diff options
author | Randall Spangler <rspangler@chromium.org> | 2016-06-17 10:48:16 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2016-08-03 19:40:41 -0700 |
commit | 814aaf09ceecddb16a01e1cbe0df4299b83b5699 (patch) | |
tree | 2d8cdeed4ee062c83dd6e84a341ff53cf343fd1c /host | |
parent | 31f04ada58bc67680ec9d62a404365803c76ffc1 (diff) | |
download | vboot-814aaf09ceecddb16a01e1cbe0df4299b83b5699.tar.gz |
futility: Create signatures using vboot 2.0 APIsstabilize-8688.B
Refactor futility to use only vboot 2.0 APIs to create signatures.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: I176e7f424fa556d34d8fe691df5681f1e43210ce
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356128
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Diffstat (limited to 'host')
-rw-r--r-- | host/lib/host_common.c | 56 | ||||
-rw-r--r-- | host/lib/host_common2.c | 74 | ||||
-rw-r--r-- | host/lib/host_key2.c | 105 | ||||
-rw-r--r-- | host/lib/host_keyblock.c | 12 | ||||
-rw-r--r-- | host/lib/host_signature.c | 48 | ||||
-rw-r--r-- | host/lib/host_signature2.c | 135 | ||||
-rw-r--r-- | host/lib/include/host_common.h | 20 | ||||
-rw-r--r-- | host/lib/include/host_key.h | 15 | ||||
-rw-r--r-- | host/lib/include/host_signature.h | 59 | ||||
-rw-r--r-- | host/lib21/host_signature.c | 14 | ||||
-rw-r--r-- | host/lib21/include/host_signature2.h | 13 | ||||
-rw-r--r-- | host/linktest/main.c | 2 |
12 files changed, 399 insertions, 154 deletions
diff --git a/host/lib/host_common.c b/host/lib/host_common.c index 959b65a6..a666e809 100644 --- a/host/lib/host_common.c +++ b/host/lib/host_common.c @@ -14,62 +14,6 @@ #include "utility.h" #include "vboot_common.h" -VbFirmwarePreambleHeader *CreateFirmwarePreamble( - uint64_t firmware_version, - const VbPublicKey *kernel_subkey, - const VbSignature *body_signature, - const VbPrivateKey *signing_key, - uint32_t flags) -{ - VbFirmwarePreambleHeader *h; - uint64_t signed_size = (sizeof(VbFirmwarePreambleHeader) + - kernel_subkey->key_size + - body_signature->sig_size); - uint64_t block_size = signed_size + siglen_map[signing_key->algorithm]; - uint8_t *kernel_subkey_dest; - uint8_t *body_sig_dest; - uint8_t *block_sig_dest; - VbSignature *sigtmp; - - /* Allocate key block */ - h = (VbFirmwarePreambleHeader *)malloc(block_size); - if (!h) - return NULL; - - Memset(h, 0, block_size); - kernel_subkey_dest = (uint8_t *)(h + 1); - body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size; - block_sig_dest = body_sig_dest + body_signature->sig_size; - - h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR; - h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR; - h->preamble_size = block_size; - h->firmware_version = firmware_version; - h->flags = flags; - - /* Copy data key */ - PublicKeyInit(&h->kernel_subkey, kernel_subkey_dest, - kernel_subkey->key_size); - PublicKeyCopy(&h->kernel_subkey, kernel_subkey); - - /* Copy body signature */ - SignatureInit(&h->body_signature, body_sig_dest, - body_signature->sig_size, 0); - SignatureCopy(&h->body_signature, body_signature); - - /* Set up signature struct so we can calculate the signature */ - SignatureInit(&h->preamble_signature, block_sig_dest, - siglen_map[signing_key->algorithm], signed_size); - - /* Calculate signature */ - sigtmp = CalculateSignature((uint8_t *)h, signed_size, signing_key); - SignatureCopy(&h->preamble_signature, sigtmp); - free(sigtmp); - - /* Return the header */ - return h; -} - VbKernelPreambleHeader *CreateKernelPreamble( uint64_t kernel_version, uint64_t body_load_address, diff --git a/host/lib/host_common2.c b/host/lib/host_common2.c new file mode 100644 index 00000000..ae02b8ba --- /dev/null +++ b/host/lib/host_common2.c @@ -0,0 +1,74 @@ +/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Host