0155b431 | 09-Jun-2025 |
Dan Zhang <zhdaniel@google.com> |
libcr51sign: clean up silent const cast
Remove all `(void*)ctx` silent const remove cast
Change-Id: I89bb6d1ece4e47ba9344f58f66a0736416f6c9c1 Signed-off-by: Dan Zhang <zhdaniel@google.com> |
f75f29be | 12-Jun-2025 |
Patrick Williams <patrick@stwcx.xyz> |
markdownlint: minor fixes
Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Change-Id: Ic88a1e968f08966946a57e422ea998960e9cb4af |
027c042e | 01-Jun-2025 |
Dan Zhang <zhdaniel@google.com> |
libcr51sign: enhance to support key rotation
Support validate cr51 descriptor with trusted hash and key within the signature structure.
Accept the descriptor if its hash is trusted. Validate the de
libcr51sign: enhance to support key rotation
Support validate cr51 descriptor with trusted hash and key within the signature structure.
Accept the descriptor if its hash is trusted. Validate the descriptor signature with verification key provided along with the signature if the key is trusted.
To support the above enhancement for key rotation, three new functions are defined in interface:
* trust_descriptor_hash * trust_key_in_signature_structure * verify_rsa_signature_with_modulus_and_exponent
Applications (i.e. flashupdate or bios-validator) will provide these functions.
And to facilitate verify rsa signature using key in signature structure, an implementation of verify_rsa_signature_with_modulus_and_exponent using the openssl has been provided also.
Change-Id: I787f8c661433052f8c8a1d23e9e6140befce2265 Signed-off-by: Dan Zhang <zhdaniel@google.com>
show more ...
|
6c41aba5 | 01-Feb-2025 |
Patrick Williams <patrick@stwcx.xyz> |
clang-format: update latest spec and reformat
Copy the latest format file from the docs repository and apply.
Change-Id: I47f5f8415b1afbc82d9186ffd2b5260a84907ef6 Signed-off-by: Patrick Williams <p
clang-format: update latest spec and reformat
Copy the latest format file from the docs repository and apply.
Change-Id: I47f5f8415b1afbc82d9186ffd2b5260a84907ef6 Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
show more ...
|
24c61c7e | 01-Feb-2025 |
Patrick Williams <patrick@stwcx.xyz> |
meson: reformat with meson formatter
Apply the `meson format` results.
Change-Id: Id3da51b0ab2cd90f7bb79bd7b613b2226672a802 Signed-off-by: Patrick Williams <patrick@stwcx.xyz> |
c66ebc35 | 16-Aug-2024 |
Patrick Williams <patrick@stwcx.xyz> |
clang-format: re-format for clang-18
clang-format-18 isn't compatible with the clang-format-17 output, so we need to reformat the code with the latest version. The way clang-18 handles lambda forma
clang-format: re-format for clang-18
clang-format-18 isn't compatible with the clang-format-17 output, so we need to reformat the code with the latest version. The way clang-18 handles lambda formatting also changed, so we have made changes to the organization default style format to better handle lambda formatting.
See I5e08687e696dd240402a2780158664b7113def0e for updated style. See Iea0776aaa7edd483fa395e23de25ebf5a6288f71 for clang-18 enablement.
Change-Id: I362352dcb341658501899267c2ff3ad044ed5912 Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
show more ...
|
dca92e47 | 17-Nov-2023 |
Willy Tu <wltu@google.com> |
update libcr51sign to support MAUV
Add feature support to manage MAUV with cr51 descriptor.
Change-Id: I3795259f81b1dbd3016d1c41c68895be00455061 Signed-off-by: Willy Tu <wltu@google.com> |
6084957f | 20-Oct-2023 |
Patrick Williams <patrick@stwcx.xyz> |
clang-format: copy latest and re-format
clang-format-17 has some backwards incompatible changes that require additional settings for best compatibility and re-running the formatter. Copy the latest
clang-format: copy latest and re-format
clang-format-17 has some backwards incompatible changes that require additional settings for best compatibility and re-running the formatter. Copy the latest .clang-format from the docs repository and reformat the repository.
