diff options
Diffstat (limited to 'src/vendorcode')
-rw-r--r-- | src/vendorcode/eltan/security/include/cb_sha.h | 13 | ||||
-rw-r--r-- | src/vendorcode/eltan/security/lib/cb_sha.c | 34 | ||||
-rw-r--r-- | src/vendorcode/eltan/security/mboot/mboot.c | 15 | ||||
-rw-r--r-- | src/vendorcode/eltan/security/verified_boot/vboot_check.c | 8 |
4 files changed, 21 insertions, 49 deletions
diff --git a/src/vendorcode/eltan/security/include/cb_sha.h b/src/vendorcode/eltan/security/include/cb_sha.h index 4d087f40c9..9a231d8a1e 100644 --- a/src/vendorcode/eltan/security/include/cb_sha.h +++ b/src/vendorcode/eltan/security/include/cb_sha.h @@ -20,14 +20,7 @@ #include <vb21_common.h> #include <vb2_api.h> -/* Supported Algorithm types for hash */ -enum endian_algorithm { - NO_ENDIAN_ALGORITHM = 0, - BIG_ENDIAN_ALGORITHM = 1, - LITTLE_ENDIAN_ALGORITHM = 2, -}; +vb2_error_t cb_sha_little_endian(enum vb2_hash_algorithm hash_alg, const uint8_t *data, + uint32_t len, uint8_t *digest); -int cb_sha_endian(enum vb2_hash_algorithm hash_alg, const uint8_t *data, uint32_t len, - uint8_t *digest, enum endian_algorithm endian); - -#endif
\ No newline at end of file +#endif diff --git a/src/vendorcode/eltan/security/lib/cb_sha.c b/src/vendorcode/eltan/security/lib/cb_sha.c index 47cd10a47c..20a84afacc 100644 --- a/src/vendorcode/eltan/security/lib/cb_sha.c +++ b/src/vendorcode/eltan/security/lib/cb_sha.c @@ -15,42 +15,24 @@ #include <cb_sha.h> -int cb_sha_endian(enum vb2_hash_algorithm hash_alg, const uint8_t *data, uint32_t len, - uint8_t *digest, enum endian_algorithm endian) +vb2_error_t cb_sha_little_endian(enum vb2_hash_algorithm hash_alg, const uint8_t *data, + uint32_t len, uint8_t *digest) { int i; int rv; - uint32_t digest_size; - uint8_t *result_ptr; + uint32_t digest_size = vb2_digest_size(hash_alg); uint8_t result[VB2_MAX_DIGEST_SIZE]; - switch (hash_alg) { - case VB2_HASH_SHA1: - digest_size = VB2_SHA1_DIGEST_SIZE; - break; - case VB2_HASH_SHA256: - digest_size = VB2_SHA256_DIGEST_SIZE; - break; - case VB2_HASH_SHA512: - digest_size = VB2_SHA512_DIGEST_SIZE; - break; - default: + if (!digest_size) return VB2_ERROR_SHA_INIT_ALGORITHM; - } - result_ptr = result; - rv = vb2_digest_buffer(data, len, hash_alg, result_ptr, digest_size); - if (rv || (endian == NO_ENDIAN_ALGORITHM)) + rv = vb2_digest_buffer(data, len, hash_alg, (uint8_t *)&result, digest_size); + if (rv) return rv; for (i = 0; i < digest_size; ++i) { - if (endian == BIG_ENDIAN_ALGORITHM) { - /* use big endian */ - digest[i] = *result_ptr++; - } else { - /* use little endian */ - digest[digest_size - i - 1] = *result_ptr++; - } + /* use little endian */ + digest[digest_size - i - 1] = result[i]; } return rv; } diff --git a/src/vendorcode/eltan/security/mboot/mboot.c b/src/vendorcode/eltan/security/mboot/mboot.c index 5774429329..bae377a4d4 100644 --- a/src/vendorcode/eltan/security/mboot/mboot.c +++ b/src/vendorcode/eltan/security/mboot/mboot.c @@ -159,11 +159,8 @@ int mboot_hash_extend_log(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr, memcpy(digest->digest.sha1, (void *)hashData, VB2_SHA1_DIGEST_SIZE); } else { - status = cb_sha_endian(VB2_HASH_SHA1, hashData, - hashDataLen, - digest->digest.sha1, - NO_ENDIAN_ALGORITHM); - if ( status ) + if (cb_sha_little_endian(VB2_HASH_SHA1, hashData, + hashDataLen, digest->digest.sha1)) return TPM_E_IOERROR; } @@ -186,11 +183,9 @@ int mboot_hash_extend_log(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr, memcpy(digest->digest.sha256, (void *)hashData, hashDataLen); } else { - status = cb_sha_endian(VB2_HASH_SHA256, hashData, - hashDataLen, - digest->digest.sha256, - LITTLE_ENDIAN_ALGORITHM); - if (status) + + if (cb_sha_little_endian(VB2_HASH_SHA256, hashData, + hashDataLen, digest->digest.sha256)) return TPM_E_IOERROR; } digest->hashAlg = TPM_ALG_SHA256; diff --git a/src/vendorcode/eltan/security/verified_boot/vboot_check.c b/src/vendorcode/eltan/security/verified_boot/vboot_check.c index 07c69020c8..88519bdd78 100644 --- a/src/vendorcode/eltan/security/verified_boot/vboot_check.c +++ b/src/vendorcode/eltan/security/verified_boot/vboot_check.c @@ -74,7 +74,8 @@ int verified_boot_check_manifest(void) vb2_sig_hdr->sig_size = vb2_rsa_sig_size(VB2_SIG_RSA2048); vb2_sig_hdr->hash_alg = HASH_ALG; vb2_sig_hdr->data_size = CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS * DIGEST_SIZE; - memcpy(&sig_buffer[sizeof(struct vb21_signature)], (uint8_t *)CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_LOC, size); + memcpy(&sig_buffer[sizeof(struct vb21_signature)], + (uint8_t *)CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_LOC, size); if (vb21_verify_data(&sig_buffer[sizeof(struct vb21_signature)], vb2_sig_hdr->data_size, (struct vb21_signature *)&sig_buffer, &key, &wb)) { @@ -185,7 +186,7 @@ static void verified_boot_check_buffer(const char *name, void *start, size_t siz else hash_algorithm = VB2_HASH_SHA256; - status = cb_sha_endian(hash_algorithm, (const uint8_t *)start, size, digest); + status = cb_sha_little_endian(hash_algorithm, (const uint8_t *)start, size, digest); if ((CONFIG(VENDORCODE_ELTAN_VBOOT) && memcmp((void *)( (uint8_t *)CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_LOC + sizeof(digest) * hash_index), digest, sizeof(digest))) || status) { @@ -203,7 +204,8 @@ static void verified_boot_check_buffer(const char *name, void *start, size_t siz printk(BIOS_DEBUG, "%s: measuring %s\n", __func__, name); if (measure_item(pcr, digest, sizeof(digest), (int8_t *)name, 0)) - printk(BIOS_DEBUG, "%s: measuring failed!\n", __func__); + printk(BIOS_DEBUG, "%s: measuring failed!\n", + __func__); } } #endif |