summaryrefslogtreecommitdiff
path: root/firmware/2lib/2load_kernel.c
diff options
context:
space:
mode:
Diffstat (limited to 'firmware/2lib/2load_kernel.c')
-rw-r--r--firmware/2lib/2load_kernel.c18
1 files changed, 8 insertions, 10 deletions
diff --git a/firmware/2lib/2load_kernel.c b/firmware/2lib/2load_kernel.c
index 65e40536..35dc5b4b 100644
--- a/firmware/2lib/2load_kernel.c
+++ b/firmware/2lib/2load_kernel.c
@@ -110,11 +110,11 @@ static vb2_error_t vb2_verify_kernel_dev_key_hash(
struct vb2_packed_key *key = &keyblock->data_key;
uint8_t *buf = ((uint8_t *)key) + key->key_offset;
uint32_t buflen = key->key_size;
- uint8_t digest[VB2_SHA256_DIGEST_SIZE];
+ struct vb2_hash hash;
VB2_DEBUG("Checking developer key hash.\n");
- VB2_TRY(vb2_digest_buffer(buf, buflen, VB2_HASH_SHA256, digest,
- sizeof(digest)));
+ VB2_TRY(vb2_hash_calculate(vb2api_hwcrypto_allowed(ctx), buf, buflen,
+ VB2_HASH_SHA256, &hash));
uint8_t *fwmp_dev_key_hash =
vb2_secdata_fwmp_get_dev_key_hash(ctx);
@@ -123,8 +123,8 @@ static vb2_error_t vb2_verify_kernel_dev_key_hash(
return VB2_ERROR_KERNEL_KEYBLOCK_DEV_KEY_HASH;
}
- if (vb2_safe_memcmp(digest, fwmp_dev_key_hash,
- VB2_SHA256_DIGEST_SIZE)) {
+ if (vb2_safe_memcmp(hash.sha256, fwmp_dev_key_hash,
+ sizeof(hash.sha256))) {
int i;
VB2_DEBUG("Wrong developer key hash.\n");
@@ -134,7 +134,7 @@ static vb2_error_t vb2_verify_kernel_dev_key_hash(
VB2_DEBUG_RAW("\n");
VB2_DEBUG("Got: ");
for (i = 0; i < VB2_SHA256_DIGEST_SIZE; i++)
- VB2_DEBUG_RAW("%02x ", digest[i]);
+ VB2_DEBUG_RAW("%02x ", hash.sha256[i]);
VB2_DEBUG_RAW("\n");
return VB2_ERROR_KERNEL_KEYBLOCK_DEV_KEY_HASH;
@@ -175,8 +175,7 @@ static vb2_error_t vb2_verify_kernel_vblock(
key_size = sd->kernel_key_size;
VB2_TRY(vb2_unpack_key_buffer(&kernel_key, key_data, key_size));
- if (vb2_hwcrypto_allowed(ctx))
- kernel_key.allow_hwcrypto = 1;
+ kernel_key.allow_hwcrypto = vb2api_hwcrypto_allowed(ctx);
/*
* Clear any previous keyblock-valid flag (for example, from a previous
@@ -435,8 +434,7 @@ static vb2_error_t vb2_load_partition(
return VB2_ERROR_LOAD_PARTITION_DATA_KEY;
}
- if (vb2_hwcrypto_allowed(ctx))
- data_key.allow_hwcrypto = 1;
+ data_key.allow_hwcrypto = vb2api_hwcrypto_allowed(ctx);
/* Verify kernel data */
if (vb2_verify_data(kernbuf, kernbuf_size, &preamble->body_signature,
View Lorry Controller Status