Using public functions only might be an issue:
vb21_unpack_key -> vb2_unpack_key_buffer = NO API
vb21_verify_data -> vb2_verify_data = NO API

Would using vb2_init_hash() work to replace these?

vb2_digest_buffer NO API

security/vboot is using this function also. Will security/vboot be modified using API function only?

Hi Frans,

Actually, the functions vb2_digest_buffer, vb2_digest_init, vb2_digest_extend, vb2_digest_finalize etc. are all available through including the <vb2_sha.h> header file. They don't include the vb2api_ prefix, but they are still considered a public API.

We could open up APIs for vb2_unpack_key (vb2api_unpack_key), and for vb2_verify_digest (vb2api_verify_digest), the latter of which would allocate its own workbuf (an internal vboot structure).

Is Eltan still willing to move over to vboot 2 data structures at this point, or are you locked into vboot 2.1?

View Change

To view, visit change 37654. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Iae58a0c42161ddfec9908f9867286e3dc1f055a2
Gerrit-Change-Number: 37654
Gerrit-PatchSet: 2
Gerrit-Owner: Joel Kitching <kitching@google.com>
Gerrit-Reviewer: Frans Hendriks <fhendriks@eltan.com>
Gerrit-Reviewer: Joel Kitching <kitching@google.com>
Gerrit-Reviewer: Martin Roth <martinroth@google.com>
Gerrit-Reviewer: Patrick Georgi <pgeorgi@google.com>
Gerrit-Reviewer: Wim Vervoorn <wvervoorn@eltan.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-CC: Julius Werner <jwerner@chromium.org>
Gerrit-CC: Paul Menzel <paulepanter@users.sourceforge.net>
Gerrit-Comment-Date: Wed, 18 Dec 2019 10:14:54 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment