diff options
Diffstat (limited to 'firmware/2lib/2common.c')
-rw-r--r-- | firmware/2lib/2common.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/firmware/2lib/2common.c b/firmware/2lib/2common.c index 21c42a34..0da3a611 100644 --- a/firmware/2lib/2common.c +++ b/firmware/2lib/2common.c @@ -192,10 +192,18 @@ int vb2_unpack_key(struct vb2_public_key *key, if (rv) return rv; + /* Check key algorithm */ if (packed_key->algorithm >= VB2_ALG_COUNT) { VB2_DEBUG("Invalid algorithm.\n"); return VB2_ERROR_UNPACK_KEY_ALGORITHM; } + key->algorithm = packed_key->algorithm; + + key->hash_alg = vb2_crypto_to_hash(packed_key->algorithm); + if (key->hash_alg == VB2_HASH_INVALID) { + VB2_DEBUG("Unsupported hash algorithm.\n"); + return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM; + } expected_key_size = vb2_packed_key_size(packed_key->algorithm); if (!expected_key_size || expected_key_size != packed_key->key_size) { @@ -220,8 +228,6 @@ int vb2_unpack_key(struct vb2_public_key *key, key->n = buf32 + 2; key->rr = buf32 + 2 + key->arrsize; - key->algorithm = packed_key->algorithm; - return VB2_SUCCESS; } @@ -264,7 +270,7 @@ int vb2_verify_data(const uint8_t *data, } /* Digest goes at start of work buffer */ - digest_size = vb2_digest_size(key->algorithm); + digest_size = vb2_digest_size(key->hash_alg); if (!digest_size) return VB2_ERROR_VDATA_DIGEST_SIZE; @@ -277,7 +283,7 @@ int vb2_verify_data(const uint8_t *data, if (!dc) return VB2_ERROR_VDATA_WORKBUF_HASHING; - rv = vb2_digest_init(dc, key->algorithm); + rv = vb2_digest_init(dc, key->hash_alg); if (rv) return rv; |