functions for verified boot. + * + * TODO: change all 'return 0', 'return 1' into meaningful return codes. + */ + +#include <string.h> + +#include "2sysincludes.h" +#include "2common.h" +#include "2rsa.h" +#include "host_common.h" +#include "host_key2.h" +#include "cryptolib.h" +#include "utility.h" +#include "vb2_common.h" +#include "vboot_common.h" + +struct vb2_fw_preamble *vb2_create_fw_preamble( + uint32_t firmware_version, + const struct vb2_packed_key *kernel_subkey, + const struct vb2_signature *body_signature, + const struct vb2_private_key *signing_key, + uint32_t flags) +{ + uint32_t signed_size = (sizeof(struct vb2_fw_preamble) + + kernel_subkey->key_size + + body_signature->sig_size); + uint32_t block_size = signed_size + + vb2_rsa_sig_size(signing_key->sig_alg); + + /* Allocate preamble */ + struct vb2_fw_preamble *h = + (struct vb2_fw_preamble *)calloc(block_size, 1); + if (!h) + return NULL; + + uint8_t *kernel_subkey_dest = (uint8_t *)(h + 1); + uint8_t *body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size; + uint8_t *block_sig_dest = body_sig_dest + body_signature->sig_size; + + h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR; + h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR; + h->preamble_size = block_size; + h->firmware_version = firmware_version; + h->flags = flags; + + /* Copy data key */ + PublicKeyInit((VbPublicKey *)&h->kernel_subkey, kernel_subkey_dest, + kernel_subkey->key_size); + PublicKeyCopy((VbPublicKey *)&h->kernel_subkey, + (VbPublicKey *)kernel_subkey); + + /* Copy body signature */ + vb2_init_signature(&h->body_signature, + body_sig_dest, body_signature->sig_size, 0); + vb2_copy_signature(&h->body_signature, body_signature); + + /* Set up signature struct so we can calculate the signature */ + vb2_init_signature(&h->preamble_signature, block_sig_dest, + vb2_rsa_sig_size(signing_key->sig_alg), signed_size); + + /* Calculate signature */ + struct vb2_signature *sig = + vb2_calculate_signature((uint8_t *)h, signed_size, signing_key); + vb2_copy_signature(&h->preamble_signature, sig); + free(sig); + + /* Return the header */ + return h; +} diff --git a/host/lib/host_key2.c b/host/lib/host_key2.c new file mode 100644 index 00000000..28f02af5 --- /dev/null +++ b/host/lib/host_key2.c @@ -0,0 +1,105 @@ +/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Host functions for keys. + */ + +/* TODO: change all 'return 0', 'return 1' into meaningful return codes */ + +#include <openssl/pem.h> + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> + +#include "2sysincludes.h" +#include "2common.h" +#include "2rsa.h" +#include "2sha.h" +#include "cryptolib.h" +#include "host_common.h" +#include "host_key.h" +#include "host_key2.h" +#include "host_misc.h" +#include "vb2_common.h" +#include "vboot_common.h" + +struct vb2_private_key *vb2_read_private_key(const char *filename) +{ + uint8_t *buf = NULL; + uint32_t bufsize = 0; + if (VB2_SUCCESS != vb2_read_file(filename, &buf, &bufsize)) { + VbExError("unable to read from file %s\n", filename); + return NULL; + } + + struct vb2_private_key *key = + (struct vb2_private_key *)calloc(sizeof(*key), 1); + if (!key) { + VbExError("Unable to allocate private key\n"); + free(buf); + return NULL; + } + + uint64_t alg = *(uint64_t *)buf; + key->hash_alg = vb2_crypto_to_hash(alg); + key->sig_alg = vb2_crypto_to_signature(alg); + const unsigned char *start = buf + sizeof(alg); + + key->rsa_private_key = + d2i_RSAPrivateKey(0, &start, bufsize - sizeof(alg)); + + if (!key->rsa_private_key) { + VbExError("Unable to parse RSA private key\n"); + free(buf); + free(key); + return NULL; + } + + free(buf); + return key; +} + +struct vb2_private_key *vb2_read_private_key_pem( + const char* filename, + enum vb2_crypto_algorithm algorithm) +{ + RSA *rsa_key; + FILE *f; + + if (algorithm >= VB2_ALG_COUNT) { + VB2_DEBUG("%s() called with invalid algorithm!