diff options
Diffstat (limited to 'host/lib/signature_digest.c')
-rw-r--r-- | host/lib/signature_digest.c | 41 |
1 files changed, 33 insertions, 8 deletions
diff --git a/host/lib/signature_digest.c b/host/lib/signature_digest.c index e90a56ed..2050d4a4 100644 --- a/host/lib/signature_digest.c +++ b/host/lib/signature_digest.c @@ -12,16 +12,23 @@ #include "2sysincludes.h" #include "2common.h" +#include "2rsa.h" #include "2sha.h" #include "cryptolib.h" #include "host_common.h" +#include "host_signature2.h" #include "signature_digest.h" -uint8_t* PrependDigestInfo(unsigned int algorithm, uint8_t* digest) +uint8_t* PrependDigestInfo(enum vb2_hash_algorithm hash_alg, uint8_t* digest) { - const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); - const int digestinfo_size = digestinfo_size_map[algorithm]; - const uint8_t* digestinfo = hash_digestinfo_map[algorithm]; + const int digest_size = vb2_digest_size(hash_alg); + uint32_t digestinfo_size = 0; + const uint8_t* digestinfo = NULL; + + if (VB2_SUCCESS != vb2_digest_info(hash_alg, &digestinfo, + &digestinfo_size)) + return NULL; + uint8_t* p = malloc(digestinfo_size + digest_size); memcpy(p, digestinfo, digestinfo_size); memcpy(p + digestinfo_size, digest, digest_size); @@ -35,7 +42,7 @@ uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len, uint8_t digest[VB2_SHA512_DIGEST_SIZE]; /* Longest digest */ - if (algorithm >= kNumAlgorithms) { + if (algorithm >= VB2_ALG_COUNT) { VBDEBUG(("SignatureDigest() called with invalid algorithm!\n")); } else if (VB2_SUCCESS == vb2_digest_buffer(buf, len, vb2_crypto_to_hash(algorithm), @@ -48,12 +55,29 @@ uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len, uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file, unsigned int algorithm) { + const enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(algorithm); FILE* key_fp = NULL; RSA* key = NULL; uint8_t* signature = NULL; uint8_t* signature_digest = SignatureDigest(buf, len, algorithm); - const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); - int signature_digest_len = digest_size + digestinfo_size_map[algorithm]; + if (!signature_digest) { + VBDEBUG(("SignatureBuf(): Couldn't get signature digest\n")); + return NULL; + } + + const int digest_size = vb2_digest_size(hash_alg); + + uint32_t digestinfo_size = 0; + const uint8_t* digestinfo = NULL; + if (VB2_SUCCESS != vb2_digest_info(hash_alg, &digestinfo, + &digestinfo_size)) { + VBDEBUG(("SignatureBuf(): Couldn't get digest info\n")); + free(signature_digest); + return NULL; + } + + int signature_digest_len = digest_size + digestinfo_size; + key_fp = fopen(key_file, "r"); if (!key_fp) { VBDEBUG(("SignatureBuf(): Couldn't open key file: %s\n", @@ -62,7 +86,8 @@ uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file, return NULL; } if ((key = PEM_read_RSAPrivateKey(key_fp, NULL, NULL, NULL))) - signature = (uint8_t*) malloc(siglen_map[algorithm]); + signature = (uint8_t *)malloc( + vb2_rsa_sig_size(vb2_crypto_to_signature(algorithm))); else VBDEBUG(("SignatureBuf(): Couldn't read private key from: %s\n", key_file)); |