[sw/silicon_creator] Remove NULL checks from hmac functions
Signed-off-by: Alphan Ulusoy <alphan@google.com>
diff --git a/sw/device/silicon_creator/lib/boot_data.c b/sw/device/silicon_creator/lib/boot_data.c
index 15f489a..54076a4 100644
--- a/sw/device/silicon_creator/lib/boot_data.c
+++ b/sw/device/silicon_creator/lib/boot_data.c
@@ -57,8 +57,8 @@
* @param[out] digest Digest of the boot data entry.
* @return The result of the operation.
*/
-static rom_error_t boot_data_digest_compute(const void *boot_data,
- hmac_digest_t *digest) {
+static void boot_data_digest_compute(const void *boot_data,
+ hmac_digest_t *digest) {
enum {
kDigestRegionOffset = sizeof((boot_data_t){0}.digest),
kDigestRegionSize = sizeof(boot_data_t) - kDigestRegionOffset,
@@ -67,10 +67,9 @@
"`digest` must be the first field of `boot_data_t`.");
hmac_sha256_init();
- RETURN_IF_ERROR(hmac_sha256_update(
- (const char *)boot_data + kDigestRegionOffset, kDigestRegionSize));
- RETURN_IF_ERROR(hmac_sha256_final(digest));
- return kErrorOk;
+ hmac_sha256_update((const char *)boot_data + kDigestRegionOffset,
+ kDigestRegionSize);
+ hmac_sha256_final(digest);
}
/**
@@ -87,7 +86,7 @@
*is_valid = kHardenedBoolFalse;
hmac_digest_t act_digest;
- RETURN_IF_ERROR(boot_data_digest_compute(boot_data, &act_digest));
+ boot_data_digest_compute(boot_data, &act_digest);
if (memcmp(&act_digest, boot_data, sizeof(act_digest.digest)) == 0) {
*is_valid = kHardenedBoolTrue;
}
@@ -509,7 +508,7 @@
// Note: Not checking for wraparound since a successful write will
// invalidate the old entry.
new_entry.counter = active_page.last_valid_entry.counter + 1;
- RETURN_IF_ERROR(boot_data_digest_compute(&new_entry, &new_entry.digest));
+ boot_data_digest_compute(&new_entry, &new_entry.digest);
if (active_page.has_empty_entry == kHardenedBoolTrue) {
RETURN_IF_ERROR(boot_data_entry_write(active_page.page,
active_page.first_empty_index,
@@ -530,7 +529,7 @@
// Erase the first page and write the entry there if the active page cannot
// be found, i.e. the storage is not initialized yet.
new_entry.counter = kBootDataDefault.counter + 1;
- RETURN_IF_ERROR(boot_data_digest_compute(&new_entry, &new_entry.digest));
+ boot_data_digest_compute(&new_entry, &new_entry.digest);
RETURN_IF_ERROR(
boot_data_entry_write(kPages[0], 0, &new_entry, kHardenedBoolTrue));
} else {
diff --git a/sw/device/silicon_creator/lib/boot_data_functest.c b/sw/device/silicon_creator/lib/boot_data_functest.c
index a720097..078695b 100644
--- a/sw/device/silicon_creator/lib/boot_data_functest.c
+++ b/sw/device/silicon_creator/lib/boot_data_functest.c
@@ -172,9 +172,9 @@
hmac_digest_t act_digest;
hmac_sha256_init();
- RETURN_IF_ERROR(hmac_sha256_update(
- (const char *)boot_data + kDigestRegionOffset, kDigestRegionSize));
- RETURN_IF_ERROR(hmac_sha256_final(&act_digest));
+ hmac_sha256_update((const char *)boot_data + kDigestRegionOffset,
+ kDigestRegionSize);
+ hmac_sha256_final(&act_digest);
if (memcmp(&act_digest, &boot_data->digest, sizeof(act_digest)) != 0) {
return kErrorUnknown;
}
diff --git a/sw/device/silicon_creator/lib/drivers/hmac.c b/sw/device/silicon_creator/lib/drivers/hmac.c
index dba3ec4..c407673 100644
--- a/sw/device/silicon_creator/lib/drivers/hmac.c
+++ b/sw/device/silicon_creator/lib/drivers/hmac.c
@@ -36,10 +36,7 @@
abs_mmio_write32(TOP_EARLGREY_HMAC_BASE_ADDR + HMAC_CMD_REG_OFFSET, reg);
}
-rom_error_t hmac_sha256_update(const void *data, size_t len) {
- if (data == NULL) {
- return kErrorHmacInvalidArgument;
- }
+void hmac_sha256_update(const void *data, size_t len) {
const uint8_t *data_sent = (const uint8_t *)data;
// Individual byte writes are needed if the buffer isn't word aligned.
