Age | Commit message (Collapse) | Author |
|
The `secimage` utility uses OpenSSL to calculate HMAC, which it does in
a rather unorthodox way, using deprecated `HMAC_CTX_init` API and
repeated calling of `HMAC_Init_ex` without a clear reason. The former
causes build errors with OpenSSL 1.1 while the rest of the
`HmacSha256Hash` function is confusing and overly complex.
Make `HmacSha256Hash` use a single OpenSSL API call. Test passed:
resulting signed binary remains identical.
Change-Id: Ib23c0ad96f9d8cc30ad357de8c0b0ba967c7d724
Signed-off-by: Alex Thiessen <alex.thiessen.de+coreboot@gmail.com>
Reviewed-on: https://review.coreboot.org/23069
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|
|
Change-Id: I5c77b3c5ea3fbc249a8c564a521c2c3c45e1c560
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323510
Reviewed-on: https://review.coreboot.org/17877
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Change-Id: I088730fd87dd39fa2c36a06c5770fad05a5808b0
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323511, #1323512
Reviewed-on: https://review.coreboot.org/17882
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Change-Id: Ib53408e8b186c07aa8e42c67131d39c4add05983
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323515
Reviewed-on: https://review.coreboot.org/17881
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
It's later tested for NULL, but never initialized to make that test work
reliably.
Change-Id: Iadee1af224507a6dd39956306f3eafa687895176
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323515
Reviewed-on: https://review.coreboot.org/17880
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Change-Id: Ieea7ac7fbc618cd12f843f1606f9ebab37cae67e
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323508
Reviewed-on: https://review.coreboot.org/17879
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
filebuffer is treated like a string, so it should be zero-terminated
like a string.
Change-Id: I078aa39906394be64023424731fe0c7ae2019899
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323473
Reviewed-on: https://review.coreboot.org/17878
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Change-Id: I5193c6a9f08398b881c971c7175654ba5775b34a
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323509
Reviewed-on: https://review.coreboot.org/17876
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Change-Id: I7930d5cded290f2605d0c92a9c465a3f0c1291a2
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/15974
Tested-by: build bot (Jenkins)
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
|
|
This is to trick libreboot into not deleting misc.c when checking
out coreboot.
Change-Id: I8f0bb5cb3eb5681f99c616ae03de126efab852a9
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-on: http://review.coreboot.org/11134
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
Change-Id: Ibfa8b6b60b2b39212cef27bb2a5f8849218164bb
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-on: http://review.coreboot.org/11133
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
secimage does not use libgmp, so don't link it in.
(Otherwise linking fails if the library is not installed)
Change-Id: I24af21c7754ecd0109f3e86669fa34fa6991d7fe
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-on: http://review.coreboot.org/11079
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
Some compilers and linkers require a strict order or fail to find
all symbols.
Change-Id: I3f44bec1f0e21e7313a751fbc99c61c1aa9b7cf1
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/9962
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|
|
secimage is a tool which adds a header and signature to the binary
first loaded by the soc. ARM core frequency is set to 1 Ghz.
BUG=chrome-os-partner:36421
BRANCH=broadcom-firmware
TEST=booted b0 board
Change-Id: Ia08600d45c47ee4f08d253980036916e44b0044a
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 36284d1b242c26b0b5aac2894f7ed1790da1ef15
Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Original-Reviewed-on: https://chrome-internal-review.googlesource.com/197155
Original-Reviewed-by: Scott Branden <sbranden@broadcom.com>
Original-Reviewed-by: Julius Werner <jwerner@chromium.org>
Original-Commit-Queue: Daisuke Nojiri <dnojiri@google.com>
Original-Tested-by: Daisuke Nojiri <dnojiri@google.com>
Original-Change-Id: Iaddd24006b368c8f37e075cb51e151e985029f3b
Original-Reviewed-on: https://chromium-review.googlesource.com/264417
Reviewed-on: http://review.coreboot.org/9914
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|