From mboxrd@z Thu Jan 1 00:00:00 1970 From: Anatolij Gustschin Date: Fri, 12 May 2017 10:56:06 +0200 Subject: [U-Boot] [PATCH 3/5] x86: baytrail: secureboot: Add functions for verification of u-boot In-Reply-To: <20170512102550.1aa42156@ipc1.ka-ro> References: <1494515696-2087-1-git-send-email-agust@denx.de> <1494515696-2087-4-git-send-email-agust@denx.de> <20170512102550.1aa42156@ipc1.ka-ro> Message-ID: <20170512105606.50f233b2@crub> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: quoted-printable To: u-boot@lists.denx.de Hi, On Fri, 12 May 2017 10:25:50 +0200 Lothar Wa=C3=9Fmann LW at KARO-electronics.de wrote: ... > > +static bool verify_oem_sha256(unsigned int hash_id, > > + void *start_address, > > + size_t size) > > +{ > > + uint8_t value[SHA256_SUM_LEN]; > > =20 > 'unsigned char' here ... >=20 > > + int value_len; > > + > > + /* calculate address of hash to compare in the oemdata block*/ > > + void *hash_to_verify =3D (void *)SB_MANIFEST_OEM_HASH_BASE + > > + (SHA256_SUM_LEN * hash_id); > > +#ifdef DEBUG > > + unsigned int i =3D 0; > > + uint8_t oem_value[SHA256_SUM_LEN]; > > + > > + memcpy(oem_value, hash_to_verify, SHA256_SUM_LEN); > > + printf("SB: Hash to verify:\t"); > > + for (i =3D 0; i < SHA256_SUM_LEN; i++) > > + printf("%X", oem_value[i]); > > + printf("\n"); > > +#endif > > + > > + /* caluclate the hash of the binary */ > > + calculate_hash(start_address, size, "sha256", (unsigned char *)value, > > + &value_len); > > =20 > ... would avoid the '(unsigned char *)' cast here. I'll drop this cast, the fourth argument of calculate_hash() is uint8_t *. ... > > +bool verify_public_key(void) > > +{ > > + void *fit_public_key_modulus; > > =20 > 'const void *' here ... > > + > > + int offset =3D fdt_node_offset_by_prop_value(gd->fdt_blob, -1, > > + "key-name-hint", > > + FIT_KEY_NAME, > > + 4); > > + > > + fit_public_key_modulus =3D (void *)fdt_getprop(gd->fdt_blob, offset, > > + "rsa,modulus", NULL); > > =20 > ... would eliminate the need for the '(void *)' cast here. OK, will fix. Thanks! -- Anatolij