diff options
author | Vincent Palatin <vpalatin@chromium.org> | 2014-09-26 15:20:42 -0700 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-10-02 23:18:25 +0000 |
commit | beaddbf1a365463cdef3ed9dd1d093ff6ff80d70 (patch) | |
tree | 2f6f7aeda02e320b0962da0a901bb67b3bbf753e /board/zinger/usb_pd_policy.c | |
parent | 0330d9adf2602c44201d5e1b842747caf7dd83b1 (diff) | |
download | chrome-ec-beaddbf1a365463cdef3ed9dd1d093ff6ff80d70.tar.gz |
zinger: check RW firmware signature
The Zinger RW is now signed with 2048-bit RSA key (using SHA-256 as
digest).
This CL implements the verification mechanism.
note: the RSA key used for signing must be provided as a .pem file.
The path to .pem file must be provided in the PEM environment variable.
By default, it's using the dev key stored in zinger_dev_key.pem.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BRANCH=samus
BUG=chrome-os-partner:28336
TEST=on Zinger, run with properly signed RW firmware and corrupted
firmware and check the serial traces.
Change-Id: Ia58482458904a3ed72d6b0e95996cae86a0ead83
Reviewed-on: https://chromium-review.googlesource.com/220178
Commit-Queue: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Alec Berg <alecaberg@chromium.org>
Diffstat (limited to 'board/zinger/usb_pd_policy.c')
-rw-r--r-- | board/zinger/usb_pd_policy.c | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/board/zinger/usb_pd_policy.c b/board/zinger/usb_pd_policy.c index bc2a0ede3b..f54841bb72 100644 --- a/board/zinger/usb_pd_policy.c +++ b/board/zinger/usb_pd_policy.c @@ -378,13 +378,12 @@ int pd_custom_vdm(int port, int cnt, uint32_t *payload, uint32_t **rpayload) break; case VDO_CMD_READ_INFO: hash = flash_hash_rw(); - /* copy hash into response */ - memcpy(payload + 1, hash, SHA1_DIGEST_SIZE); + /* copy the 20 first bytes of the hash into response */ + memcpy(payload + 1, hash, 5 * sizeof(uint32_t)); /* copy other info into response */ - payload[SHA1_DIGEST_SIZE/4 + 1] = VDO_INFO( - USB_PD_HARDWARE_DEVICE_ID, - ver_get_numcommits(), - !is_ro_mode()); + payload[6] = VDO_INFO(USB_PD_HARDWARE_DEVICE_ID, + ver_get_numcommits(), + !is_ro_mode()); rsize = 7; break; case VDO_CMD_FLASH_ERASE: |