diff options
| author | Randall Spangler <rspangler@chromium.org> | 2014-10-31 11:38:14 -0700 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-10-31 22:32:42 +0000 |
| commit | cc7cddb39c118780439f86613924257d56476078 (patch) | |
| tree | 291d57030eb721a6a70c15308c3e004103a0e5d9 | |
| parent | 5ce8325f4ac4662d0daef63878c85462a8e59ff4 (diff) | |
| download | vboot-cc7cddb39c118780439f86613924257d56476078.tar.gz | |
vboot2: Add GUIDs for VB2_SIG_NONE signature types
Signatures with VB2_SIG_NONE are unsigned hashes. To make it easier
to locate these signatures in the keyblock's list of signatures,
define GUIDs for them.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I5bf9424107d7703b1a191b1bdf02954192ffc583
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/226813
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
| -rw-r--r-- | firmware/2lib/include/2struct.h | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/firmware/2lib/include/2struct.h b/firmware/2lib/include/2struct.h index 12e6e0b8..d1ee925e 100644 --- a/firmware/2lib/include/2struct.h +++ b/firmware/2lib/include/2struct.h @@ -32,6 +32,17 @@ struct vb2_guid { #define EXPECTED_GUID_SIZE GUID_SIZE +/* Key GUIDs to use for VB2_SIG_NONE and hash algorithms */ + +#define VB2_GUID_NONE_SHA1 \ + {{{0xcfb5687a,0x6092,0x11e4,0x96,0xe1,{0x8f,0x3b,0x1a,0x60,0xa2,0x1d}}}} + +#define VB2_GUID_NONE_SHA256 \ + {{{0x0e4114e0,0x6093,0x11e4,0x9d,0xcb,{0x8f,0x8a,0xf4,0xca,0x2e,0x32}}}} + +#define VB2_GUID_NONE_SHA512 \ + {{{0x1c695960,0x6093,0x11e4,0x82,0x63,{0xdb,0xee,0xe9,0x3c,0xcd,0x7e}}}} + /****************************************************************************/ /* * Vboot1-compatible data structures @@ -298,7 +309,10 @@ enum vb2_signature_algorithm { /* Invalid or unsupported signature type */ VB2_SIG_INVALID = 0, - /* No signature algorithm. The digest is unsigned. */ + /* + * No signature algorithm. The digest is unsigned. See + * VB2_GUID_NONE_* above for key GUIDs to use with this algorithm. + */ VB2_SIG_NONE = 1, /* RSA algorithms of the given length in bits (1024-8192) */ @@ -391,8 +405,7 @@ struct vb2_signature2 { /* * GUID of key used to generate this signature. This allows the * firmware to quickly determine which signature block (if any) goes - * with the key being used by the firmware. If the algorithm is an - * unsigned hash, this guid will be all 0. + * with the key being used by the firmware. */ struct vb2_guid key_guid; |