@@ -60,14 +57,9 @@
abs_mmio_write8(TOP_EARLGREY_HMAC_BASE_ADDR + HMAC_MSG_FIFO_REG_OFFSET,
*data_sent++);
}
- return kErrorOk;
}
-rom_error_t hmac_sha256_final(hmac_digest_t *digest) {
- if (digest == NULL) {
- return kErrorHmacInvalidArgument;
- }
-
+void hmac_sha256_final(hmac_digest_t *digest) {
uint32_t reg = 0;
reg = bitfield_bit32_write(reg, HMAC_CMD_HASH_PROCESS_BIT, true);
abs_mmio_write32(TOP_EARLGREY_HMAC_BASE_ADDR + HMAC_CMD_REG_OFFSET, reg);
@@ -86,5 +78,4 @@
abs_mmio_read32(TOP_EARLGREY_HMAC_BASE_ADDR + HMAC_DIGEST_7_REG_OFFSET -
(i * sizeof(uint32_t)));
}
- return kErrorOk;
}
diff --git a/sw/device/silicon_creator/lib/drivers/hmac.h b/sw/device/silicon_creator/lib/drivers/hmac.h
index eaa58e8..c0a51c1 100644
--- a/sw/device/silicon_creator/lib/drivers/hmac.h
+++ b/sw/device/silicon_creator/lib/drivers/hmac.h
@@ -47,19 +47,15 @@
*
* @param data Buffer to copy data from.
* @param len size of the `data` buffer.
- * @return The result of the operation.
*/
-HMAC_WARN_UNUSED_RESULT
-rom_error_t hmac_sha256_update(const void *data, size_t len);
+void hmac_sha256_update(const void *data, size_t len);
/**
* Finalizes SHA256 operation and writes `digest` buffer.
*
* @param[out] digest Buffer to copy digest to.
- * @return The result of the operation.
*/
-HMAC_WARN_UNUSED_RESULT
-rom_error_t hmac_sha256_final(hmac_digest_t *digest);
+void hmac_sha256_final(hmac_digest_t *digest);
#ifdef __cplusplus
}
diff --git a/sw/device/silicon_creator/lib/drivers/hmac_functest.c b/sw/device/silicon_creator/lib/drivers/hmac_functest.c
index a51885d..c32667e 100644
--- a/sw/device/silicon_creator/lib/drivers/hmac_functest.c
+++ b/sw/device/silicon_creator/lib/drivers/hmac_functest.c
@@ -37,11 +37,10 @@
rom_error_t hmac_test(void) {
hmac_sha256_init();
- RETURN_IF_ERROR(
- hmac_sha256_update(kGettysburgPrelude, sizeof(kGettysburgPrelude) - 1));
+ hmac_sha256_update(kGettysburgPrelude, sizeof(kGettysburgPrelude) - 1);
hmac_digest_t digest;
- RETURN_IF_ERROR(hmac_sha256_final(&digest));
+ hmac_sha256_final(&digest);
const size_t len = ARRAYSIZE(digest.digest);
for (int i = 0; i < len; ++i) {
diff --git a/sw/device/silicon_creator/lib/drivers/hmac_unittest.cc b/sw/device/silicon_creator/lib/drivers/hmac_unittest.cc
index 28d517d..706744a 100644
--- a/sw/device/silicon_creator/lib/drivers/hmac_unittest.cc
+++ b/sw/device/silicon_creator/lib/drivers/hmac_unittest.cc
@@ -46,10 +46,6 @@
class Sha256UpdateTest : public HmacTest {};
-TEST_F(Sha256UpdateTest, NullArgs) {
- EXPECT_EQ(hmac_sha256_update(nullptr, 0), kErrorHmacInvalidArgument);
-}
-
TEST_F(Sha256UpdateTest, SendData) {
constexpr std::array<uint8_t, 16> kData = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
@@ -59,11 +55,11 @@
// Trigger 8bit aligned writes.
EXPECT_ABS_WRITE8(base_ + HMAC_MSG_FIFO_REG_OFFSET, 0x01);
EXPECT_ABS_WRITE8(base_ + HMAC_MSG_FIFO_REG_OFFSET, 0x02);
- EXPECT_EQ(hmac_sha256_update(&kData[1], 2), kErrorOk);
+ hmac_sha256_update(&kData[1], 2);
// Trigger a single 32bit aligned write.
EXPECT_ABS_WRITE32(base_ + HMAC_MSG_FIFO_REG_OFFSET, 0x03020100);
- EXPECT_EQ(hmac_sha256_update(&kData[0], 4), kErrorOk);
+ hmac_sha256_update(&kData[0], 4);
// Trigger 8bit/32bit/8bit sequence.
