vboot2: add support for new vb2_signature2 struct

And assocated unit tests. BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: I37fccafd8ccee5c0d55e3746c1611a8dff73145a Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/226939 Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
2025-12-17 21:37:23 +00:00 · 2014-10-31 11:19:14 -07:00
parent 3c6ec76e32
commit c0ce70b468
7 changed files with 255 additions and 1 deletions
--- a/firmware/2lib/include/2common.h
+++ b/firmware/2lib/include/2common.h
@@ -281,6 +281,25 @@ int vb2_unpack_key2(struct vb2_public_key *key,
 		    const uint8_t *buf,
 		    uint32_t size);

+/**
+ * Return expected signature size for a signature/hash algorithm pair
+ *
+ * @param sig_alg	Signature algorithm
+ * @param hash_alg	Hash algorithm
+ * @return The signature size, or zero if error / unsupported algorithm.
+ */
+uint32_t vb2_sig_size(enum vb2_signature_algorithm sig_alg,
+		      enum vb2_hash_algorithm hash_alg);
+
+/**
+ * Verify the integrity of a signature struct
+ * @param sig		Signature struct
+ * @param size		Size of buffer containing signature struct
+ * @return VB2_SUCCESS, or non-zero if error.
+ */
+int vb2_verify_signature2(const struct vb2_signature2 *sig,
+			  uint32_t size);
+
 /* Size of work buffer sufficient for vb2_rsa_verify_digest() worst case */
 #define VB2_VERIFY_DIGEST_WORKBUF_BYTES VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES