diff options
| author | Joel Kitching <kitching@google.com> | 2019-09-04 15:52:25 +0800 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2019-10-29 21:27:35 +0000 |
| commit | 3d8dcc853a98bb8aae91d9a30862541a38581b2d (patch) | |
| tree | 934ad41cc209cc3161e2fa3581e8f20298107329 /firmware/lib20 | |
| parent | 6d43a1925a3f88b4fb8ac3fc9dcfc42ccd934063 (diff) | |
| download | vboot-3d8dcc853a98bb8aae91d9a30862541a38581b2d.tar.gz | |
vboot: keep const and non-const signature and key accessors
Keep const (default) and non-const (_mutable suffix) versions
of `data` field accessors for vb2_signature and vb2_packed_key.
No need for separate 2packed_key.c file -- just static inline
the functions.
vb2_verify_packed_key_inside should return type vb2_error_t.
BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none
Change-Id: I96722a746f26abbb6e19a365ce74f0bfda0da381
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1786386
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat (limited to 'firmware/lib20')
| -rw-r--r-- | firmware/lib20/common.c | 3 | ||||
| -rw-r--r-- | firmware/lib20/kernel.c | 7 |
2 files changed, 3 insertions, 7 deletions
diff --git a/firmware/lib20/common.c b/firmware/lib20/common.c index f1364c7a..6a6eff32 100644 --- a/firmware/lib20/common.c +++ b/firmware/lib20/common.c @@ -15,7 +15,8 @@ vb2_error_t vb2_verify_digest(const struct vb2_public_key *key, struct vb2_signature *sig, const uint8_t *digest, const struct vb2_workbuf *wb) { - uint8_t *sig_data = vb2_signature_data(sig); + /* A signature is destroyed in the process of being verified. */ + uint8_t *sig_data = vb2_signature_data_mutable(sig); if (sig->sig_size != vb2_rsa_sig_size(key->sig_alg)) { VB2_DEBUG("Wrong data signature size for algorithm, " diff --git a/firmware/lib20/kernel.c b/firmware/lib20/kernel.c index 172f7ffb..eff35bc4 100644 --- a/firmware/lib20/kernel.c +++ b/firmware/lib20/kernel.c @@ -14,11 +14,6 @@ #include "2sysincludes.h" #include "vb2_common.h" -static const uint8_t *vb2_signature_data_const(const struct vb2_signature *sig) -{ - return (uint8_t *)sig + sig->sig_offset; -} - /** * Returns non-zero if the kernel needs to have a valid signature, instead of * just a valid hash. @@ -81,7 +76,7 @@ vb2_error_t vb2_verify_keyblock_hash(const struct vb2_keyblock *block, if (rv) return rv; - if (vb2_safe_memcmp(vb2_signature_data_const(sig), digest, + if (vb2_safe_memcmp(vb2_signature_data(sig), digest, digest_size) != 0) { VB2_DEBUG("Invalid keyblock hash.\n"); return VB2_ERROR_KEYBLOCK_SIG_INVALID; |