erebion/coreboot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

security/tpm: Add crypto agility support

Browse source 
* Added tlcl_extend size checks
* Added TPM2 tlcl_extend crypto agility

TESTED=On Facebook Watson_V2 mainboard, the TCPA log now shows correct hash content and algorithm:

PCR-0 62571891215b4efc1ceab744ce59dd0b66ea6f73 SHA1 [VBOOT: boot mode]
instead of:
PCR-0 62571891215b4efc1ceab744ce59dd0b66ea6f73 SHA256 [VBOOT: boot mode]

Change-Id: I9cc8d994081896e8c0d511c31e9741297227afef
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/48742
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
This commit is contained in:
Philipp Deppenwiese 2020-12-18 19:40:55 +01:00 committed by Patrick Georgi
commit 1474ddb722
6 changed files with 61 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/vendorcode/eltan/security/mboot/mboot.c
View file

@ -150,7 +150,8 @@ int mboot_hash_extend_log(uint64_t flags, uint8_t *hashData, uint32_t hashDataLe
printk(BIOS_DEBUG, "%s: SHA256 Hash Digest:\n", __func__);
mboot_print_buffer(digest->digest.sha256, VB2_SHA256_DIGEST_SIZE);
return (tlcl_extend(newEventHdr->pcrIndex, (uint8_t *)&(newEventHdr->digest), NULL));
return (tlcl_extend(newEventHdr->pcrIndex, newEventHdr->digest.digests[0].hashAlg,
(uint8_t *)&(newEventHdr->digest), hashDataLen, NULL));
}
/*