Change-Id: I4610d1d37873b2019baa2ae22c036f81f4319214 Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
show more ...
|
adb8ffe4 | 17-Jul-2023 |
Willy Tu <wltu@google.com> |
iwyu: Cleanup include headers
Triggered iwyu and add/remove used headers.
Change-Id: Iadbdb459563b3c89baf2d56f90a540342d020cd5 Signed-off-by: Willy Tu <wltu@google.com> |
1dfe24ea | 12-Jul-2023 |
Patrick Williams <patrick@stwcx.xyz> |
build: upgrade to C++23
Meson 1.1.1 and GCC-13 both support C++23 and a sufficient portion of the standard has been implemented. Upgrade the build to leverage it.
Change-Id: Ibb8913a93032d388399b6
build: upgrade to C++23
Meson 1.1.1 and GCC-13 both support C++23 and a sufficient portion of the standard has been implemented. Upgrade the build to leverage it.
Change-Id: Ibb8913a93032d388399b65904013e284780dad70 Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
show more ...
|
2be45238 | 10-May-2023 |
Patrick Williams <patrick@stwcx.xyz> |
clang-format: copy latest and re-format
clang-format-16 has some backwards incompatible changes that require additional settings for best compatibility and re-running the formatter. Copy the latest
clang-format: copy latest and re-format
clang-format-16 has some backwards incompatible changes that require additional settings for best compatibility and re-running the formatter. Copy the latest .clang-format from the docs repository and reformat the repository.
Change-Id: Ia240047e2472bccb2bb039ff71bea20a7a602ec4 Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
show more ...
|
4c4e94f0 | 12-Apr-2023 |
Patrick Williams <patrick@stwcx.xyz> |
meson: remove deprecated get_pkgconfig_variable
Since meson 0.56, the `get_pkgconfig_variable` has been deprecated. In meson 0.58 the `get_variable` was enhanced to no longer require the `pkgconfig
meson: remove deprecated get_pkgconfig_variable
Since meson 0.56, the `get_pkgconfig_variable` has been deprecated. In meson 0.58 the `get_variable` was enhanced to no longer require the `pkgconfig` keyword argument. Ensure meson 0.58 is required and update the usage of all `get_pkgconfig_variable` and `get_variable` to be the modern variant.
Change-Id: Ibc0692c5cd05546e797c20973e1c1f172dcb8379 Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
show more ...
|
25c55c54 | 08-Dec-2022 |
Patrick Williams <patrick@stwcx.xyz> |
prettier: re-format
Prettier is enabled in openbmc-build-scripts on Markdown, JSON, and YAML files to have consistent formatting for these file types. Re-run the formatter on the whole repository.
prettier: re-format
Prettier is enabled in openbmc-build-scripts on Markdown, JSON, and YAML files to have consistent formatting for these file types. Re-run the formatter on the whole repository.
Change-Id: Ib442712e2562fac166148ce795f0a83511ad84cd Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
show more ...
|
24695690 | 04-Aug-2022 |
Patrick Williams <patrick@stwcx.xyz> |
MAINTAINERS: remove file
The MAINTAINERS file is deprecated in favor of OWNERS.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Change-Id: I524eafe25c461b0dd987e7c31f142264866c6fa3
|
5cc62fe6 | 04-Aug-2022 |
Patrick Williams <patrick@stwcx.xyz> |
OWNERS: fix syntax
Two subdirectory OWNERS files had invalid syntax which caused the tools to crash.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Change-Id: Ia7cef2eae99eaf6fbdddc099b2261e35
OWNERS: fix syntax
Two subdirectory OWNERS files had invalid syntax which caused the tools to crash.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Change-Id: Ia7cef2eae99eaf6fbdddc099b2261e35862cb18e
show more ...
|
1c9a17e9 | 11-Feb-2022 |
William A. Kennington III <wak@google.com> |
libcr51sign: Temporarily ignore deprecate functions
The code is in the process of being updated internally, but this is blocking commits to the repo.
Change-Id: I77cb1d4f5fb8eec02c224d71d4a2e76ad89
libcr51sign: Temporarily ignore deprecate functions
The code is in the process of being updated internally, but this is blocking commits to the repo.
Change-Id: I77cb1d4f5fb8eec02c224d71d4a2e76ad893d9aa Signed-off-by: William A. Kennington III <wak@google.com>
show more ...
|
af46bea6 | 18-Dec-2021 |
William A. Kennington III <wak@google.com> |
libcr51sign: Sync with latest code
Change-Id: Id3de25f3b112aa84d4b2342f606a60bb049487c8 Signed-off-by: William A. Kennington III <wak@google.com> |
ba30c10a | 02-Nov-2021 |
William A. Kennington III <wak@google.com> |
libcr51sign: Ensure OMIT_VARIABLE_ARRAYS passed to pkgconfig
Otherwise, system level users of libcr51sign will not be able to use the library with c++ code.
Change-Id: I25b31b86cd7b669f92314fa392a8
libcr51sign: Ensure OMIT_VARIABLE_ARRAYS passed to pkgconfig
Otherwise, system level users of libcr51sign will not be able to use the library with c++ code.
Change-Id: I25b31b86cd7b669f92314fa392a8cd2a088722b5 Signed-off-by: William A. Kennington III <wak@google.com>
show more ...
|
12e6ad0d | 02-Nov-2021 |
William A. Kennington III <wak@google.com> |
libcr51sign: Fix struct size warning
The code is currently correct in the usage of the signature_rsa4096_pkcs15 struct, but GCC infers that we could use members past the end of the buffer it comes f
libcr51sign: Fix struct size warning
The code is currently correct in the usage of the signature_rsa4096_pkcs15 struct, but GCC infers that we could use members past the end of the buffer it comes from.
Change-Id: I728e7361dd677fcce498857124dbe8908aaac64d Signed-off-by: William A. Kennington III <wak@google.com>
show more ...
|
d2bcdd5c | 02-Nov-2021 |
Willy Tu <wltu@google.com> |
Fixed prod_to_dev_downgrade_allowed logic in validate_transition
The documentation for the prod_to_dev_downgrade_allowed function pointer reads, "If NULL, treated as if the function always returns f
Fixed prod_to_dev_downgrade_allowed logic in validate_transition
The documentation for the prod_to_dev_downgrade_allowed function pointer reads, "If NULL, treated as if the function always returns false."
Return `LIBCR51SIGN_ERROR_DEV_DOWNGRADE_DISALLOWED` if prod_to_dev allowed return false or is NULL.
Change-Id: I4750256d308096e706bb9e0e0266d365b6f5a026 Signed-off-by: Willy Tu <wltu@google.com>
show more ...
|
deb5501a | 28-Oct-2021 |
William A. Kennington III <wak@google.com> |
libcr51sign: Fixes for compiler warnings
Change-Id: I4053720365be81fff02aebbcf8f0e95d34fe87d9 Signed-off-by: William A. Kennington III <wak@google.com> |
5acaca2f | 28-Oct-2021 |
William A. Kennington III <wak@google.com> |
libcr51sign: build: Refactor for subproject use
This refactors the build to make it more suitable for use as a subproject in other OpenBMC codebases.
Change-Id: I546c993d3f53c1cbe2161e5d8959373d5b1
libcr51sign: build: Refactor for subproject use
This refactors the build to make it more suitable for use as a subproject in other OpenBMC codebases.
Change-Id: I546c993d3f53c1cbe2161e5d8959373d5b12e57f Signed-off-by: William A. Kennington III <wak@google.com>
show more ...
|
df800488 | 18-Sep-2021 |
Willy Tu <wltu@google.com> |
google-misc: libcr51sign: add feature to fetch image regions
Change-Id: I6bd45b0f855ac7c035b294e461bbe9821fb3895b Signed-off-by: Willy Tu <wltu@google.com> |
7a33704c | 26-Jul-2021 |
Nan Zhou <nanzhoumails@gmail.com> |
libcr51sign: import from gBMC
Validate the cr51 descriptor of the BIOS image. It can also parse the BIOS version and write it to a file.
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com> Change-Id:
libcr51sign: import from gBMC
Validate the cr51 descriptor of the BIOS image. It can also parse the BIOS version and write it to a file.
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com> Change-Id: I098be66b228da6f3514d3f13166a1bb4e1e718fb
show more ...
|