diff options
author | Nicolas Boichat <drinkcat@chromium.org> | 2017-08-30 15:02:48 +0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-09-15 10:50:27 -0700 |
commit | 82e0892fc39a107285474b6f3ae3d1eb3901d82c (patch) | |
tree | 4518487f58bc27ace356e610db55266610eb9a3e /util | |
parent | 4fdccb6de5131475fb6ccd3402812e008091afa3 (diff) | |
download | chrome-ec-82e0892fc39a107285474b6f3ae3d1eb3901d82c.tar.gz |
update_fw: Store complete touchpad FW hash
This will be used by the updater to first check that the touchpad
FW on AP side matches the one for which we stored hashes on EC
side.
This guarantee that we do not accidentally try to flash an
incorrect FW, which would render the touchpad non-functional.
BRANCH=none
BUG=b:63993173
TEST=make TOUCHPAD_FW=SA459C-1211_ForGoogleHammer_3.0.bin \
BOARD=hammer -j
TEST=./usb_updater2 -t
includes output of
sha256sum A459C-1211_ForGoogleHammer_3.0.bin
Change-Id: Id30ab2d7c7d7e2d0f25cc893f685d218c44c022e
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/641736
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Diffstat (limited to 'util')
-rw-r--r-- | util/gen_touchpad_hash.c | 37 |
1 files changed, 25 insertions, 12 deletions
diff --git a/util/gen_touchpad_hash.c b/util/gen_touchpad_hash.c index 379d083476..e03c4638f3 100644 --- a/util/gen_touchpad_hash.c +++ b/util/gen_touchpad_hash.c @@ -14,15 +14,15 @@ #include "config.h" -static void print_hex(FILE *out, uint8_t digest[SHA256_DIGEST_LENGTH]) +static void print_hex(FILE *out, uint8_t *digest, int len, int last) { int i; - fputs("\t{ ", out); - for (i = 0; i < SHA256_DIGEST_LENGTH; i++) + fputs("{ ", out); + for (i = 0; i < len; i++) fprintf(out, "0x%02x, ", digest[i]); - fputs("},\n", out); + fprintf(out, "}%c\n", last ? ';' : ','); } /* Output blank hashes */ @@ -31,13 +31,19 @@ static int hash_fw_blank(FILE *hashes) uint8_t digest[SHA256_DIGEST_LENGTH] = { 0 }; int len; - fputs("{\n", hashes); + fprintf(hashes, "const uint8_t touchpad_fw_hashes[%d][%d] = {\n", + CONFIG_TOUCHPAD_VIRTUAL_SIZE / CONFIG_UPDATE_PDU_SIZE, + SHA256_DIGEST_LENGTH); for (len = 0; len < CONFIG_TOUCHPAD_VIRTUAL_SIZE; len += CONFIG_UPDATE_PDU_SIZE) { - print_hex(hashes, digest); + print_hex(hashes, digest, sizeof(digest), 0); } fputs("};\n", hashes); + fprintf(hashes, "const uint8_t touchpad_fw_full_hash[%d] =\n\t", + SHA256_DIGEST_LENGTH); + print_hex(hashes, digest, SHA256_DIGEST_LENGTH, 1); + return 0; } @@ -47,9 +53,13 @@ static int hash_fw(FILE *tp_fw, FILE *hashes) int len = 0; int rb; SHA256_CTX ctx; + SHA256_CTX ctx_all; uint8_t digest[SHA256_DIGEST_LENGTH]; - fputs("{\n", hashes); + SHA256_Init(&ctx_all); + fprintf(hashes, "const uint8_t touchpad_fw_hashes[%d][%d] = {\n", + CONFIG_TOUCHPAD_VIRTUAL_SIZE / CONFIG_UPDATE_PDU_SIZE, + SHA256_DIGEST_LENGTH); while (1) { rb = fread(buffer, 1, sizeof(buffer), tp_fw); len += rb; @@ -62,13 +72,20 @@ static int hash_fw(FILE *tp_fw, FILE *hashes) SHA256_Update(&ctx, buffer, rb); SHA256_Final(digest, &ctx); - print_hex(hashes, digest); + SHA256_Update(&ctx_all, buffer, rb); + + print_hex(hashes, digest, sizeof(digest), 0); if (rb < sizeof(buffer)) break; } fputs("};\n", hashes); + SHA256_Final(digest, &ctx_all); + fprintf(hashes, "const uint8_t touchpad_fw_full_hash[%d] =\n\t", + SHA256_DIGEST_LENGTH); + print_hex(hashes, digest, SHA256_DIGEST_LENGTH, 1); + if (!feof(tp_fw) || ferror(tp_fw)) { warn("Error reading input file"); return 1; @@ -129,10 +146,6 @@ int main(int argc, char **argv) err(1, "Cannot open output file"); fputs("#include <stdint.h>\n\n", hashes); - fprintf(hashes, "const uint8_t touchpad_fw_hashes[%d][%d] = ", - CONFIG_TOUCHPAD_VIRTUAL_SIZE / CONFIG_UPDATE_PDU_SIZE, - SHA256_DIGEST_LENGTH); - if (tp_fw_name) { tp_fw = fopen(tp_fw_name, "re"); |