diff options
| author | Randall Spangler <rspangler@chromium.org> | 2014-10-23 10:07:54 -0700 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-10-28 03:13:07 +0000 |
| commit | 4eef812d68f64cc501d795131d95f8a2f27223b1 (patch) | |
| tree | b591b4b70608e2bb048726c6c0e589937777c8ee /firmware/2lib/2common.c | |
| parent | 9e39efd6474449ec38bb2bcc2209a070fb6e6937 (diff) | |
| download | vboot-4eef812d68f64cc501d795131d95f8a2f27223b1.tar.gz | |
vboot2: use enum hash algorithmstabilize-6412.B
This changes the internals of vboot2 to use the enumerated type for
hash algorithm. The conversion from crypto algorithm is done only
when unpacking the key (and ok, in checking the rsa padding, but that
goes away in the next change). This is preparation for the vboot2
data types, which separate signature and hash algorithms into their
own fields.
There is no external change in the calling API to vboot, and no change
to the external data structures.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I9c6de08d742dab941beb806fbd2bfc1e11c01e2c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/225208
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'firmware/2lib/2common.c')
| -rw-r--r-- | firmware/2lib/2common.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/firmware/2lib/2common.c b/firmware/2lib/2common.c index 21c42a34..0da3a611 100644 --- a/firmware/2lib/2common.c +++ b/firmware/2lib/2common.c @@ -192,10 +192,18 @@ int vb2_unpack_key(struct vb2_public_key *key, if (rv) return rv; + /* Check key algorithm */ if (packed_key->algorithm >= VB2_ALG_COUNT) { VB2_DEBUG("Invalid algorithm.\n"); return VB2_ERROR_UNPACK_KEY_ALGORITHM; } + key->algorithm = packed_key->algorithm; + + key->hash_alg = vb2_crypto_to_hash(packed_key->algorithm); + if (key->hash_alg == VB2_HASH_INVALID) { + VB2_DEBUG("Unsupported hash algorithm.\n"); + return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM; + } expected_key_size = vb2_packed_key_size(packed_key->algorithm); if (!expected_key_size || expected_key_size != packed_key->key_size) { @@ -220,8 +228,6 @@ int vb2_unpack_key(struct vb2_public_key *key, key->n = buf32 + 2; key->rr = buf32 + 2 + key->arrsize; - key->algorithm = packed_key->algorithm; - return VB2_SUCCESS; } @@ -264,7 +270,7 @@ int vb2_verify_data(const uint8_t *data, } /* Digest goes at start of work buffer */ - digest_size = vb2_digest_size(key->algorithm); + digest_size = vb2_digest_size(key->hash_alg); if (!digest_size) return VB2_ERROR_VDATA_DIGEST_SIZE; @@ -277,7 +283,7 @@ int vb2_verify_data(const uint8_t *data, if (!dc) return VB2_ERROR_VDATA_WORKBUF_HASHING; - rv = vb2_digest_init(dc, key->algorithm); + rv = vb2_digest_init(dc, key->hash_alg); if (rv) return rv; |