summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaisuke Nojiri <dnojiri@chromium.org>2016-09-14 12:49:33 -0700
committerchrome-bot <chrome-bot@chromium.org>2016-10-01 00:01:09 -0700
commit01fb293825877edb83e8ddb9555733876f7556ea (patch)
tree3a0e60a4fc405f6775b0e86ec3c4e644560f46ec
parent31cf713244380d927b29bde7eb20f876e2bea580 (diff)
downloadvboot-01fb293825877edb83e8ddb9555733876f7556ea.tar.gz
bdb: Make bdb_verify accept null pointer for key digest
If key digest matching is not required (i.e. verify-bdb-key efuse flag is not set), bdb_verify skips digest matching. This change makes bdb_verify accept null pointer for the key digest parameter. BUG=chromium:649555 BRANCH=none TEST=make runtests Change-Id: I14e5bd02526684b7b7bca1e1701cf04056df83ea Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/385538 Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat
-rw-r--r--firmware/bdb/bdb.c6
-rw-r--r--firmware/bdb/bdb.h2
-rw-r--r--tests/bdb_test.c4
3 files changed, 10 insertions, 2 deletions
diff --git a/firmware/bdb/bdb.c b/firmware/bdb/bdb.c
index 663b43ff..4ebf7936 100644
--- a/firmware/bdb/bdb.c
+++ b/firmware/bdb/bdb.c
@@ -318,7 +318,7 @@ int bdb_verify(const void *buf, size_t size, const uint8_t *bdb_key_digest)
const struct bdb_data *data;
const void *oem;
uint8_t digest[BDB_SHA256_DIGEST_SIZE];
- int bdb_digest_mismatch;
+ int bdb_digest_mismatch = -1;
/* Make sure buffer doesn't wrap around address space */
if (end < (const uint8_t *)buf)
@@ -342,7 +342,9 @@ int bdb_verify(const void *buf, size_t size, const uint8_t *bdb_key_digest)
VB2_HASH_SHA256, digest, BDB_SHA256_DIGEST_SIZE))
return BDB_ERROR_DIGEST;
- bdb_digest_mismatch = memcmp(digest, bdb_key_digest, sizeof(digest));
+ if (bdb_key_digest)
+ bdb_digest_mismatch = memcmp(digest,
+ bdb_key_digest, sizeof(digest));
/* Make sure OEM area 0 fits */
oem = bdb_get_oem_area_0(buf);
diff --git a/firmware/bdb/bdb.h b/firmware/bdb/bdb.h
index ef10a19d..ebe3b414 100644
--- a/firmware/bdb/bdb.h
+++ b/firmware/bdb/bdb.h
@@ -124,6 +124,8 @@ int bdb_check_data(const struct bdb_data *p, size_t size);
* @param size Size of data in bytes
* @param bdb_key_digest Pointer to expected digest for BDB key.
* Must be BDB_SHA256_DIGEST_SIZE bytes long.
+ * If it's NULL, digest match will be skipped
+ * (and it'll be treated as 'mismatch').
*
* @return 0 if success, non-zero error code if error. Note that error code
* BDB_GOOD_OTHER_THAN_KEY may still indicate an acceptable BDB if the Boot
diff --git a/tests/bdb_test.c b/tests/bdb_test.c
index 2e8499a4..d22572af 100644
--- a/tests/bdb_test.c
+++ b/tests/bdb_test.c
@@ -324,6 +324,10 @@ void check_bdb_verify(const char *key_dir)
memcpy(h, hgood, hsize);
TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_SUCCESS);
+ /* It can accept a NULL pointer as bdb_key_digest */
+ memcpy(h, hgood, hsize);
+ TEST_EQ_S(bdb_verify(h, hsize, NULL), BDB_GOOD_OTHER_THAN_KEY);
+
/* Mangle each component in turn */
memcpy(h, hgood, hsize);
h->struct_magic++;
View Lorry Controller Status