diff options
Diffstat (limited to 'firmware')
| -rw-r--r-- | firmware/2lib/include/2api.h | 12 | ||||
| -rw-r--r-- | firmware/2lib/include/2return_codes.h | 3 | ||||
| -rw-r--r-- | firmware/lib20/api.c | 14 |
3 files changed, 28 insertions, 1 deletions
diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index 56d18d69..bf8f6393 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -497,6 +497,18 @@ int vb2api_extend_hash(struct vb2_context *ctx, int vb2api_check_hash(struct vb2_context *ctx); /** + * Check the hash value started by vb2api_init_hash() while retrieving + * calculated digest. + * + * @param ctx Vboot context + * @param digest_out optional pointer to buffer to store digest + * @param digest_out_size optional size of buffer to store digest + * @return VB2_SUCCESS, or error code on error. + */ +int vb2api_check_hash_get_digest(struct vb2_context *ctx, void *digest_out, + uint32_t digest_out_size); + +/** * Get a PCR digest * * @param ctx Vboot context diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h index 4201b693..1d1ed531 100644 --- a/firmware/2lib/include/2return_codes.h +++ b/firmware/2lib/include/2return_codes.h @@ -523,6 +523,9 @@ enum vb2_return_code { /* Phase one passing through secdata's request to reboot */ VB2_ERROR_API_PHASE1_SECDATA_REBOOT, + /* Digest buffer passed into vb2api_check_hash incorrect. */ + VB2_ERROR_API_CHECK_DIGEST_SIZE, + /********************************************************************** * Errors which may be generated by implementations of vb2ex functions. * Implementation may also return its own specific errors, which should diff --git a/firmware/lib20/api.c b/firmware/lib20/api.c index bee93285..7c253457 100644 --- a/firmware/lib20/api.c +++ b/firmware/lib20/api.c @@ -129,7 +129,8 @@ int vb2api_init_hash(struct vb2_context *ctx, uint32_t tag, uint32_t *size) return vb2_digest_init(dc, key.hash_alg); } -int vb2api_check_hash(struct vb2_context *ctx) +int vb2api_check_hash_get_digest(struct vb2_context *ctx, void *digest_out, + uint32_t digest_out_size) { struct vb2_shared_data *sd = vb2_get_sd(ctx); struct vb2_digest_context *dc = (struct vb2_digest_context *) @@ -199,5 +200,16 @@ int vb2api_check_hash(struct vb2_context *ctx) if (rv) vb2_fail(ctx, VB2_RECOVERY_FW_BODY, rv); + if (digest_out != NULL) { + if (digest_out_size < digest_size) + return VB2_ERROR_API_CHECK_DIGEST_SIZE; + memcpy(digest_out, digest, digest_size); + } + return rv; } + +int vb2api_check_hash(struct vb2_context *ctx) +{ + return vb2api_check_hash_get_digest(ctx, NULL, 0); +} |