Add a bool var into hash_algo_list to indicate whether the algorithm
is supported or not and move the IS_ENABLED to only cover this var.
So that we can have the name, hash, mask and size no matter the
digest kconfigs are enabled or not.
In before, tpm2_algorithm_to_len() and tcg2_algorithm_to_mask() are used to
identify an unsupported algorithm when they return 0.
It is not the case now when hash_algo_list always provides algorithm size
and mask, thus a new API is introduced to check if an algorithm is
supported by U-Boot.
Suggested-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Raymond Mao <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
u16 hash_alg;
u32 hash_mask;
u16 hash_len;
+ bool supported;
};
/* Algorithm Registry */
#define TCG2_BOOT_HASH_ALG_SM3_256 0x00000010
static const struct digest_info hash_algo_list[] = {
-#if IS_ENABLED(CONFIG_SHA1)
{
"sha1",
TPM2_ALG_SHA1,
TCG2_BOOT_HASH_ALG_SHA1,
TPM2_SHA1_DIGEST_SIZE,
- },
+#if IS_ENABLED(CONFIG_SHA1)
+ true,
+#else
+ false,
#endif
-#if IS_ENABLED(CONFIG_SHA256)
+ },
{
"sha256",
TPM2_ALG_SHA256,
TCG2_BOOT_HASH_ALG_SHA256,
TPM2_SHA256_DIGEST_SIZE,
- },
+#if IS_ENABLED(CONFIG_SHA256)
+ true,
+#else
+ false,
#endif
-#if IS_ENABLED(CONFIG_SHA384)
+ },
{
"sha384",
TPM2_ALG_SHA384,
TCG2_BOOT_HASH_ALG_SHA384,
TPM2_SHA384_DIGEST_SIZE,
- },
+#if IS_ENABLED(CONFIG_SHA384)
+ true,
+#else
+ false,
#endif
-#if IS_ENABLED(CONFIG_SHA512)
+ },
{
"sha512",
TPM2_ALG_SHA512,
TCG2_BOOT_HASH_ALG_SHA512,
TPM2_SHA512_DIGEST_SIZE,
- },
+#if IS_ENABLED(CONFIG_SHA512)
+ true,
+#else
+ false,
#endif
+ },
};
/* NV index attributes */
*/
const char *tpm2_algorithm_name(enum tpm2_algorithms);
+/**
+ * tpm2_algorithm_supported() - Check if the algorithm supported by U-Boot
+ *
+ * @algorithm_id: algorithm defined in enum tpm2_algorithms
+ * Return: true if supported, otherwise false
+ */
+bool tpm2_algorithm_supported(enum tpm2_algorithms algo);
+
/**
* tpm2_algorithm_to_len() - Return an algorithm length for supported algorithm id
*
return "";
}
+bool tpm2_algorithm_supported(enum tpm2_algorithms algo)
+{
+ size_t i;
+
+ for (i = 0; i < ARRAY_SIZE(hash_algo_list); ++i) {
+ if (hash_algo_list[i].hash_alg == algo)
+ return hash_algo_list[i].supported;
+ }
+
+ return false;
+}
+
u16 tpm2_algorithm_to_len(enum tpm2_algorithms algo)
{
size_t i;
for (i = 0; i < pcrs.count; i++) {
if (tpm2_is_active_bank(&pcrs.selection[i]) &&
- !tpm2_algorithm_to_len(pcrs.selection[i].hash))
+ !tpm2_algorithm_supported(pcrs.selection[i].hash))
return false;
}
return ret;
for (i = 0; i < pcrs.count; i++) {
- u32 hash_mask = tcg2_algorithm_to_mask(pcrs.selection[i].hash);
+ struct tpms_pcr_selection *sel = &pcrs.selection[i];
+ u32 hash_mask = tcg2_algorithm_to_mask(sel->hash);
- if (hash_mask) {
+ if (tpm2_algorithm_supported(sel->hash))
*supported_bank |= hash_mask;
- if (tpm2_is_active_bank(&pcrs.selection[i]))
- *active_bank |= hash_mask;
- } else {
- printf("%s: unknown algorithm %x\n", __func__,
- pcrs.selection[i].hash);
- }
+ else
+ log_warning("%s: unknown algorithm %x\n", __func__,
+ sel->hash);
+
+ if (tpm2_is_active_bank(sel))
+ *active_bank |= hash_mask;
}
*bank_num = pcrs.count;
projects / J-u-boot.git / commitdiff