From 3d8dcc853a98bb8aae91d9a30862541a38581b2d Mon Sep 17 00:00:00 2001
From: Joel Kitching <kitching@google.com>
Date: Wed, 4 Sep 2019 15:52:25 +0800
Subject: vboot: keep const and non-const signature and key accessors

Keep const (default) and non-const (_mutable suffix) versions
of `data` field accessors for vb2_signature and vb2_packed_key.

No need for separate 2packed_key.c file -- just static inline
the functions.

vb2_verify_packed_key_inside should return type vb2_error_t.

BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none

Change-Id: I96722a746f26abbb6e19a365ce74f0bfda0da381
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1786386
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
---
 firmware/lib20/common.c | 3 ++-
 firmware/lib20/kernel.c | 7 +------
 2 files changed, 3 insertions(+), 7 deletions(-)

(limited to 'firmware/lib20')

diff --git a/firmware/lib20/common.c b/firmware/lib20/common.c
index f1364c7a..6a6eff32 100644
--- a/firmware/lib20/common.c
+++ b/firmware/lib20/common.c
@@ -15,7 +15,8 @@ vb2_error_t vb2_verify_digest(const struct vb2_public_key *key,
 			      struct vb2_signature *sig, const uint8_t *digest,
 			      const struct vb2_workbuf *wb)
 {
-	uint8_t *sig_data = vb2_signature_data(sig);
+	/* A signature is destroyed in the process of being verified. */
+	uint8_t *sig_data = vb2_signature_data_mutable(sig);
 
 	if (sig->sig_size != vb2_rsa_sig_size(key->sig_alg)) {
 		VB2_DEBUG("Wrong data signature size for algorithm, "
diff --git a/firmware/lib20/kernel.c b/firmware/lib20/kernel.c
index 172f7ffb..eff35bc4 100644
--- a/firmware/lib20/kernel.c
+++ b/firmware/lib20/kernel.c
@@ -14,11 +14,6 @@
 #include "2sysincludes.h"
 #include "vb2_common.h"
 
-static const uint8_t *vb2_signature_data_const(const struct vb2_signature *sig)
-{
-	return (uint8_t *)sig + sig->sig_offset;
-}
-
 /**
  * Returns non-zero if the kernel needs to have a valid signature, instead of
  * just a valid hash.
@@ -81,7 +76,7 @@ vb2_error_t vb2_verify_keyblock_hash(const struct vb2_keyblock *block,
 	if (rv)
 		return rv;
 
-	if (vb2_safe_memcmp(vb2_signature_data_const(sig), digest,
+	if (vb2_safe_memcmp(vb2_signature_data(sig), digest,
 			    digest_size) != 0) {
 		VB2_DEBUG("Invalid keyblock hash.\n");
 		return VB2_ERROR_KEYBLOCK_SIG_INVALID;
-- 
cgit v1.2.1