From 4eef812d68f64cc501d795131d95f8a2f27223b1 Mon Sep 17 00:00:00 2001 From: Randall Spangler Date: Thu, 23 Oct 2014 10:07:54 -0700 Subject: vboot2: use enum hash algorithm This changes the internals of vboot2 to use the enumerated type for hash algorithm. The conversion from crypto algorithm is done only when unpacking the key (and ok, in checking the rsa padding, but that goes away in the next change). This is preparation for the vboot2 data types, which separate signature and hash algorithms into their own fields. There is no external change in the calling API to vboot, and no change to the external data structures. BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: I9c6de08d742dab941beb806fbd2bfc1e11c01e2c Signed-off-by: Randall Spangler Reviewed-on: https://chromium-review.googlesource.com/225208 Reviewed-by: Daisuke Nojiri Reviewed-by: Bill Richardson --- firmware/2lib/2common.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'firmware/2lib/2common.c') diff --git a/firmware/2lib/2common.c b/firmware/2lib/2common.c index 21c42a34..0da3a611 100644 --- a/firmware/2lib/2common.c +++ b/firmware/2lib/2common.c @@ -192,10 +192,18 @@ int vb2_unpack_key(struct vb2_public_key *key, if (rv) return rv; + /* Check key algorithm */ if (packed_key->algorithm >= VB2_ALG_COUNT) { VB2_DEBUG("Invalid algorithm.\n"); return VB2_ERROR_UNPACK_KEY_ALGORITHM; } + key->algorithm = packed_key->algorithm; + + key->hash_alg = vb2_crypto_to_hash(packed_key->algorithm); + if (key->hash_alg == VB2_HASH_INVALID) { + VB2_DEBUG("Unsupported hash algorithm.\n"); + return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM; + } expected_key_size = vb2_packed_key_size(packed_key->algorithm); if (!expected_key_size || expected_key_size != packed_key->key_size) { @@ -220,8 +228,6 @@ int vb2_unpack_key(struct vb2_public_key *key, key->n = buf32 + 2; key->rr = buf32 + 2 + key->arrsize; - key->algorithm = packed_key->algorithm; - return VB2_SUCCESS; } @@ -264,7 +270,7 @@ int vb2_verify_data(const uint8_t *data, } /* Digest goes at start of work buffer */ - digest_size = vb2_digest_size(key->algorithm); + digest_size = vb2_digest_size(key->hash_alg); if (!digest_size) return VB2_ERROR_VDATA_DIGEST_SIZE; @@ -277,7 +283,7 @@ int vb2_verify_data(const uint8_t *data, if (!dc) return VB2_ERROR_VDATA_WORKBUF_HASHING; - rv = vb2_digest_init(dc, key->algorithm); + rv = vb2_digest_init(dc, key->hash_alg); if (rv) return rv; -- cgit v1.2.1