diff options
Diffstat (limited to 'firmware/2lib/2misc.c')
-rw-r--r-- | firmware/2lib/2misc.c | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c index 62a1ab3e..333e8064 100644 --- a/firmware/2lib/2misc.c +++ b/firmware/2lib/2misc.c @@ -577,20 +577,22 @@ int vb2api_use_short_dev_screen_delay(struct vb2_context *ctx) return gbb->flags & VB2_GBB_FLAG_DEV_SCREEN_SHORT_DELAY; } -static void snprint_sha1_sum(struct vb2_packed_key *key, +static void snprint_sha1_sum(struct vb2_context *ctx, + struct vb2_packed_key *key, char *dest, size_t dest_size) { uint8_t *buf = ((uint8_t *)key) + key->key_offset; uint64_t buflen = key->key_size; - uint8_t digest[VB2_SHA1_DIGEST_SIZE]; + struct vb2_hash hash; int32_t used = 0; int i; - vb2_digest_buffer(buf, buflen, VB2_HASH_SHA1, digest, sizeof(digest)); - for (i = 0; i < sizeof(digest); i++) + vb2_hash_calculate(vb2api_hwcrypto_allowed(ctx), buf, buflen, + VB2_HASH_SHA1, &hash); + for (i = 0; i < sizeof(hash.sha1); i++) if (used < dest_size) used += snprintf(dest + used, dest_size - used, - "%02x", digest[i]); + "%02x", hash.sha1[i]); dest[dest_size - 1] = '\0'; } @@ -690,7 +692,7 @@ char *vb2api_get_debug_info(struct vb2_context *ctx) struct vb2_workbuf wblocal = wb; rv = vb2_gbb_read_root_key(ctx, &key, NULL, &wblocal); if (rv == VB2_SUCCESS) { - snprint_sha1_sum(key, sha1sum, sizeof(sha1sum)); + snprint_sha1_sum(ctx, key, sha1sum, sizeof(sha1sum)); DEBUG_INFO_APPEND("\ngbb.rootkey: %s", sha1sum); } } @@ -700,7 +702,7 @@ char *vb2api_get_debug_info(struct vb2_context *ctx) struct vb2_workbuf wblocal = wb; rv = vb2_gbb_read_recovery_key(ctx, &key, NULL, &wblocal); if (rv == VB2_SUCCESS) { - snprint_sha1_sum(key, sha1sum, sizeof(sha1sum)); + snprint_sha1_sum(ctx, key, sha1sum, sizeof(sha1sum)); DEBUG_INFO_APPEND("\ngbb.recovery_key: %s", sha1sum); } } @@ -710,7 +712,7 @@ char *vb2api_get_debug_info(struct vb2_context *ctx) sd->kernel_key_offset) { struct vb2_packed_key *key = vb2_member_of(sd, sd->kernel_key_offset); - snprint_sha1_sum(key, sha1sum, sizeof(sha1sum)); + snprint_sha1_sum(ctx, key, sha1sum, sizeof(sha1sum)); DEBUG_INFO_APPEND("\nkernel_subkey: %s", sha1sum); } @@ -749,3 +751,14 @@ void vb2_set_boot_mode(struct vb2_context *ctx) *boot_mode = VB2_BOOT_MODE_DEVELOPER; } } + +bool vb2api_hwcrypto_allowed(struct vb2_context *ctx) +{ + /* disable hwcrypto in recovery mode */ + if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE) + return 0; + + /* enable hwcrypto only if RW firmware set the flag */ + return vb2_secdata_kernel_get(ctx, VB2_SECDATA_KERNEL_FLAGS) & + VB2_SECDATA_KERNEL_FLAG_HWCRYPTO_ALLOWED; +} |