EXPECT_ABS_WRITE8(base_ + HMAC_MSG_FIFO_REG_OFFSET, 0x02);
@@ -71,15 +67,11 @@
EXPECT_ABS_WRITE32(base_ + HMAC_MSG_FIFO_REG_OFFSET, 0x07060504);
EXPECT_ABS_WRITE8(base_ + HMAC_MSG_FIFO_REG_OFFSET, 0x08);
EXPECT_ABS_WRITE8(base_ + HMAC_MSG_FIFO_REG_OFFSET, 0x09);
- EXPECT_EQ(hmac_sha256_update(&kData[2], 8), kErrorOk);
+ hmac_sha256_update(&kData[2], 8);
}
class Sha256FinalTest : public HmacTest {};
-TEST_F(Sha256FinalTest, NullArgs) {
- EXPECT_EQ(hmac_sha256_final(nullptr), kErrorHmacInvalidArgument);
-}
-
TEST_F(Sha256FinalTest, GetDigest) {
constexpr std::array<uint32_t, 8> kExpectedDigest = {
0x00000000, 0x11111111, 0x22222222, 0x33333333,
@@ -116,7 +108,7 @@
EXPECT_ABS_READ32(base_ + HMAC_DIGEST_0_REG_OFFSET, kExpectedDigest[7]);
hmac_digest_t got_digest;
- EXPECT_EQ(hmac_sha256_final(&got_digest), kErrorOk);
+ hmac_sha256_final(&got_digest);
EXPECT_THAT(got_digest.digest, ElementsAreArray(kExpectedDigest));
}
diff --git a/sw/device/silicon_creator/lib/error.h b/sw/device/silicon_creator/lib/error.h
index 6f1950b..8db048e 100644
--- a/sw/device/silicon_creator/lib/error.h
+++ b/sw/device/silicon_creator/lib/error.h
@@ -27,7 +27,6 @@
kModuleUnknown = 0,
kModuleAlertHandler = MODULE_CODE('A', 'H'),
kModuleUart = MODULE_CODE('U', 'A'),
- kModuleHmac = MODULE_CODE('H', 'M'),
kModuleSigverify = MODULE_CODE('S', 'V'),
kModuleKeymgr = MODULE_CODE('K', 'M'),
kModuleManifest = MODULE_CODE('M', 'A'),
@@ -74,7 +73,6 @@
X(kErrorOk, 0x739), \
X(kErrorUartInvalidArgument, ERROR_(1, kModuleUart, kInvalidArgument)), \
X(kErrorUartBadBaudRate, ERROR_(2, kModuleUart, kInvalidArgument)), \
- X(kErrorHmacInvalidArgument, ERROR_(1, kModuleHmac, kInvalidArgument)), \
X(kErrorSigverifyBadEncodedMessage, ERROR_(1, kModuleSigverify, kInvalidArgument)), \
X(kErrorSigverifyBadKey, ERROR_(2, kModuleSigverify, kInvalidArgument)), \
X(kErrorSigverifyBadOtpValue, ERROR_(3, kModuleSigverify, kInternal)), \
diff --git a/sw/device/silicon_creator/lib/sigverify.c b/sw/device/silicon_creator/lib/sigverify.c
index db22db0..6cb8303 100644
--- a/sw/device/silicon_creator/lib/sigverify.c
+++ b/sw/device/silicon_creator/lib/sigverify.c
@@ -244,10 +244,7 @@
default:
HARDENED_UNREACHABLE();
}
- RETURN_IF_ERROR(
- sigverify_encoded_message_check(&enc_msg, act_digest, flash_exec));
-
- return kErrorOk;
+ return sigverify_encoded_message_check(&enc_msg, act_digest, flash_exec);
}
void sigverify_usage_constraints_get(
diff --git a/sw/device/silicon_creator/lib/sigverify_functest.c b/sw/device/silicon_creator/lib/sigverify_functest.c
index 4a0b6a1..4ad8d4d 100644
--- a/sw/device/silicon_creator/lib/sigverify_functest.c
+++ b/sw/device/silicon_creator/lib/sigverify_functest.c
@@ -120,11 +120,10 @@
},
};
-rom_error_t compute_digest(void) {
+void compute_digest(void) {
hmac_sha256_init();
- RETURN_IF_ERROR(hmac_sha256_update(&kMessage, sizeof(kMessage) - 1));
- RETURN_IF_ERROR(hmac_sha256_final(&act_digest));
- return kErrorOk;
+ hmac_sha256_update(&kMessage, sizeof(kMessage) - 1);
+ hmac_sha256_final(&act_digest);
}
rom_error_t sigverify_test_exp_3(void) {
@@ -163,7 +162,7 @@
bool test_main(void) {
rom_error_t result = kErrorOk;
- CHECK(compute_digest() == kErrorOk);
+ compute_digest();
EXECUTE_TEST(result, sigverify_test_exp_3);
EXECUTE_TEST(result, sigverify_test_exp_65537);
diff --git a/sw/device/silicon_creator/mask_rom/mask_rom.c b/sw/device/silicon_creator/mask_rom/mask_rom.c
index 02b9e96..fab44b9 100644
--- a/sw/device/silicon_creator/mask_rom/mask_rom.c
+++ b/sw/device/silicon_creator/mask_rom/mask_rom.c
@@ -122,15 +122,15 @@
manifest_usage_constraints_t usage_constraints_from_hw;
sigverify_usage_constraints_get(manifest->usage_constraints.selector_bits,
&usage_constraints_from_hw);
- RETURN_IF_ERROR(hmac_sha256_update(&usage_constraints_from_hw,
- sizeof(usage_constraints_from_hw)));
+ hmac_sha256_update(&usage_constraints_from_hw,
+ sizeof(usage_constraints_from_hw));
// Hash the remaining part of the image.
