diff options
| author | Kangheui Won <khwon@chromium.org> | 2020-08-19 19:29:20 +1000 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2020-08-20 23:39:44 +0000 |
| commit | d641f8d74688290f4c7185c042b6973032ce2f37 (patch) | |
| tree | 8dd90ba4003ba8ece554fe2c43b26d0168d737d2 | |
| parent | 3932b1c8729e9bfac918da50224d06adae73fde0 (diff) | |
| download | vboot-factory-zork-13427.B.tar.gz | |
vboot2: Add prototype for hwcrypto RSAfactory-zork-13427.B
Introduce new prototype for HW RSA accleration. This is not used
on anywhere yet but will unblock coreboot work to support HW RSA.
BRANCH=none
BUG=b:163710320, b:161205813
TEST=make runtests; emerge-zork coreboot depthcharge
Change-Id: Ic4b93f32410efdd06bd012efe58749b6ef0692c6
Signed-off-by: Kangheui Won <khwon@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2364338
Reviewed-by: Julius Werner <jwerner@chromium.org>
| -rw-r--r-- | firmware/2lib/2stub.c | 7 | ||||
| -rw-r--r-- | firmware/2lib/include/2api.h | 14 | ||||
| -rw-r--r-- | firmware/2lib/include/2rsa.h | 1 |
3 files changed, 21 insertions, 1 deletions
diff --git a/firmware/2lib/2stub.c b/firmware/2lib/2stub.c index c4b9bdf3..fc539fe9 100644 --- a/firmware/2lib/2stub.c +++ b/firmware/2lib/2stub.c @@ -61,6 +61,13 @@ vb2_error_t vb2ex_hwcrypto_digest_finalize(uint8_t *digest, } __attribute__((weak)) +vb2_error_t vb2ex_hwcrypto_rsa_verify_digest(const struct vb2_public_key *key, + const uint8_t *sig, const uint8_t *digest) +{ + return VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED; +} + +__attribute__((weak)) vb2_error_t vb2ex_tpm_set_mode(enum vb2_tpm_mode mode_val) { fprintf(stderr, "%s: function not implemented\n", __func__); diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index c6d99bdf..c2f636e8 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -26,6 +26,7 @@ #include "2id.h" #include "2recovery_reasons.h" #include "2return_codes.h" +#include "2rsa.h" #include "2secdata_struct.h" #define _VB2_TRY_IMPL(expr, ctx, recovery_reason, ...) do { \ @@ -952,6 +953,19 @@ vb2_error_t vb2ex_hwcrypto_digest_extend(const uint8_t *buf, uint32_t size); vb2_error_t vb2ex_hwcrypto_digest_finalize(uint8_t *digest, uint32_t digest_size); +/** + * Verify a RSA PKCS1.5 signature in hardware crypto engine + * against an expected hash digest. + * + * @param key Key to use in signature verification + * @param sig Signature to verify (destroyed in process) + * @param digest Digest of signed data + * @return VB2_SUCCESS, or non-zero error code (HWCRYPTO_UNSUPPORTED not fatal). + */ +vb2_error_t vb2ex_hwcrypto_rsa_verify_digest(const struct vb2_public_key *key, + const uint8_t *sig, + const uint8_t *digest); + /* * Abort vboot flow due to a failed assertion or broken assumption. * diff --git a/firmware/2lib/include/2rsa.h b/firmware/2lib/include/2rsa.h index 0d0bf2aa..4b1febc4 100644 --- a/firmware/2lib/include/2rsa.h +++ b/firmware/2lib/include/2rsa.h @@ -8,7 +8,6 @@ #include "2crypto.h" #include "2return_codes.h" -#include "2struct.h" struct vb2_workbuf; |