\n", + __FUNCTION__); + return NULL; + } + + /* Read private key */ + f = fopen(filename, "r"); + if (!f) { + VB2_DEBUG("%s(): Couldn't open key file: %s\n", + __FUNCTION__, filename); + return NULL; + } + rsa_key = PEM_read_RSAPrivateKey(f, NULL, NULL, NULL); + fclose(f); + if (!rsa_key) { + VB2_DEBUG("%s(): Couldn't read private key from file: %s\n", + __FUNCTION__, filename); + return NULL; + } + + /* Store key and algorithm in our struct */ + struct vb2_private_key *key = + (struct vb2_private_key *)calloc(sizeof(*key), 1); + if (!key) { + RSA_free(rsa_key); + return NULL; + } + key->rsa_private_key = rsa_key; + key->hash_alg = vb2_crypto_to_hash(algorithm); + key->sig_alg = vb2_crypto_to_signature(algorithm); + + /* Return the key */ + return key; +} diff --git a/host/lib/host_keyblock.c b/host/lib/host_keyblock.c index 333b7d4f..982013fb 100644 --- a/host/lib/host_keyblock.c +++ b/host/lib/host_keyblock.c @@ -57,9 +57,9 @@ VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key, Memset(&h->key_block_signature, 0, sizeof(VbSignature)); /* Calculate checksum */ - sigtmp = CalculateChecksum((uint8_t*)h, signed_size); - SignatureCopy(&h->key_block_checksum, sigtmp); - free(sigtmp); + struct vb2_signature *chk = vb2_sha512_signature((uint8_t*)h, signed_size); + SignatureCopy(&h->key_block_checksum, (VbSignature *)chk); + free(chk); /* Calculate signature */ if (signing_key) { @@ -117,9 +117,9 @@ VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key, siglen_map[algorithm], signed_size); /* Calculate checksum */ - sigtmp = CalculateChecksum((uint8_t*)h, signed_size); - SignatureCopy(&h->key_block_checksum, sigtmp); - free(sigtmp); + struct vb2_signature *chk = vb2_sha512_signature((uint8_t*)h, signed_size); + SignatureCopy(&h->key_block_checksum, (VbSignature *)chk); + free(chk); /* Calculate signature */ sigtmp = CalculateSignature_external((uint8_t*)h, signed_size, diff --git a/host/lib/host_signature.c b/host/lib/host_signature.c index 57676842..33000f1f 100644 --- a/host/lib/host_signature.c +++ b/host/lib/host_signature.c @@ -54,54 +54,6 @@ int SignatureCopy(VbSignature* dest, const VbSignature* src) { return 0; } - -VbSignature* CalculateChecksum(const uint8_t* data, uint64_t size) { - - uint8_t header_checksum[VB2_SHA512_DIGEST_SIZE]; - VbSignature* sig; - - if (VB2_SUCCESS != vb2_digest_buffer(data, size, VB2_HASH_SHA512, - header_checksum, - sizeof(header_checksum))) - return NULL; - - sig = SignatureAlloc(VB2_SHA512_DIGEST_SIZE, 0); - if (!sig) - return NULL; - - sig->sig_offset = sizeof(VbSignature); - sig->sig_size = VB2_SHA512_DIGEST_SIZE; - sig->data_size = size; - - /* Signature data immediately follows the header */ - Memcpy(GetSignatureData(sig), header_checksum, VB2_SHA512_DIGEST_SIZE); - return sig; -} - -VbSignature* CalculateHash(const uint8_t* data, uint64_t size, - const VbPrivateKey* key) { - int vb2_alg = vb2_crypto_to_hash(key->algorithm); - uint8_t digest[VB2_MAX_DIGEST_SIZE]; - int digest_size = vb2_digest_size(vb2_alg); - VbSignature* sig = NULL; - - /* Calculate the digest */ - if (VB2_SUCCESS != vb2_digest_buffer(data, size, vb2_alg, - digest, sizeof(digest))) - return NULL; - - /* Allocate output signature */ - sig = SignatureAlloc(digest_size, size); - if (!sig) - return NULL; - - /* The digest itself is the signature data */ - Memcpy(GetSignatureData(sig), digest, digest_size); - - /* Return the signature */ - return sig; -} - VbSignature* CalculateSignature(const uint8_t* data, uint64_t size, const VbPrivateKey* key) { int vb2_alg = vb2_crypto_to_hash(key->algorithm); diff --git a/host/lib/host_signature2.c b/host/lib/host_signature2.c new file mode 100644 index 00000000..e07f3d06 --- /dev/null +++ b/host/lib/host_signature2.c @@ -0,0 +1,135 @@ +/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Host functions for signature generation. + */ + +#include <openssl/rsa.h> + +#include <stdio.