diff options
| author | Julius Werner <jwerner@chromium.org> | 2019-09-30 17:52:19 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2020-01-16 03:07:34 +0000 |
| commit | ac75f65b96aa886c85385fc7fff54340071b9851 (patch) | |
| tree | d086c61fcc89469374ec1293844bf7ead34865d6 /firmware/2lib/2sha_utility.c | |
| parent | b597ea7a016baa1a1416ca3f78aea2220479691c (diff) | |
| download | vboot-ac75f65b96aa886c85385fc7fff54340071b9851.tar.gz | |
2sha: Add a vb2_hash type to make it easier to work with hashes
I'm prototyping some coreboot code to closer integrate vboot with CBFS
(per-file hashing and that stuff). While doing that, I noticed that it
would be neat to have a standardized serializable representation for any
kind of vboot hash. We already have something like that in CBFS
attributes, but if we want to use it more generally it makes more sense
to put it in vboot. This patch adds a suitable structure defintion to
2sha.h and two utility functions that can be used to work with it.
Also add alloca() because I need it and fix the return types of
vb2_..._size(), because those are just plain wrong.
BRANCH=None
BUG=None
TEST=make runtests
Change-Id: I4b535ad43704693463fb114d6a81d2b5689a87b9
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1963614
Reviewed-by: Joel Kitching <kitching@chromium.org>
Diffstat (limited to 'firmware/2lib/2sha_utility.c')
| -rw-r--r-- | firmware/2lib/2sha_utility.c | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/firmware/2lib/2sha_utility.c b/firmware/2lib/2sha_utility.c index a267edde..8c6f4b80 100644 --- a/firmware/2lib/2sha_utility.c +++ b/firmware/2lib/2sha_utility.c @@ -56,7 +56,7 @@ enum vb2_hash_algorithm vb2_crypto_to_hash(uint32_t algorithm) return VB2_HASH_INVALID; } -vb2_error_t vb2_digest_size(enum vb2_hash_algorithm hash_alg) +size_t vb2_digest_size(enum vb2_hash_algorithm hash_alg) { switch (hash_alg) { #if VB2_SUPPORT_SHA1 @@ -76,7 +76,7 @@ vb2_error_t vb2_digest_size(enum vb2_hash_algorithm hash_alg) } } -vb2_error_t vb2_hash_block_size(enum vb2_hash_algorithm alg) +size_t vb2_hash_block_size(enum vb2_hash_algorithm alg) { switch (alg) { #if VB2_SUPPORT_SHA1 @@ -211,3 +211,18 @@ vb2_error_t vb2_digest_buffer(const uint8_t *buf, uint32_t size, return vb2_digest_finalize(&dc, digest, digest_size); } + +vb2_error_t vb2_hash_verify(const void *buf, uint32_t size, + const struct vb2_hash *hash) +{ + uint8_t hash_buf[VB2_MAX_DIGEST_SIZE]; + size_t hash_size = vb2_digest_size(hash->algo); + vb2_error_t rv = vb2_digest_buffer(buf, size, hash->algo, + hash_buf, hash_size); + if (rv) + return rv; + if (memcmp(hash_buf, hash->bytes.raw, hash_size)) + return VB2_ERROR_SHA_MISMATCH; + else + return VB2_SUCCESS; +} |