diff options
| author | Randall Spangler <rspangler@chromium.org> | 2016-05-11 13:50:18 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-07-22 18:40:04 -0700 |
| commit | 7c3ae42e045935728a63a6d592ecf6c5bdbd005a (patch) | |
| tree | b03c1bde6af714d2229b2362ad1d64b99c8f581d /utility | |
| parent | b3a625f8fef1768d78eab4cfaaea270cb3fbd0c3 (diff) | |
| download | vboot-7c3ae42e045935728a63a6d592ecf6c5bdbd005a.tar.gz | |
vboot: Convert vboot1 SHA calls to use vboot2
This change replaces all calls to the old vboot1 SHA library with their
vboot2 equivalents.
This is the first in a long series of changes to move the core vboot kernel
verification into vb2, and the control/display loop out to depthcharge.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build samus firmware and boot it
Change-Id: I31986eb766176c0e39a192c5ce15730471c3cf94
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/344342
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Diffstat (limited to 'utility')
| -rw-r--r-- | utility/pad_digest_utility.c | 8 | ||||
| -rw-r--r-- | utility/signature_digest_utility.c | 4 | ||||
| -rw-r--r-- | utility/verify_data.c | 10 |
3 files changed, 15 insertions, 7 deletions
diff --git a/utility/pad_digest_utility.c b/utility/pad_digest_utility.c index cee89640..7e833fe5 100644 --- a/utility/pad_digest_utility.c +++ b/utility/pad_digest_utility.c @@ -10,6 +10,10 @@ #include <stdio.h> #include <stdlib.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "file_keys.h" #include "host_common.h" #include "padding.h" @@ -41,8 +45,8 @@ int main(int argc, char* argv[]) { } padded_digest = PrependDigestInfo(algorithm, digest); - padded_digest_len = (hash_size_map[algorithm] + - digestinfo_size_map[algorithm]); + const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); + padded_digest_len = (digest_size + digestinfo_size_map[algorithm]); if (!padded_digest) error_code = -1; diff --git a/utility/signature_digest_utility.c b/utility/signature_digest_utility.c index 85ba0c9b..781f9ff6 100644 --- a/utility/signature_digest_utility.c +++ b/utility/signature_digest_utility.c @@ -42,8 +42,8 @@ int main(int argc, char* argv[]) { } signature_digest = SignatureDigest(buf, len, algorithm); - signature_digest_len = (hash_size_map[algorithm] + - digestinfo_size_map[algorithm]); + const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); + signature_digest_len = (digest_size + digestinfo_size_map[algorithm]); if (!signature_digest) error_code = -1; if(signature_digest && diff --git a/utility/verify_data.c b/utility/verify_data.c index c9da2401..95c1bbd5 100644 --- a/utility/verify_data.c +++ b/utility/verify_data.c @@ -15,6 +15,10 @@ #include <sys/types.h> #include <unistd.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "file_keys.h" #include "verify_data.h" @@ -51,7 +55,7 @@ uint8_t* read_signature(char* input_file, int len) { int main(int argc, char* argv[]) { int i, algorithm, sig_len; int return_code = 1; /* Default to error. */ - uint8_t* digest = NULL; + uint8_t digest[VB2_MAX_DIGEST_SIZE]; uint8_t* signature = NULL; RSAPublicKey* key = NULL; @@ -74,7 +78,8 @@ int main(int argc, char* argv[]) { sig_len = siglen_map[algorithm]; if ((key = RSAPublicKeyFromFile(argv[2])) && (signature = read_signature(argv[3], sig_len)) && - (digest = DigestFile(argv[4], algorithm))) { + (VB2_SUCCESS == DigestFile(argv[4], vb2_crypto_to_hash(algorithm), + digest, sizeof(digest)))) { if (RSAVerify(key, signature, sig_len, algorithm, digest)) { return_code = 0; fprintf(stderr, "Signature Verification " @@ -89,7 +94,6 @@ int main(int argc, char* argv[]) { free(key); free(signature); - free(digest); return return_code; } |