diff options
Diffstat (limited to 'firmware/2lib/2common2.c')
-rw-r--r-- | firmware/2lib/2common2.c | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/firmware/2lib/2common2.c b/firmware/2lib/2common2.c index b65ea8fd..f35d575e 100644 --- a/firmware/2lib/2common2.c +++ b/firmware/2lib/2common2.c @@ -118,3 +118,63 @@ int vb2_verify_common_subobject(const void *parent, return VB2_SUCCESS; } + +uint32_t vb2_sig_size(enum vb2_signature_algorithm sig_alg, + enum vb2_hash_algorithm hash_alg) +{ + uint32_t digest_size = vb2_digest_size(hash_alg); + + /* Fail if we don't support the hash algorithm */ + if (!digest_size) + return 0; + + /* Handle unsigned hashes */ + if (sig_alg == VB2_SIG_NONE) + return digest_size; + + return vb2_rsa_sig_size(sig_alg); +} + +int vb2_verify_signature2(const struct vb2_signature2 *sig, + uint32_t size) +{ + uint32_t min_offset = 0; + uint32_t expect_sig_size; + int rv; + + /* Check magic number */ + if (sig->c.magic != VB2_MAGIC_SIGNATURE2) + return VB2_ERROR_SIG_MAGIC; + + /* Make sure common header is good */ + rv = vb2_verify_common_header(sig, size); + if (rv) + return rv; + + /* + * Check for compatible version. No need to check minor version, since + * that's compatible across readers matching the major version, and we + * haven't added any new fields. + */ + if (sig->c.struct_version_major != VB2_SIGNATURE2_VERSION_MAJOR) + return VB2_ERROR_SIG_VERSION; + + /* Make sure header is big enough for signature */ + if (sig->c.fixed_size < sizeof(*sig)) + return VB2_ERROR_SIG_HEADER_SIZE; + + /* Make sure signature data is inside */ + rv = vb2_verify_common_member(sig, &min_offset, + sig->sig_offset, sig->sig_size); + if (rv) + return rv; + + /* Make sure signature size is correct for the algorithm */ + expect_sig_size = vb2_sig_size(sig->sig_alg, sig->hash_alg); + if (!expect_sig_size) + return VB2_ERROR_SIG_ALGORITHM; + if (sig->sig_size != expect_sig_size) + return VB2_ERROR_SIG_SIZE; + + return VB2_SUCCESS; +} |