<p>Philipp Deppenwiese has uploaded this change for <strong>review</strong>.</p><p><a href="https://review.coreboot.org/23217">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">security/crypto: Add common code and errors<br><br>* Add common code for workbuffers.<br>* Add common code for alignment and safe memcmp.<br>* Add error enumeration.<br>* Integrated code from 3rdparty/vboot.<br><br>Change-Id: I38441349b46dc142993fd351878847fdd814bae6<br>Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org><br>---<br>A src/security/crypto/common.h<br>A src/security/crypto/common/common.c<br>A src/security/crypto/errors.h<br>3 files changed, 304 insertions(+), 0 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://review.coreboot.org:29418/coreboot refs/changes/17/23217/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/src/security/crypto/common.h b/src/security/crypto/common.h</span><br><span>new file mode 100644</span><br><span>index 0000000..8a1bfd1</span><br><span>--- /dev/null</span><br><span>+++ b/src/security/crypto/common.h</span><br><span>@@ -0,0 +1,110 @@</span><br><span style="color: hsl(120, 100%, 40%);">+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.</span><br><span style="color: hsl(120, 100%, 40%);">+ * Use of this source code is governed by a BSD-style license that can be</span><br><span style="color: hsl(120, 100%, 40%);">+ * found in the LICENSE file.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * Common functions between firmware and kernel verified boot.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+#ifndef CRYPTO_COMMON_H_</span><br><span style="color: hsl(120, 100%, 40%);">+#define CRYPTO_COMMON_H_</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+#include <stdint.h></span><br><span style="color: hsl(120, 100%, 40%);">+#include <stdlib.h></span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+/* We might get away with using __alignof__(void *), but since GCC defines a</span><br><span style="color: hsl(120, 100%, 40%);">+ * macro for us we'll be safe and use that. */</span><br><span style="color: hsl(120, 100%, 40%);">+#define WORKBUF_ALIGN __BIGGEST_ALIGNMENT__</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+/* Work buffer */</span><br><span style="color: hsl(120, 100%, 40%);">+struct workbuf {</span><br><span style="color: hsl(120, 100%, 40%);">+ uint8_t *buf;</span><br><span style="color: hsl(120, 100%, 40%);">+ uint32_t size;</span><br><span style="color: hsl(120, 100%, 40%);">+};</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+/**</span><br><span style="color: hsl(120, 100%, 40%);">+ * Safer memcmp() for use in crypto.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * Compares the buffers to see if they are equal. Time taken to perform</span><br><span style="color: hsl(120, 100%, 40%);">+ * the comparison is dependent only on the size, not the relationship of</span><br><span style="color: hsl(120, 100%, 40%);">+ * the match between the buffers. Note that unlike memcmp(), this only</span><br><span style="color: hsl(120, 100%, 40%);">+ * indicates inequality, not which buffer is lesser.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param s1 First buffer</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param s2 Second buffer</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param size Number of bytes to compare</span><br><span style="color: hsl(120, 100%, 40%);">+ * @return 0 if match or size=0, non-zero if at least one byte mismatched.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+int safe_memcmp(const void *s1, const void *s2, size_t size);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+/**</span><br><span style="color: hsl(120, 100%, 40%);">+ * Align a buffer and check its size.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param **ptr Pointer to pointer to align</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param *size Points to size of buffer pointed to by *ptr</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param align Required alignment (must be power of 2)</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param want_size Required size</span><br><span style="color: hsl(120, 100%, 40%);">+ * @return SUCCESS, or non-zero if error.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+int align(uint8_t **ptr,</span><br><span style="color: hsl(120, 100%, 40%);">+ uint32_t *size,</span><br><span style="color: hsl(120, 100%, 40%);">+ uint32_t align,</span><br><span style="color: hsl(120, 100%, 40%);">+ uint32_t want_size);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+/**</span><br><span style="color: hsl(120, 100%, 40%);">+ * Initialize a work buffer.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param wb Work buffer to init</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param buf Pointer to work buffer data</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param size Size of work buffer data in bytes</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+void workbuf_init(struct workbuf *wb, uint8_t *buf, uint32_t size);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+/**</span><br><span style="color: hsl(120, 100%, 40%);">+ * Allocate space in a work buffer.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * Note that the returned buffer will always be aligned to WORKBUF_ALIGN.