diff options
author | Julius Werner <jwerner@chromium.org> | 2022-08-09 18:40:10 -0700 |
---|---|---|
committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2022-09-01 03:36:21 +0000 |
commit | 5ab30ec1c81a48c8857fb8fbbeee607074a0996f (patch) | |
tree | 7ca3662594636177b3d2bb9f9c7864a413227a5d /firmware/2lib/2sha1.c | |
parent | 32e861a8d6411a6f4bd7ae3ed17b645072775d3c (diff) | |
download | vboot-5ab30ec1c81a48c8857fb8fbbeee607074a0996f.tar.gz |
firmware: 2sha: Integrate HW crypto directly into vb2_digest API
This patch moves the connection to the vb2ex_hwcrypto API further down
the stack, into the low-level vb2_digest and vb2_hash APIs. These
functions will now take an extra allow_hwcrypto argument that the caller
can use to deny or allow hwcrypto by policy. If allowed, the function
will try HW crypto first and fall back to the software implementation if
the selected algorithm is not supported. vb2_hwcrypto_allowed() is made
available to external callers as a vb2api function to make that decision
in most cases (for others, like userspace tools and testing, HW crypto
is generally not used anyway and they can just pass `false`).
Since vb2ex_hwcrypto_digest_init() takes a data_size argument for the
total amount of bytes expected, vb2_digest_init() will now also need to
take this extra argument. But since the total data size cannot always be
known in advance, callers are allowed to pass 0 to indicate that the
size is unknown. The software implementations work either way, and HW
crypto implementations will now need to check if data_size is 0 and
return HWCRYPTO_UNSUPPORTED if they cannot handle this case.
While we're touching everything anyway, let's take this opportunity to
retire the vb2_digest_buffer() API in favor of the newer and usually
more convenient vb2_hash_calculate(), so we can limit the amount of
separate APIs we have to support going forward.
BRANCH=none
BUG=b:240624460
TEST=runtests
Signed-off-by: Julius Werner <jwerner@chromium.org>
Cq-Depend: chromium:3854282
Change-Id: I34c3f54e31742619d422d1cd871bdb77ad0439b7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3825558
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Diffstat (limited to 'firmware/2lib/2sha1.c')
0 files changed, 0 insertions, 0 deletions