Issue #421 has been updated by Sergii Dmytruk.
If there are no objections, I'll use an API like this instead:
```
struct tpm_digest {
const uint8_t *hash;
size_t len;
enum vb2_hash_algorithm hash_type;
};
/**
* Ask vboot for a digest and extend a TPM PCR with it.
* @param pcr sets the pcr index
* @param digests An array of digests terminated by an entry with VB2_HASH_NONE
* @param name sets additional info where the digest comes from
* @return TPM_SUCCESS on success. If not a tpm error is returned
*/
uint32_t tpm_extend_pcr(int pcr, const tpm_digest *digests, const char *name);
```
Passing in length and arrays which must be kept in sync seems to make things
needlessly complicated.
----------------------------------------
Cleanup #421: Change API of functions taking hash as an argument
https://ticket.coreboot.org/issues/421#change-1182
* Author: Krystian Hebel
* Status: New
* Priority: Normal
* Target version: none
* Start date: 2022-10-12
----------------------------------------
All existing functions that take a digest as an input assume that only one
hashing algorithm is used at a time. Crypto agile format entry can (and should)
log every used PCR bank in one entry for a given measurement. To make it work,
some of the arguments must be changed, e.g.:
- pass number of algorithms used;
- instead of algorithm ID, pass a pointer to array of such IDs, with size equal
to above;
- instead of hash, pass a pointer to array of hashes, with size and order as
above.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
https://ticket.coreboot.org/my/account
_______________________________________________
coreboot mailing list -- [email protected]
To unsubscribe send an email to [email protected]
