Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-18 10:34:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge "fix(auth): don't overwrite pk with converted pk when rotpk is hash" into integration

Browse source
This commit is contained in:
Sandrine Bailleux 2023-09-18 11:30:18 +02:00 committed by TrustedFirmware Code Review
commit dbfafc5e7e
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
drivers/auth/auth_mod.c
View file

@ -150,8 +150,8 @@ static int auth_signature(const auth_method_param_sig_t *param,
const auth_img_desc_t *img_desc,
void *img, unsigned int img_len)
{
void *data_ptr, *pk_ptr, *pk_plat_ptr, *sig_ptr, *sig_alg_ptr, *pk_oid;
unsigned int data_len, pk_len, pk_plat_len, sig_len, sig_alg_len;
void *data_ptr, *pk_ptr, *cnv_pk_ptr, *pk_plat_ptr, *sig_ptr, *sig_alg_ptr, *pk_oid;
unsigned int data_len, pk_len, cnv_pk_len, pk_plat_len, sig_len, sig_alg_len;
unsigned int flags = 0;
int rc = 0;
@ -210,14 +210,14 @@ static int auth_signature(const auth_method_param_sig_t *param,
* platform may store the hash of a prefixed,
* suffixed or modified pk
*/
rc = crypto_mod_convert_pk(pk_ptr, pk_len, &pk_ptr, &pk_len);
rc = crypto_mod_convert_pk(pk_ptr, pk_len, &cnv_pk_ptr, &cnv_pk_len);
return_if_error(rc);
/*
* The hash of the certificate's public key must match
* the hash of the ROTPK.
*/
rc = crypto_mod_verify_hash(pk_ptr, pk_len,
rc = crypto_mod_verify_hash(cnv_pk_ptr, cnv_pk_len,
pk_plat_ptr, pk_plat_len);
return_if_error(rc);
} else {