb/libavb/avb_vbmeta_image.h
struct AvbVBMetaImageHeader:
/* Binary format for header of the vbmeta image. * * The vbmeta image consists of three blocks: * * +-----------------------------------------+ * | Header data - fixed size | * +-----------------------------------------+ * | Authentication data - variable size | * +-----------------------------------------+ * | Auxiliary data - variable size | * +-----------------------------------------+ * * The "Header data" block is described by this struct and is always * |AVB_VBMETA_IMAGE_HEADER_SIZE| bytes long.//#define AVB_VBMETA_IMAGE_HEADER_SIZE 256 * * The "Authentication data" block is |authentication_data_block_size| * bytes long and contains the hash and signature used to authenticate * the vbmeta image. The type of the hash and signature is defined by * the |algorithm_type| field. * * The "Auxiliary data" is |auxiliary_data_block_size| bytes long and * contains the auxiliary data including the public key used to make * the signature and descriptors. * * The public key is at offset |public_key_offset| with size * |public_key_size| in this block. The size of the public key data is * defined by the |algorithm_type| field. The format of the public key * data is described in the |AvbRSAPublicKeyHeader| struct. * * The descriptors starts at |descriptors_offset| from the beginning * of the "Auxiliary Data" block and take up |descriptors_size| * bytes. Each descriptor is stored as a |AvbDescriptor| with tag and * number of bytes following. The number of descriptors can be * determined by walking this data until |descriptors_size| is * exhausted. * * The size of each of the "Authentication data" and "Auxiliary data" * blocks must be divisible by 64. This is to ensure proper alignment. * * Descriptors are free-form blocks stored in a part of the vbmeta * image subject to the same integrity checks as the rest of the * image. See the documentation for |AvbDescriptor| for well-known * descriptors. See avb_descriptor_foreach() for a convenience * function to iterate over descriptors. * * This struct is versioned, see the |required_libavb_version_major| * and |required_libavb_version_minor| fields. This represents the * minimum version of libavb required to verify the header and depends * on the features (e.g. algorithms, descriptors) used. Note that this * may be 1.0 even if generated by an avbtool from 1.4 but where no * features introduced after 1.0 has been used. See the "Versioning * and compatibility" section in the README.md file for more details. * * All fields are stored in network byte order when serialized. To * generate a copy with fields swapped to native byte order, use the * function avb_vbmeta_image_header_to_host_byte_order(). * * Before reading and/or using any of this data, you MUST verify it * using avb_vbmeta_image_verify() and reject it unless it's signed by * a known good public key. */ typedef struct AvbVBMetaImageHeader { /* 0: Four bytes equal to "AVB0" (AVB_MAGIC). */ uint8_t magic[AVB_MAGIC_LEN]; /* 4: The major version of libavb required for this header. */ uint32_t required_libavb_version_major; /* 8: The minor version of libavb required for this header. */ uint32_t required_libavb_version_minor; /* 12: The size of the signature block. */ uint64_t authentication_data_block_size; /* 20: The size of the auxiliary data block. */ uint64_t auxiliary_data_block_size; /* 28: The verification algorithm used, see |AvbAlgorithmType| enum. */ uint32_t algorithm_type; /* 32: Offset into the "Authentication data" block of hash data. */ uint64_t hash_offset; /* 40: Length of the hash data. */ uint64_t hash_size; /* 48: Offset into the "Authentication data" block of signature data. */ uint64_t signature_offset; /* 56: Length of the signature data. */ uint64_t signature_size; /* 64: Offset into the "Auxiliary data" block of public key data. */ uint64_t public_key_offset; /* 72: Length of the public key data. */ uint64_t public_key_size; /* 80: Offset into the "Auxiliary data" block of public key metadata. */ uint64_t public_key_metadata_offset; /* 88: Length of the public key metadata. Must be set to zero if there * is no public key metadata. */ uint64_t public_key_metadata_size; /* 96: Offset into the "Auxiliary data" block of descriptor data. */ uint64_t descriptors_offset; /* 104: Length of descriptor data. */ uint64_t descriptors_size; /* 112: The rollback index which can be used to prevent rollback to * older versions. */ uint64_t rollback_index; /* 120: Flags from the AvbVBMetaImageFlags enumeration. This must be * set to zero if the vbmeta image is not a top-level image. */ uint32_t flags; /* 124: Reserved to ensure |release_string| start on a 16-byte * boundary. Must be set to zeroes. */ uint8_t reserved0[4]; /* 128: The release string from avbtool, e.g. "avbtool 1.0.0" or * "avbtool 1.0.0 xyz_board Git-234abde89". Is guaranteed to be NUL * terminated. Applications must not make assumptions about how this * string is formatted. */ uint8_t release_string[AVB_RELEASE_STRING_SIZE]; /* 176: Padding to ensure struct is size AVB_VBMETA_IMAGE_HEADER_SIZE * bytes. This must be set to zeroes. */ uint8_t reserved[80]; } AVB_ATTR_PACKED AvbVBMetaImageHeader;
细节说明如下表,其中:
-
Header data – fixed size (256 bytes),下表中是整个header的构成,理论上整张表格都应该蓝色标注,但为了区分Authentication和Auxiliary的关键数据,所以单独拎出来了
-
Authentication data – variable size,下表中红色字体部分,是Authentication相关的一些数据,比如在vbmeta中,Authentication的offset就是从头开始偏移256个字节,总长度是header中解析出来的Authentication data block size
-
Auxiliary data – variable size,同上,绿色部分是Auxiliary相关的一些数据,仅仅是为了语义上的区分,Auxiliary数据在vbmeta的最后一块,其起始地址是头+256偏移+Authentication data block size,总长度是Auxiliary data block size
示例:
给个详细例子如下(vbmeta.img的二进制显示,前256个字节即为AvbVBMetaImageHeader):
数据描述:
| offset | size(bytes) | data | 注释 | 部分关键校验过程 |
| 0 | 4 | Magic |
Four bytes equal to "AVB0"
|
确认是否是AVB0 |
| 4 | 4 |
Major version |
The major version of libavb
|
|
| 8 | 4 |
Minor version |
The minor version of libavb
|
|
| 12 | 8 | Authentication data block size |
The size of the signature block
|
|
| 20 | 8 | Auxiliary data block size |
The size of the auxiliary data block
|
|
| 28 | 4 | Algorithm |
The verification algorithm used
|
|
| 32 | 8 | Hash offset |
Offset into the "Authentication data"
|
avb_vbmeta_image.c中avb_vbmeta_image_verify()函数 avb_sha256_init(&sha256_ctx); 计算header+auxiliary部分的hash值,与vbmeta中保存的hash值做比较 if (avb_safe_memcmp(authentication_block + h.hash_offset, |
| 40 | 8 | Hash size |
Length of the hash data.
|
|
| 48 | 8 |
Signature offset |
Offset into the "Authentication data"
|
|
| 56 | 8 | Signature size |
Length of the signature data.
|
|
| 64 | 8 | Public key offset |
Offset into the "Auxiliary data"
|
avb_vbmeta_image.c中avb_vbmeta_image_verify()函数 /*Verify a RSA PKCS1.5 signature against an expected hash*/ verification_result = avb_rsa_verify中RSA校验hash通过之后,获取oem public key if (out_public_key_data != NULL) { 获取到的oem public key跟OEMPublicKey.h中存储的public key相比较,相同则vbmeta可信 |
| 72 | 8 | Public key size |
Length of the public key data.
|
|
| 80 | 8 | Public key metadata offset |
Offset into the "Auxiliary data"
|
|
| 88 | 8 | Public key metadata size |
Length of the public key metadata. Must be set to zero if there is |
|
| 96 | 8 | Descriptors offset |
Offset into the "Auxiliary data"
|
|
| 104 | 8 | Descriptors size |
Length of descriptor data.
|
|
| 112 | 8 | Rollback index |
The rollback index which can be used to
|
|
| 120 | 4 | Flags |
Flags from the AvbVBMetaImageFlags enumeration. This must be set to zero if the vbmeta |
|
| 124 | 4 | Reserved |
Reserved to ensure |release_string| |
|
| 128 | 48 |
Release strings |
The release string from avbtool.
Is guaranteed to be NUL terminated
|
|
| 176 | 80 | Reserved |
Padding to ensure struct is size |
