vendorcode/eltan/security/lib: Implement SHA endian function
digest from vb2_digest_bufer() does not contains the correct endian. Create cb_sha_endian() which can convert the calculated digest into big endian or little endian when required. BUG=N/A TEST=Created binary and verify logging on Facebok FBG-1701 Change-Id: If828bde54c79e836a5b05ff0447645d7e06e819a Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/30831 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
This commit is contained in:
parent
6665da81ef
commit
bd4ad6e630
|
@ -0,0 +1,33 @@
|
||||||
|
/*
|
||||||
|
* This file is part of the coreboot project.
|
||||||
|
*
|
||||||
|
* Copyright (C) 2018-2019, Eltan B.V.
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; version 2 of the License.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef __SECURITY_CB_SHA_H__
|
||||||
|
#define __SECURITY_CB_SHA_H__
|
||||||
|
|
||||||
|
#include <2rsa.h>
|
||||||
|
#include <vb21_common.h>
|
||||||
|
#include <vb2_api.h>
|
||||||
|
|
||||||
|
/* Supported Algorithm types for hash */
|
||||||
|
enum endian_algorithm {
|
||||||
|
NO_ENDIAN_ALGORITHM = 0,
|
||||||
|
BIG_ENDIAN_ALGORITHM = 1,
|
||||||
|
LITTLE_ENDIAN_ALGORITHM = 2,
|
||||||
|
};
|
||||||
|
|
||||||
|
int cb_sha_endian(enum vb2_hash_algorithm hash_alg, const uint8_t *data, uint32_t len,
|
||||||
|
uint8_t *digest, enum endian_algorithm endian);
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,59 @@
|
||||||
|
#
|
||||||
|
# This file is part of the coreboot project.
|
||||||
|
#
|
||||||
|
# Copyright (C) 2018-2019 Eltan B.V.
|
||||||
|
#
|
||||||
|
# This program is free software; you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation; version 2 of the License.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
|
||||||
|
# call with $1 = stage name to create rules for building the library
|
||||||
|
# for the stage and adding it to the stage's set of object files.
|
||||||
|
define vendor-security-lib
|
||||||
|
VEN_SEC_LIB_$(1) = $(obj)/external/ven_sec_lib-$(1)/vboot_fw21.a
|
||||||
|
VEN_SEC_CFLAGS_$(1) += $$(patsubst -I%,-I$(top)/%,\
|
||||||
|
$$(patsubst $(src)/%.h,$(top)/$(src)/%.h,\
|
||||||
|
$$(filter-out -I$(obj), $$(CPPFLAGS_$(1)))))
|
||||||
|
VEN_SEC_CFLAGS_$(1) += $$(CFLAGS_$(1))
|
||||||
|
VEN_SEC_CFLAGS_$(1) += $$($(1)-c-ccopts)
|
||||||
|
VEN_SEC_CFLAGS_$(1) += -I$(abspath $(obj)) -Wno-missing-prototypes
|
||||||
|
|
||||||
|
$$(VEN_SEC_LIB_$(1)): $(obj)/config.h
|
||||||
|
printf " MAKE $(subst $(obj)/,,$(@))\n"
|
||||||
|
+FIRMWARE_ARCH=$$(ARCHDIR-$$(ARCH-$(1)-y)) \
|
||||||
|
CC="$$(CC_$(1))" \
|
||||||
|
CFLAGS="$$(VEN_SEC_CFLAGS_$(1))" VBOOT2="y" \
|
||||||
|
$(MAKE) -C $(VBOOT_SOURCE) \
|
||||||
|
BUILD=$$(abspath $$(dir $$(VEN_SEC_LIB_$(1)))) \
|
||||||
|
V=$(V) \
|
||||||
|
fwlib21
|
||||||
|
endef # vendor-security-for-stage
|
||||||
|
|
||||||
|
CFLAGS_common += -I3rdparty/vboot/firmware/2lib/include
|
||||||
|
CFLAGS_common += -I3rdparty/vboot/firmware/lib21/include
|
||||||
|
|
||||||
|
ifneq ($(filter y,$(CONFIG_VENDORCODE_ELTAN_VBOOT) $(CONFIG_VENDORCODE_ELTAN_MBOOT)),)
|
||||||
|
|
||||||
|
bootblock-$(CONFIG_C_ENVIRONMENT_BOOTBLOCK) += cb_sha.c
|
||||||
|
$(eval $(call vendor-security-lib,bootblock))
|
||||||
|
bootblock-srcs += $(obj)/external/ven_sec_lib-bootblock/vboot_fw21.a
|
||||||
|
|
||||||
|
postcar-y += cb_sha.c
|
||||||
|
$(eval $(call vendor-security-lib,postcar))
|
||||||
|
postcar-srcs += $(obj)/external/ven_sec_lib-postcar/vboot_fw21.a
|
||||||
|
|
||||||
|
ramstage-y += cb_sha.c
|
||||||
|
$(eval $(call vendor-security-lib,ramstage))
|
||||||
|
ramstage-srcs += $(obj)/external/ven_sec_lib-ramstage/vboot_fw21.a
|
||||||
|
|
||||||
|
romstage-y += cb_sha.c
|
||||||
|
$(eval $(call vendor-security-lib,romstage))
|
||||||
|
romstage-srcs += $(obj)/external/ven_sec_lib-romstage/vboot_fw21.a
|
||||||
|
|
||||||
|
endif
|
|
@ -0,0 +1,56 @@
|
||||||
|
/*
|
||||||
|
* This file is part of the coreboot project.
|
||||||
|
*
|
||||||
|
* Copyright (C) 2019 Eltan B.V.
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; version 2 of the License.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <cb_sha.h>
|
||||||
|
|
||||||
|
int cb_sha_endian(enum vb2_hash_algorithm hash_alg, const uint8_t *data, uint32_t len,
|
||||||
|
uint8_t *digest, enum endian_algorithm endian)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
int rv;
|
||||||
|
uint32_t digest_size;
|
||||||
|
uint8_t *result_ptr;
|
||||||
|
uint8_t result[VB2_MAX_DIGEST_SIZE];
|
||||||
|
|
||||||
|
switch (hash_alg) {
|
||||||
|
case VB2_HASH_SHA1:
|
||||||
|
digest_size = VB2_SHA1_DIGEST_SIZE;
|
||||||
|
break;
|
||||||
|
case VB2_HASH_SHA256:
|
||||||
|
digest_size = VB2_SHA256_DIGEST_SIZE;
|
||||||
|
break;
|
||||||
|
case VB2_HASH_SHA512:
|
||||||
|
digest_size = VB2_SHA512_DIGEST_SIZE;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return VB2_ERROR_SHA_INIT_ALGORITHM;
|
||||||
|
}
|
||||||
|
|
||||||
|
result_ptr = result;
|
||||||
|
rv = vb2_digest_buffer(data, len, hash_alg, result_ptr, digest_size);
|
||||||
|
if (rv || (endian == NO_ENDIAN_ALGORITHM))
|
||||||
|
return rv;
|
||||||
|
|
||||||
|
for (i = 0; i < digest_size; ++i) {
|
||||||
|
if (endian == BIG_ENDIAN_ALGORITHM) {
|
||||||
|
/* use big endian */
|
||||||
|
digest[i] = *result_ptr++;
|
||||||
|
} else {
|
||||||
|
/* use little endian */
|
||||||
|
digest[digest_size - i - 1] = *result_ptr++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return rv;
|
||||||
|
}
|
Loading…
Reference in New Issue