diff options
author | Sergii Dmytruk <sergii.dmytruk@3mdeb.com> | 2022-10-22 20:11:35 +0300 |
---|---|---|
committer | Martin L Roth <gaumless@gmail.com> | 2022-11-12 23:16:07 +0000 |
commit | 7221a6cfc5ccc45b188d36815d2b011142f2cf12 (patch) | |
tree | 2811c8ef5a5e1f4777471b6e223009c31f8eba63 /src/security/tpm/tss/tcg-1.2/tss.c | |
parent | 3ff77016da988d37ba0dbe44538c10f92b2704c5 (diff) |
security/tpm: improve tlcl_extend() signature
Until now tcg-2.0/tss.c was just assuming certain buffer size and
hash algorithm. Change it to accept digest type, which the call sites
know.
Also drop `uint8_t *out_digest` parameter which was always `NULL`
and was handled only by tcg-1.2 code.
Change-Id: I944302b502e3424c5041b17c713a867b0fc535c4
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68745
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Diffstat (limited to 'src/security/tpm/tss/tcg-1.2/tss.c')
-rw-r--r-- | src/security/tpm/tss/tcg-1.2/tss.c | 19 |
1 files changed, 7 insertions, 12 deletions
diff --git a/src/security/tpm/tss/tcg-1.2/tss.c b/src/security/tpm/tss/tcg-1.2/tss.c index 52bc2722b2..6b79aabe87 100644 --- a/src/security/tpm/tss/tcg-1.2/tss.c +++ b/src/security/tpm/tss/tcg-1.2/tss.c @@ -331,25 +331,20 @@ uint32_t tlcl_set_global_lock(void) return tlcl_write(TPM_NV_INDEX0, NULL, 0); } -uint32_t tlcl_extend(int pcr_num, const uint8_t *in_digest, - uint8_t *out_digest) +uint32_t tlcl_extend(int pcr_num, const uint8_t *digest_data, + enum vb2_hash_algorithm digest_algo) { struct s_tpm_extend_cmd cmd; uint8_t response[kTpmResponseHeaderLength + kPcrDigestLength]; - uint32_t result; + + if (digest_algo != VB2_HASH_SHA1) + return TPM_E_INVALID_ARG; memcpy(&cmd, &tpm_extend_cmd, sizeof(cmd)); to_tpm_uint32(cmd.buffer + tpm_extend_cmd.pcrNum, pcr_num); - memcpy(cmd.buffer + cmd.inDigest, in_digest, kPcrDigestLength); - - result = tlcl_send_receive(cmd.buffer, response, sizeof(response)); - if (result != TPM_SUCCESS) - return result; + memcpy(cmd.buffer + cmd.inDigest, digest_data, kPcrDigestLength); - if (out_digest) - memcpy(out_digest, response + kTpmResponseHeaderLength, - kPcrDigestLength); - return result; + return tlcl_send_receive(cmd.buffer, response, sizeof(response)); } uint32_t tlcl_get_permissions(uint32_t index, uint32_t *permissions) |