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/wait.h> +#include <unistd.h> + +#include "2sysincludes.h" + +#include "2common.h" +#include "2rsa.h" +#include "2sha.h" +#include "cryptolib.h" +#include "file_keys.h" +#include "host_common.h" +#include "host_key2.h" +#include "host_signature2.h" +#include "vb2_common.h" +#include "vboot_common.h" + +struct vb2_signature *vb2_alloc_signature(uint32_t sig_size, + uint32_t data_size) +{ + struct vb2_signature *sig = (struct vb2_signature *) + calloc(sizeof(*sig) + sig_size, 1); + if (!sig) + return NULL; + + sig->sig_offset = sizeof(*sig); + sig->sig_size = sig_size; + sig->data_size = data_size; + + return sig; +} + +void vb2_init_signature(struct vb2_signature *sig, uint8_t *sig_data, + uint32_t sig_size, uint32_t data_size) +{ + sig->sig_offset = OffsetOf(sig, sig_data); + sig->sig_size = sig_size; + sig->data_size = data_size; +} + +int vb2_copy_signature(struct vb2_signature *dest, + const struct vb2_signature *src) +{ + if (dest->sig_size < src->sig_size) + return VB2_ERROR_SIG_SIZE; + + dest->sig_size = src->sig_size; + dest->data_size = src->data_size; + + memcpy(vb2_signature_data(dest), + vb2_signature_data((struct vb2_signature *)src), + src->sig_size); + + return VB2_SUCCESS; +} + +struct vb2_signature *vb2_sha512_signature(const uint8_t *data, uint32_t size) +{ + uint8_t digest[VB2_SHA512_DIGEST_SIZE]; + if (VB2_SUCCESS != vb2_digest_buffer(data, size, VB2_HASH_SHA512, + digest, sizeof(digest))) + return NULL; + + struct vb2_signature *sig = + vb2_alloc_signature(VB2_SHA512_DIGEST_SIZE, size); + if (!sig) + return NULL; + + memcpy(vb2_signature_data(sig), digest, VB2_SHA512_DIGEST_SIZE); + return sig; +} + +struct vb2_signature *vb2_calculate_signature( + const uint8_t *data, uint32_t size, + const struct vb2_private_key *key) +{ + uint8_t digest[VB2_MAX_DIGEST_SIZE]; + uint32_t digest_size = vb2_digest_size(key->hash_alg); + + uint32_t digest_info_size = 0; + const uint8_t *digest_info = NULL; + if (VB2_SUCCESS != vb2_digest_info(key->hash_alg, + &digest_info, &digest_info_size)) + return NULL; + + /* Calculate the digest */ + if (VB2_SUCCESS != vb2_digest_buffer(data, size, key->hash_alg, + digest, digest_size)) + return NULL; + + /* Prepend the digest info to the digest */ + int signature_digest_len = digest_size + digest_info_size; + uint8_t *signature_digest = malloc(signature_digest_len); + if (!signature_digest) + return NULL; + + memcpy(signature_digest, digest_info, digest_info_size); + memcpy(signature_digest + digest_info_size, digest, digest_size); + + /* Allocate output signature */ + struct vb2_signature *sig = (struct vb2_signature *) + vb2_alloc_signature(vb2_rsa_sig_size(key->sig_alg), size); + if (!sig) { + free(signature_digest); + return NULL; + } + + /* Sign the signature_digest into our output buffer */ + int rv = RSA_private_encrypt(signature_digest_len, /* Input length */ + signature_digest, /* Input data */ + vb2_signature_data(sig), /* Output sig */ + key->rsa_private_key, /* Key to use */ + RSA_PKCS1_PADDING); /* Padding */ + free(signature_digest); + + if (-1 == rv) { + VB2_DEBUG("%s: RSA_private_encrypt() failed.