commit 7c5d3b22407ee08f09bb4cc388f96d87f9b6a0d2
author Nicolas Boichat <drinkcat@google.com> Mon Feb 20 09:01:40 2017
committer chrome-bot <chrome-bot@chromium.org> Sat Feb 25 18:32:03 2017
tree e4f45e76fbe32120e6105a9dd511c245984f1a53
parent dec50797af68464ba85017e01b3f0dfc684d90cb

futility: rwsig: Add support for images with FMAP

If an FMAP is detected in the rwsig image file, use it
to determine the location of:
 - RW region
 - RW signature
 - public key in RO region

futility show uses that information to verify the signature,
and futility sign uses it is correctly resign the image,
and replace the public key a well.

This also adds tests for this use case. hammer_dev.bin sample
image uses huge RO public key and RW signature regions to make
sure all keys up to RSA-8192 can be used.

BRANCH=none
BUG=chrome-os-partner:62321
TEST=make -j
TEST=./build/futility/futility --debug show \
                    --pubkey hammer.vbpubk2 hammer.bin
TEST=./build/futility/futility --debug show hammer.bin
TEST=cp hammer.bin hammer.bin.orig
     ./build/futility/futility --debug sign \
       --prikey hammer.vbprik2 hammer.bin
     diff hammer.bin hammer.bin.orig => identical
TEST=openssl genrsa -3 -out hammer2.pem 2048
     futility create --desc="Hammer 2nd key" hammer2.pem \
       hammer2
     ./build/futility/futility --debug sign \
       --version 2 --prikey hammer2.vbprik2 hammer.bin
     These 2 commands succeed, but show different keys:
     ./build/futility/futility --debug show hammer.bin
     ./build/futility/futility --debug show hammer.bin.orig
TEST=make runtests

Change-Id: I2cebc421eaf97d1b92c9a58afc238d41487d0f6d
Reviewed-on: https://chromium-review.googlesource.com/445536
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>