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * The work buffer acts like a stack, and detailed tracking of allocs and frees</span><br><span style="color: hsl(120, 100%, 40%);">+ * is not done. The caller must track the size of each allocation and free via</span><br><span style="color: hsl(120, 100%, 40%);">+ * workbuf_free() in the reverse order they were allocated.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * An acceptable alternate workflow inside a function is to pass in a const</span><br><span style="color: hsl(120, 100%, 40%);">+ * work buffer, then make a local copy. Allocations done to the local copy</span><br><span style="color: hsl(120, 100%, 40%);">+ * then don't change the passed-in work buffer, and will effectively be freed</span><br><span style="color: hsl(120, 100%, 40%);">+ * when the local copy goes out of scope.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param wb Work buffer</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param size Requested size in bytes</span><br><span style="color: hsl(120, 100%, 40%);">+ * @return A pointer to the allocated space, or NULL if error.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+void *workbuf_alloc(struct workbuf *wb, uint32_t size);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+/**</span><br><span style="color: hsl(120, 100%, 40%);">+ * Reallocate space in a work buffer.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * Note that the returned buffer will always be aligned to WORKBUF_ALIGN.</span><br><span style="color: hsl(120, 100%, 40%);">+ * The work buffer acts like a stack, so this must only be done to the most</span><br><span style="color: hsl(120, 100%, 40%);">+ * recently allocated buffer.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param wb Work buffer</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param oldsize Old allocation size in bytes</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param newsize Requested size in bytes</span><br><span style="color: hsl(120, 100%, 40%);">+ * @return A pointer to the allocated space, or NULL if error.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+void *workbuf_realloc(struct workbuf *wb,</span><br><span style="color: hsl(120, 100%, 40%);">+ uint32_t oldsize,</span><br><span style="color: hsl(120, 100%, 40%);">+ uint32_t newsize);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+/**</span><br><span style="color: hsl(120, 100%, 40%);">+ * Free the preceding allocation.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * Note that the work buffer acts like a stack, and detailed tracking of</span><br><span style="color: hsl(120, 100%, 40%);">+ * allocs and frees is not done. The caller must track the size of each</span><br><span style="color: hsl(120, 100%, 40%);">+ * allocation and free them in reverse order.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param wb Work buffer</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param size Size of data to free</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+void workbuf_free(struct workbuf *wb, uint32_t size);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+#endif /* CRYPTO_COMMON_H_ */</span><br><span>diff --git a/src/security/crypto/common/common.c b/src/security/crypto/common/common.c</span><br><span>new file mode 100644</span><br><span>index 0000000..80652ad</span><br><span>--- /dev/null</span><br><span>+++ b/src/security/crypto/common/common.c</span><br><span>@@ -0,0 +1,109 @@</span><br><span style="color: hsl(120, 100%, 40%);">+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.</span><br><span style="color: hsl(120, 100%, 40%);">+ * Use of this source code is governed by a BSD-style license that can be</span><br><span style="color: hsl(120, 100%, 40%);">+ * found in the LICENSE file.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * Common functions between firmware and kernel verified boot.</span><br><span style="color: hsl(120, 100%, 40%);">+ * (Firmware portion)</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+#include <security/crypto/common.h></span><br><span style="color: hsl(120, 100%, 40%);">+#include <security/crypto/errors.h></span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+int safe_memcmp(const void *s1, const void *s2, size_t size)</span><br><span style="color: hsl(120, 100%, 40%);">+{</span><br><span style="color: hsl(120, 100%, 40%);">+ const unsigned char *us1 = s1;</span><br><span style="color: hsl(120, 100%, 40%);">+ const unsigned char *us2 = s2;</span><br><span style="color: hsl(120, 100%, 40%);">+ int result = 0;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ if (0 == size)</span><br><span style="color: hsl(120, 100%, 40%);">+ return 0;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /*</span><br><span style="color: hsl(120, 100%, 40%);">+ * Code snippet without data-dependent branch due to Nate Lawson</span><br><span style="color: hsl(120, 100%, 40%);">+ * (nate@root.org) of Root Labs.