\n", __func__); + free(sig); + return NULL; + } + + /* Return the signature */ + return sig; +} diff --git a/host/lib/include/host_common.h b/host/lib/include/host_common.h index 895a675f..c9f9713f 100644 --- a/host/lib/include/host_common.h +++ b/host/lib/include/host_common.h @@ -24,17 +24,21 @@ #include "vboot_struct.h" /** - * Create a firmware preamble, signed with [signing_key]. + * Create a firmware preamble. * - * Caller owns the returned pointer, and must free it with Free(). + * @param firmware_version Firmware version + * @param kernel_subkey Kernel subkey to store in preamble + * @param body_signature Signature of firmware body + * @param signing_key Private key to sign header with + * @param flags Firmware preamble flags * - * Returns NULL if error. + * @return The preamble, or NULL if error. Caller must free() it. */ -VbFirmwarePreambleHeader *CreateFirmwarePreamble( - uint64_t firmware_version, - const VbPublicKey *kernel_subkey, - const VbSignature *body_signature, - const VbPrivateKey *signing_key, +struct vb2_fw_preamble *vb2_create_fw_preamble( + uint32_t firmware_version, + const struct vb2_packed_key *kernel_subkey, + const struct vb2_signature *body_signature, + const struct vb2_private_key *signing_key, uint32_t flags); /** diff --git a/host/lib/include/host_key.h b/host/lib/include/host_key.h index cdfc81bd..25b7f767 100644 --- a/host/lib/include/host_key.h +++ b/host/lib/include/host_key.h @@ -8,10 +8,12 @@ #ifndef VBOOT_REFERENCE_HOST_KEY_H_ #define VBOOT_REFERENCE_HOST_KEY_H_ +#include "2crypto.h" #include "cryptolib.h" #include "vboot_struct.h" struct vb2_packed_key; +struct vb2_private_key; typedef struct rsa_st RSA; @@ -23,9 +25,11 @@ typedef struct VbPrivateKey { /* Read a private key from a .pem file. Caller owns the returned pointer, - * and must free it with PrivateKeyFree(). */ + * and must free() it. */ VbPrivateKey* PrivateKeyReadPem(const char* filename, uint64_t algorithm); - +struct vb2_private_key *vb2_read_private_key_pem( + const char *filename, + enum vb2_crypto_algorithm algorithm); /* Free a private key. */ void PrivateKeyFree(VbPrivateKey* key); @@ -33,13 +37,12 @@ void PrivateKeyFree(VbPrivateKey* key); /* Write a private key to a file in .vbprivk format. */ int PrivateKeyWrite(const char* filename, const VbPrivateKey* key); -/* Read a privake key from a .vbprivk file. Caller owns the returned - * pointer, and must free it with PrivateKeyFree(). +/* Read a private key from a .vbprivk file. Caller owns the returned + * pointer, and must free() it. * * Returns NULL if error. */ VbPrivateKey* PrivateKeyRead(const char* filename); - - +struct vb2_private_key *vb2_read_private_key(const char *filename); /* Allocate a new public key with space for a [key_size] byte key. */ VbPublicKey* PublicKeyAlloc(uint64_t key_size, uint64_t algorithm, diff --git a/host/lib/include/host_signature.h b/host/lib/include/host_signature.h index fb03c6c5..2c7f24ae 100644 --- a/host/lib/include/host_signature.h +++ b/host/lib/include/host_signature.h @@ -13,35 +13,57 @@ #include "utility.h" #include "vboot_struct.h" +struct vb2_private_key; +struct vb2_signature; -/* Initialize a signature struct. */ +/** + * Initialize a signature struct. + * + * @param sig Structure to initialize + * @param sig_data Pointer to signature data buffer (after sig) + * @param sig_size Size of signature data buffer in bytes + * @param data_size Amount of data signed in bytes + */ void SignatureInit(VbSignature* sig, uint8_t* sig_data, uint64_t sig_size, uint64_t data_size); +void vb2_init_signature(struct vb2_signature *sig, uint8_t *sig_data, + uint32_t sig_size, uint32_t data_size); -/* Allocate a new signature with space for a [sig_size] byte signature. */ +/** + * Allocate a new signature. + * + * @param sig_size Size of signature in bytes + * @param data_size Amount of data signed in bytes + * + * @return The signature or NULL if error. Caller must free() it. + */ VbSignature* SignatureAlloc(uint64_t sig_size, uint64_t