diff options
-rw-r--r-- | firmware/2lib/2stub.c | 7 | ||||
-rw-r--r-- | firmware/2lib/include/2api.h | 14 | ||||
-rw-r--r-- | firmware/2lib/include/2rsa.h | 1 |
3 files changed, 21 insertions, 1 deletions
diff --git a/firmware/2lib/2stub.c b/firmware/2lib/2stub.c index c4b9bdf3..fc539fe9 100644 --- a/firmware/2lib/2stub.c +++ b/firmware/2lib/2stub.c @@ -61,6 +61,13 @@ vb2_error_t vb2ex_hwcrypto_digest_finalize(uint8_t *digest, } __attribute__((weak)) +vb2_error_t vb2ex_hwcrypto_rsa_verify_digest(const struct vb2_public_key *key, + const uint8_t *sig, const uint8_t *digest) +{ + return VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED; +} + +__attribute__((weak)) vb2_error_t vb2ex_tpm_set_mode(enum vb2_tpm_mode mode_val) { fprintf(stderr, "%s: function not implemented\n", __func__); diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index c6d99bdf..c2f636e8 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -26,6 +26,7 @@ #include "2id.h" #include "2recovery_reasons.h" #include "2return_codes.h" +#include "2rsa.h" #include "2secdata_struct.h" #define _VB2_TRY_IMPL(expr, ctx, recovery_reason, ...) do { \ @@ -952,6 +953,19 @@ vb2_error_t vb2ex_hwcrypto_digest_extend(const uint8_t *buf, uint32_t size); vb2_error_t vb2ex_hwcrypto_digest_finalize(uint8_t *digest, uint32_t digest_size); +/** + * Verify a RSA PKCS1.5 signature in hardware crypto engine + * against an expected hash digest. + * + * @param key Key to use in signature verification + * @param sig Signature to verify (destroyed in process) + * @param digest Digest of signed data + * @return VB2_SUCCESS, or non-zero error code (HWCRYPTO_UNSUPPORTED not fatal). + */ +vb2_error_t vb2ex_hwcrypto_rsa_verify_digest(const struct vb2_public_key *key, + const uint8_t *sig, + const uint8_t *digest); + /* * Abort vboot flow due to a failed assertion or broken assumption. * diff --git a/firmware/2lib/include/2rsa.h b/firmware/2lib/include/2rsa.h index 0d0bf2aa..4b1febc4 100644 --- a/firmware/2lib/include/2rsa.h +++ b/firmware/2lib/include/2rsa.h @@ -8,7 +8,6 @@ #include "2crypto.h" #include "2return_codes.h" -#include "2struct.h" struct vb2_workbuf; |