sravan/system76-coreboot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
86da2c70e23cec681f1114f97e26d358bfb15c61
system76-coreboot/util/broadcom/secimage/crypto.c
Daisuke Nojiri e1741c512c broadcom/cygnus: add secimage and sign bootblock 
secimage is a tool which adds a header and signature to the binary
first loaded by the soc. ARM core frequency is set to 1 Ghz.

BUG=chrome-os-partner:36421
BRANCH=broadcom-firmware
TEST=booted b0 board

Change-Id: Ia08600d45c47ee4f08d253980036916e44b0044a
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 36284d1b242c26b0b5aac2894f7ed1790da1ef15
Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Original-Reviewed-on: https://chrome-internal-review.googlesource.com/197155
Original-Reviewed-by: Scott Branden <sbranden@broadcom.com>
Original-Reviewed-by: Julius Werner <jwerner@chromium.org>
Original-Commit-Queue: Daisuke Nojiri <dnojiri@google.com>
Original-Tested-by: Daisuke Nojiri <dnojiri@google.com>
Original-Change-Id: Iaddd24006b368c8f37e075cb51e151e985029f3b
Original-Reviewed-on: https://chromium-review.googlesource.com/264417
Reviewed-on: http://review.coreboot.org/9914
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-04-22 08:59:18 +02:00

76 lines
1.9 KiB
C
Raw Blame History

/*
* Copyright (C) 2015 Broadcom Corporation
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation version 2.
*
* This program is distributed "as is" WITHOUT ANY WARRANTY of any
* kind, whether express or implied; without even the implied warranty
* of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*/
#include <stdio.h>
#include <string.h>
#include <stdint.h>
#include "secimage.h"
#include <openssl/hmac.h>
/*----------------------------------------------------------------------
* Name : HmacSha256Hash
* Purpose :
* Input : none
* Output : none
*---------------------------------------------------------------------*/
int HmacSha256Hash(uint8_t *data, uint32_t len, uint8_t *hash, uint8_t *key)
{
HMAC_CTX hctx;
HMAC_CTX_init(&hctx);
HMAC_Init_ex(&hctx, key, 32, EVP_sha256(), NULL);
/*
* FIXME: why we need this? NULL means to use whatever there is?
* if removed, result is different
*/
HMAC_Init_ex(&hctx, NULL, 0, NULL, NULL);
HMAC_Update(&hctx, data, len);
HMAC_Final(&hctx, hash, NULL);
HMAC_CTX_cleanup(&hctx);
return 0;
}
/*----------------------------------------------------------------------
* Name : AppendHMACSignature
* Purpose : Appends HMAC signature at the end of the data
*---------------------------------------------------------------------*/
int AppendHMACSignature(uint8_t *data, uint32_t length, char *filename,
uint32_t offset)
{
uint8_t hmackey[32];
uint32_t len;
uint32_t status;
uint8_t *digest = data + length;
len = ReadBinaryFile(filename, hmackey, 32);
if (len != 32) {
printf("Error reading hmac key file\n");
return 0;
}
status = HmacSha256Hash(&data[offset], length - offset, digest,
hmackey);
if (status) {
printf("HMAC-SHA256 hash error\n");
return 0;
}
return 32;
}
Reference in New Issue View Git Blame Copy Permalink