vboot2: use hwcrypto for RSA when allowed

Add vb2ex_hwcrypto_rsa_verify support for RSA verification. If firmware implements the function it will used instead of SW implementation in vboot. Also separate hwcrypto stubs to 2stub_hwcrypto.c for depthcharge and coreboot. Depthcharge needs stubs but fails to compile 2stub.c BRANCH=none BUG=b:163710320, b:161205813 TEST=make runtests TEST=check hwcrypto is allowed/disallowed depending on nvmem flag Change-Id: I85573e7cff31f32043db4b0a6b24b642856024e3 Signed-off-by: Kangheui Won <khwon@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2353775 Reviewed-by: Julius Werner <jwerner@chromium.org>
author: Kangheui Won <khwon@chromium.org> 2020-08-13 15:48:41 +1000
committer: Commit Bot <commit-bot@chromium.org> 2020-08-26 05:02:06 +0000
commit: e24a6f60c11ce3d616cb1932da6395a72c5b8bfd (patch)
tree: 7b5ec1f60bc3932643727eb52b9e6753e0e0d0fa /firmware/2lib/2api.c
parent: 927a95261259382ef0e167babcd997d3bfb6f1fd (diff)
download: vboot-e24a6f60c11ce3d616cb1932da6395a72c5b8bfd.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c
index d49b8d31..95dc6c2d 100644
--- a/firmware/2lib/2api.c
+++ b/firmware/2lib/2api.c
@@ -355,6 +355,8 @@ vb2_error_t vb2api_check_hash_get_digest(struct vb2_context *ctx,
 				      vb2_member_of(sd, sd->data_key_offset),
 				      sd->data_key_size));
 
+	key.allow_hwcrypto = vb2_hwcrypto_rsa_allowed(ctx);
+
 	/*
 	 * Check digest vs. signature.  Note that this destroys the signature.
 	 * That's ok, because we only check each signature once per boot.
author	Kangheui Won <khwon@chromium.org>	2020-08-13 15:48:41 +1000
committer	Commit Bot <commit-bot@chromium.org>	2020-08-26 05:02:06 +0000
commit	e24a6f60c11ce3d616cb1932da6395a72c5b8bfd (patch)
tree	7b5ec1f60bc3932643727eb52b9e6753e0e0d0fa /firmware/2lib/2api.c
parent	927a95261259382ef0e167babcd997d3bfb6f1fd (diff)
download	vboot-e24a6f60c11ce3d616cb1932da6395a72c5b8bfd.tar.gz