data_size); +struct vb2_signature *vb2_alloc_signature(uint32_t sig_size, + uint32_t data_size); - -/* Copy a signature key from [src] to [dest]. +/** + * Copy a signature. * - * Returns 0 if success, non-zero if error. */ + * @param dest Destination signature + * @param src Source signature + * + * @return VB2_SUCCESS, or non-zero if error. */ int SignatureCopy(VbSignature* dest, const VbSignature* src); +int vb2_copy_signature(struct vb2_signature *dest, + const struct vb2_signature *src); - -/* Calculates a SHA-512 checksum. - * Caller owns the returned pointer, and must free it with Free(). +/** + * Calculate a SHA-512 digest-only signature. * - * Returns NULL on error. */ -VbSignature* CalculateChecksum(const uint8_t* data, uint64_t size); - - -/* Calculates a hash of the data using the algorithm from the specified key. - * Caller owns the returned pointer, and must free it with Free(). + * Caller owns the returned pointer, and must free() it. * - * Returns NULL on error. */ -VbSignature* CalculateHash(const uint8_t* data, uint64_t size, - const VbPrivateKey* key); + * @param data Pointer to data to hash + * @param size Length of data in bytes + * + * @return The signature, or NULL if error. + */ +struct vb2_signature *vb2_sha512_signature(const uint8_t *data, uint32_t size); /* Calculates a signature for the data using the specified key. * Caller owns the returned pointer, and must free it with Free(). @@ -49,6 +71,9 @@ VbSignature* CalculateHash(const uint8_t* data, uint64_t size, * Returns NULL on error. */ VbSignature* CalculateSignature(const uint8_t* data, uint64_t size, const VbPrivateKey* key); +struct vb2_signature *vb2_calculate_signature( + const uint8_t *data, uint32_t size, + const struct vb2_private_key *key); /* Calculates a signature for the data using the specified key and * an external program. diff --git a/host/lib21/host_signature.c b/host/lib21/host_signature.c index 01f4f326..5339b075 100644 --- a/host/lib21/host_signature.c +++ b/host/lib21/host_signature.c @@ -17,17 +17,9 @@ #include "host_signature2.h" #include "host_misc.h" -/** - * Get the digest info for a hash algorithm - * - * @param hash_alg Hash algorithm - * @param buf_ptr On success, points to the digest info - * @param size_ptr On success, contains the info size in bytes - * @return VB2_SUCCESS, or non-zero error code on failure. - */ -static int vb2_digest_info(enum vb2_hash_algorithm hash_alg, - const uint8_t **buf_ptr, - uint32_t *size_ptr) +int vb2_digest_info(enum vb2_hash_algorithm hash_alg, + const uint8_t **buf_ptr, + uint32_t *size_ptr) { *buf_ptr = NULL; *size_ptr = 0; diff --git a/host/lib21/include/host_signature2.h b/host/lib21/include/host_signature2.h index 8eb95ba8..5faf6da7 100644 --- a/host/lib21/include/host_signature2.h +++ b/host/lib21/include/host_signature2.h @@ -11,6 +11,19 @@ #include "2struct.h" struct vb2_private_key; +struct vb21_signature; + +/** + * Get the digest info for a hash algorithm + * + * @param hash_alg Hash algorithm + * @param buf_ptr On success, points to the digest info + * @param size_ptr On success, contains the info size in bytes + * @return VB2_SUCCESS, or non-zero error code on failure. + */ +int vb2_digest_info(enum vb2_hash_algorithm hash_alg, + const uint8_t **buf_ptr, + uint32_t *size_ptr); /** * Sign data buffer diff --git a/host/linktest/main.c b/host/linktest/main.c index 5e7aa275..1631ec37 100644 --- a/host/linktest/main.c +++ b/host/linktest/main.c @@ -36,11 +36,9 @@ int main(void) SignatureInit(0, 0, 0, 0); SignatureAlloc(0, 0); SignatureCopy(0, 0); - CalculateChecksum(0, 0); CalculateSignature(0, 0, 0); /* host_common.h */ - CreateFirmwarePreamble(0, 0, 0, 0, 0); CreateKernelPreamble(0, 0, 0, 0, 0, 0, 0, 0, 0, 0); /* file_keys.h */ |