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+ while (size--)</span><br><span style="color: hsl(120, 100%, 40%);">+ result |= *us1++ ^ *us2++;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ return result != 0;</span><br><span style="color: hsl(120, 100%, 40%);">+}</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+int align(uint8_t **ptr, uint32_t *size, uint32_t align, uint32_t want_size)</span><br><span style="color: hsl(120, 100%, 40%);">+{</span><br><span style="color: hsl(120, 100%, 40%);">+ uintptr_t p = (uintptr_t)*ptr;</span><br><span style="color: hsl(120, 100%, 40%);">+ uintptr_t offs = p & (align - 1);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ if (offs) {</span><br><span style="color: hsl(120, 100%, 40%);">+ offs = align - offs;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ if (*size < offs)</span><br><span style="color: hsl(120, 100%, 40%);">+ return ERROR_UNKNOWN;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ *ptr += offs;</span><br><span style="color: hsl(120, 100%, 40%);">+ *size -= offs;</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ if (*size < want_size)</span><br><span style="color: hsl(120, 100%, 40%);">+ return ERROR_UNKNOWN;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ return SUCCESS;</span><br><span style="color: hsl(120, 100%, 40%);">+}</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+void workbuf_init(struct workbuf *wb, uint8_t *buf, uint32_t size)</span><br><span style="color: hsl(120, 100%, 40%);">+{</span><br><span style="color: hsl(120, 100%, 40%);">+ wb->buf = buf;</span><br><span style="color: hsl(120, 100%, 40%);">+ wb->size = size;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Align the buffer so allocations will be aligned */</span><br><span style="color: hsl(120, 100%, 40%);">+ if (align(&wb->buf, &wb->size, WORKBUF_ALIGN, 0))</span><br><span style="color: hsl(120, 100%, 40%);">+ wb->size = 0;</span><br><span style="color: hsl(120, 100%, 40%);">+}</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+/**</span><br><span style="color: hsl(120, 100%, 40%);">+ * Round up a number to a multiple of WORKBUF_ALIGN</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * @param v Number to round up</span><br><span style="color: hsl(120, 100%, 40%);">+ * @return The number, rounded up.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+static __inline uint32_t wb_round_up(uint32_t v)</span><br><span style="color: hsl(120, 100%, 40%);">+{</span><br><span style="color: hsl(120, 100%, 40%);">+ return (v + WORKBUF_ALIGN - 1) & ~(WORKBUF_ALIGN - 1);</span><br><span style="color: hsl(120, 100%, 40%);">+}</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+void *workbuf_alloc(struct workbuf *wb, uint32_t size)</span><br><span style="color: hsl(120, 100%, 40%);">+{</span><br><span style="color: hsl(120, 100%, 40%);">+ uint8_t *ptr = wb->buf;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Round up size to work buffer alignment */</span><br><span style="color: hsl(120, 100%, 40%);">+ size = wb_round_up(size);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ if (size > wb->size)</span><br><span style="color: hsl(120, 100%, 40%);">+ return NULL;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ wb->buf += size;</span><br><span style="color: hsl(120, 100%, 40%);">+ wb->size -= size;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ return ptr;</span><br><span style="color: hsl(120, 100%, 40%);">+}</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+void *workbuf_realloc(struct workbuf *wb,</span><br><span style="color: hsl(120, 100%, 40%);">+ uint32_t oldsize,</span><br><span style="color: hsl(120, 100%, 40%);">+ uint32_t newsize)</span><br><span style="color: hsl(120, 100%, 40%);">+{</span><br><span style="color: hsl(120, 100%, 40%);">+ /*</span><br><span style="color: hsl(120, 100%, 40%);">+ * Just free and allocate to update the size. No need to move/copy</span><br><span style="color: hsl(120, 100%, 40%);">+ * memory, since the new pointer is guaranteed to be the same as the</span><br><span style="color: hsl(120, 100%, 40%);">+ * old one. The new allocation can fail, if the new size is too big.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+ workbuf_free(wb, oldsize);</span><br><span style="color: hsl(120, 100%, 40%);">+ return workbuf_alloc(wb, newsize);</span><br><span style="color: hsl(120, 100%, 40%);">+}</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+void workbuf_free(struct workbuf *wb, uint32_t size)</span><br><span style="color: hsl(120, 100%, 40%);">+{</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Round up size to work buffer alignment */</span><br><span style="color: hsl(120, 100%, 40%);">+ size = wb_round_up(size);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ wb->buf -= size;</span><br><span style="color: hsl(120, 100%, 40%);">+ wb->size += size;</span><br><span style="color: hsl(120, 100%, 40%);">+}</span><br><span>diff --git a/src/security/crypto/errors.h b/src/security/crypto/errors.h</span><br><span>new file mode 100644</span><br><span>index 0000000..c8fad50</span><br><span>--- /dev/null</span><br><span>+++ b/src/security/crypto/errors.h</span><br><span>@@ -0,0 +1,85 @@</span><br><span style="color: hsl(120, 100%, 40%);">+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.</span><br><span style="color: hsl(120, 100%, 40%);">+ * Use of this source code is governed by a BSD-style license that can be</span><br><span style="color: hsl(120, 100%, 40%);">+ * found in the LICENSE file.