xref: /base/startup/hvb/libhvb/src/cert/hvb_cert.c

101                                            struct hvb_cert *cert, const char *const *hash_ptn_list,
107     struct hvb_buf salt_buf = {cert->hash_payload.salt, cert->salt_size};
108     struct hvb_buf digest_buf = {cert->hash_payload.digest, cert->digest_size};
111     enum hvb_image_type image_type = (enum hvb_image_type)cert->verity_type;
118     image_buf.size = cert->image_original_len;
137     ret = hvb_compare_hash(&digest_buf, &image_buf, &salt_buf, cert->hash_algo);
178 static enum hvb_errno _hvb_cert_payload_parser(struct hvb_cert *cert, uint8_t **p, uint8_t *end)
181     struct hash_payload *payload = &cert->hash_payload;
183     if (!_decode_octets(&buf, cert->salt_size, p, end)) {
189     if (!_decode_octets(&buf, cert->digest_size, p, end)) {
198 static enum hvb_errno _hvb_cert_payload_parser_v2(struct hvb_cert *cert, uint8_t **p, uint8_t *end, uint8_t *header)
200     struct hash_payload *payload = &cert->hash_payload;
203     if (header + cert->salt_offset > end || header + cert->salt_offset <= header) {
207     cur_header = header + cert->salt_offset;
209     if (cur_header + cert->salt_size > end || cur_header + cert->salt_size <= cur_header) {
215     if (header + cert->digest_offset > end || header + cert->digest_offset <= header) {
219     cur_header = header + cert->digest_offset;
221     if (cur_header + cert->digest_size > end || cur_header + cert->digest_size <= cur_header) {
226     *p = cur_header + cert->digest_size;
231 static enum hvb_errno _hvb_cert_signature_parser(struct hvb_cert *cert, uint8_t **p, uint8_t *end)
234     struct hvb_sign_info *sign_info = &cert->signature_info;
241     if (hvb_memcpy_s(&cert->signature_info, sizeof(cert->signature_info), buf.addr, cp_size) != 0) {
267 static enum hvb_errno _hvb_cert_signature_parser_v2(struct hvb_cert *cert, uint8_t **p, uint8_t *end, uint8_t *header)
270     struct hvb_sign_info *sign_info = &cert->signature_info;
278     if (hvb_memcpy_s(&cert->signature_info, sizeof(cert->signature_info), buf.addr, cp_size) != 0) {
312 enum hvb_errno hvb_cert_parser(struct hvb_cert *cert, struct hvb_buf *cert_buf)
314     hvb_return_hvb_err_if_null(cert);
319         hvb_print("invalid cert size.\n");
332         hvb_print("error, dc cert const.\n");
335     if (hvb_memcpy_s(cert, sizeof(*cert), buf.addr, buf.size) != 0) {
336         hvb_print("error, copy dc cert const.\n");
340     if (cert->version_minor == 0) {
342         ret = _hvb_cert_payload_parser(cert, &p, end);
349         ret = _hvb_cert_signature_parser(cert, &p, end);
354     } else if (cert->version_minor == 1) {
356         ret = _hvb_cert_payload_parser_v2(cert, &p, end, header);
363         ret = _hvb_cert_signature_parser_v2(cert, &p, end, header);
449         hvb_print("error, hvb cert pubk parser.\n");
475 static enum hvb_errno _check_rollback_index(struct hvb_ops *ops, struct hvb_cert *cert, struct hvb_verified_data *vd)
479     uint64_t cert_rollback_index = cert->rollback_index;
480     uint64_t rollback_location = cert->rollback_location;
494         hvb_print("error, cert rollback index is less than the stored\n");
525     struct hvb_cert cert = {0};
527     struct hvb_sign_info *sign_info = &cert.signature_info;
529     ret = hvb_cert_parser(&cert, cert_buf);
531         hvb_print("error, hvb cert parser.\n");
537     ret = hvb_verify_cert(&tbs, sign_info, cert.salt_size);
539         hvb_print("error, verify cert.\n");
543     ret = _check_rollback_index(ops, &cert, vd);
549     ret = hash_image_init_desc(ops, ptn, &cert, hash_ptn_list, vd);

Indexes created Thu Nov 07 10:32:03 CST 2024