summaryrefslogtreecommitdiff
path: root/firmware/2lib/include/2sha.h
diff options
context:
space:
mode:
Diffstat (limited to 'firmware/2lib/include/2sha.h')
-rw-r--r--firmware/2lib/include/2sha.h64
1 files changed, 62 insertions, 2 deletions
diff --git a/firmware/2lib/include/2sha.h b/firmware/2lib/include/2sha.h
index 646c7c17..32af9f74 100644
--- a/firmware/2lib/include/2sha.h
+++ b/firmware/2lib/include/2sha.h
@@ -97,6 +97,36 @@ struct vb2_digest_context {
int using_hwcrypto;
};
+/*
+ * Serializable data structure that can store any vboot hash. Layout used in
+ * CBFS attributes that need to be backwards-compatible -- do not change!
+ * When serializing/deserizaling this, you should store/load (offsetof(bytes) +
+ * vb2_digest_size(algo)), not the full size of this structure.
+ */
+struct vb2_hash {
+ /* enum vb2_hash_algorithm. Fixed width for serialization.
+ Single byte to avoid endianness issues. */
+ uint8_t algo;
+ /* Padding to align and to match existing CBFS attribute. */
+ uint8_t reserved[3];
+ /* The actual digest. Can add new types here as required. */
+ union {
+ uint8_t raw[0];
+#if VB2_SUPPORT_SHA1
+ uint8_t sha1[VB2_SHA1_DIGEST_SIZE];
+#endif
+#if VB2_SUPPORT_SHA256
+ uint8_t sha256[VB2_SHA256_DIGEST_SIZE];
+#endif
+#if VB2_SUPPORT_SHA512
+ uint8_t sha512[VB2_SHA512_DIGEST_SIZE];
+#endif
+ } bytes; /* This has a name so that it's easy to sizeof(). */
+};
+_Static_assert(sizeof(((struct vb2_hash *)0)->bytes) <= VB2_MAX_DIGEST_SIZE,
+ "Must update VB2_MAX_DIGEST_SIZE for new digests!");
+_Static_assert(VB2_HASH_ALG_COUNT <= UINT8_MAX, "vb2_hash.algo overflow!");
+
/**
* Initialize a hash context.
*
@@ -159,7 +189,7 @@ enum vb2_hash_algorithm vb2_crypto_to_hash(uint32_t algorithm);
* @param hash_alg Hash algorithm
* @return The size of the digest, or 0 if error.
*/
-vb2_error_t vb2_digest_size(enum vb2_hash_algorithm hash_alg);
+size_t vb2_digest_size(enum vb2_hash_algorithm hash_alg);
/**
* Return the block size of a hash algorithm.
@@ -167,7 +197,7 @@ vb2_error_t vb2_digest_size(enum vb2_hash_algorithm hash_alg);
* @param hash_alg Hash algorithm
* @return The block size of the algorithm, or 0 if error.
*/
-vb2_error_t vb2_hash_block_size(enum vb2_hash_algorithm alg);
+size_t vb2_hash_block_size(enum vb2_hash_algorithm alg);
/**
* Return the name of a hash algorithm
@@ -226,4 +256,34 @@ vb2_error_t vb2_digest_buffer(const uint8_t *buf, uint32_t size,
enum vb2_hash_algorithm hash_alg, uint8_t *digest,
uint32_t digest_size);
+/**
+ * Fill a vb2_hash structure with the hash of a buffer.
+ *
+ * @param buf Buffer to hash
+ * @param size Size of |buf| in bytes
+ * @param algo The hash algorithm to use (and store in |hash|)
+ * @param hash vb2_hash structure to fill with the hash of |buf|
+ * @return VB2_SUCCESS, or non-zero on error.
+ */
+static inline vb2_error_t vb2_hash_calculate(const void *buf, uint32_t size,
+ enum vb2_hash_algorithm algo,
+ struct vb2_hash *hash)
+{
+ hash->algo = algo;
+ return vb2_digest_buffer(buf, size, algo, hash->bytes.raw,
+ vb2_digest_size(algo));
+}
+
+/**
+ * Verify that a vb2_hash matches a buffer.
+ *
+ * @param buf Buffer to hash and match to |hash|
+ * @param size Size of |buf| in bytes
+ * @param hash Hash to compare to the buffer
+ * @return VB2_SUCCESS if hash matches, VB2_ERROR_SHA_MISMATCH if hash doesn't
+ * match, or non-zero on other error.
+ */
+vb2_error_t vb2_hash_verify(const void *buf, uint32_t size,
+ const struct vb2_hash *hash);
+
#endif /* VBOOT_REFERENCE_2SHA_H_ */
View Lorry Controller Status