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+#ifndef CRYPTO_ERRORS_H_</span><br><span style="color: hsl(120, 100%, 40%);">+#define CRYPTO_ERRORS_H_</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+/*</span><br><span style="color: hsl(120, 100%, 40%);">+ * Return codes from verified boot functions.</span><br><span style="color: hsl(120, 100%, 40%);">+ *</span><br><span style="color: hsl(120, 100%, 40%);">+ * Note that other values may be passed through from vb2ex_*() calls; see</span><br><span style="color: hsl(120, 100%, 40%);">+ * the comment for ERROR_EX below.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+enum return_code {</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Success - no error */</span><br><span style="color: hsl(120, 100%, 40%);">+ SUCCESS = 0,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /*</span><br><span style="color: hsl(120, 100%, 40%);">+ * All vboot2 error codes start at a large offset from zero, to reduce</span><br><span style="color: hsl(120, 100%, 40%);">+ * the risk of overlap with other error codes (TPM, etc.).</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_BASE = 0x10000000,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Unknown / unspecified error */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_UNKNOWN = ERROR_BASE + 1,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Mock error for testing */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_MOCK,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /**********************************************************************</span><br><span style="color: hsl(120, 100%, 40%);">+ * SHA errors</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_SHA = ERROR_BASE + 0x010000,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Bad algorithm in digest_init() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_SHA_INIT_ALGORITHM,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Bad algorithm in digest_extend() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_SHA_EXTEND_ALGORITHM,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Bad algorithm in digest_finalize() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_SHA_FINALIZE_ALGORITHM,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Digest size buffer too small in digest_finalize() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_SHA_FINALIZE_DIGEST_SIZE,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /**********************************************************************</span><br><span style="color: hsl(120, 100%, 40%);">+ * RSA errors</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_RSA = ERROR_BASE + 0x020000,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Padding mismatch in check_padding() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_RSA_PADDING,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Bad algorithm in check_padding() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_RSA_PADDING_ALGORITHM,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Null param passed to verify_digest() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_RSA_VERIFY_PARAM,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Bad algorithm in verify_digest() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_RSA_VERIFY_ALGORITHM,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Bad signature length in verify_digest() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_RSA_VERIFY_SIG_LEN,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Work buffer too small in verify_digest() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_RSA_VERIFY_WORKBUF,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Digest mismatch in verify_digest() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_RSA_VERIFY_DIGEST,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Bad size calculation in check_padding() */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_RSA_PADDING_SIZE,</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /**********************************************************************</span><br><span style="color: hsl(120, 100%, 40%);">+ * Highest non-zero error generated inside vboot library. Note that</span><br><span style="color: hsl(120, 100%, 40%);">+ * error codes passed through vboot when it calls external APIs may</span><br><span style="color: hsl(120, 100%, 40%);">+ * still be outside this range.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+ ERROR_MAX = ERROR_BASE + 0x1fffffff,</span><br><span style="color: hsl(120, 100%, 40%);">+};</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+#endif /* CRYPTO_ERRORS_H_ */</span><br><span></span><br></pre><p>To view, visit <a href="https://review.coreboot.org/23217">change 23217</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://review.coreboot.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://review.coreboot.org/23217"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: coreboot </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>
<div style="display:none"> Gerrit-Change-Id: I38441349b46dc142993fd351878847fdd814bae6 </div>
<div style="display:none"> Gerrit-Change-Number: 23217 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Philipp Deppenwiese <zaolin.daisuki@gmail.com> </div>