scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-25 02:35:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix KeyBlockVerify() to take an explicit param for whether to use hash only.

Browse Source 
Fix VerifyMemberInside().

BUG=chrome-os-partner:703
TEST=make && make runtests

Review URL: http://codereview.chromium.org/3126013
This commit is contained in:
Randall Spangler
2010-08-17 15:45:21 -07:00
parent c91e2390cb
commit 138acfe1ba
12 changed files with 81 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
firmware/lib/vboot_kernel.c
View File

@@ -168,10 +168,6 @@ int LoadKernel(LoadKernelParams* params) {
return (status == TPM_E_MUST_REBOOT ?
LOAD_KERNEL_REBOOT : LOAD_KERNEL_RECOVERY);
}
} else if (is_dev && !is_rec) {
/* In developer mode, we ignore the kernel subkey, and just use
* the SHA-512 hash to verify the key block. */
kernel_subkey = NULL;
}
do {
@@ -215,9 +211,11 @@ int LoadKernel(LoadKernelParams* params) {
if (0 != BootDeviceReadLBA(part_start, kbuf_sectors, kbuf))
continue;
/* Verify the key block */
/* Verify the key block. In developer mode, we ignore the key
* and use only the SHA-512 hash to verify the key block. */
key_block = (VbKeyBlockHeader*)kbuf;
if ((0 != KeyBlockVerify(key_block, KBUF_SIZE, kernel_subkey))) {
if ((0 != KeyBlockVerify(key_block, KBUF_SIZE, kernel_subkey,
is_dev && !is_rec))) {
VBDEBUG(("Verifying key block failed.\n"));
continue;
}