manifest_digest_region_t digest_region = manifest_digest_region_get(manifest);
- RETURN_IF_ERROR(
- hmac_sha256_update(digest_region.start, digest_region.length));
+
+ hmac_sha256_update(digest_region.start, digest_region.length);
// Verify signature
hmac_digest_t act_digest;
- RETURN_IF_ERROR(hmac_sha256_final(&act_digest));
+ hmac_sha256_final(&act_digest);
return sigverify_rsa_verify(&manifest->signature, key, &act_digest, lc_state,
flash_exec);
}
diff --git a/sw/device/silicon_creator/mask_rom/primitive_bootstrap.c b/sw/device/silicon_creator/mask_rom/primitive_bootstrap.c
index ef499b4..a412ebe 100644
--- a/sw/device/silicon_creator/mask_rom/primitive_bootstrap.c
+++ b/sw/device/silicon_creator/mask_rom/primitive_bootstrap.c
@@ -106,12 +106,11 @@
/**
* Computes the SHA256 of the given data.
*/
-static rom_error_t compute_sha256(const void *data, size_t len,
- hmac_digest_t *digest) {
+static void compute_sha256(const void *data, size_t len,
+ hmac_digest_t *digest) {
hmac_sha256_init();
- RETURN_IF_ERROR(hmac_sha256_update(data, len));
- RETURN_IF_ERROR(hmac_sha256_final(digest));
- return kErrorOk;
+ hmac_sha256_update(data, len);
+ hmac_sha256_final(digest);
}
/**
@@ -119,16 +118,14 @@
*
* Returns true if the hashes match.
*/
-static rom_error_t check_frame_hash(const spiflash_frame_t *frame,
- bool *result) {
+static bool check_frame_hash(const spiflash_frame_t *frame) {
hmac_digest_t digest;
size_t digest_len = sizeof(digest.digest);
uint8_t *data = ((uint8_t *)frame) + digest_len;
- RETURN_IF_ERROR(
- compute_sha256(data, sizeof(spiflash_frame_t) - digest_len, &digest));
- *result = memcmp(digest.digest, frame->header.hash.digest, digest_len) == 0;
- return kErrorOk;
+
+ compute_sha256(data, sizeof(spiflash_frame_t) - digest_len, &digest);
+ return memcmp(digest.digest, frame->header.hash.digest, digest_len) == 0;
}
/**
@@ -149,9 +146,7 @@
uint32_t frame_num = SPIFLASH_FRAME_NUM(frame.header.frame_num);
if (frame_num == expected_frame_num) {
- bool frame_result = false;
- RETURN_IF_ERROR(check_frame_hash(&frame, &frame_result));
- if (!frame_result) {
+ if (!check_frame_hash(&frame)) {
log_printf("Detected hash mismatch on frame 0x%x\n\r",
(unsigned int)frame_num);
RETURN_IF_ERROR(
@@ -159,7 +154,7 @@
continue;
}
- RETURN_IF_ERROR(compute_sha256(&frame, sizeof(spiflash_frame_t), &ack));
+ compute_sha256(&frame, sizeof(spiflash_frame_t), &ack);
RETURN_IF_ERROR(
spi_device_send((uint8_t *)&ack.digest, sizeof(ack.digest)));
diff --git a/sw/device/silicon_creator/rom_ext/rom_ext.c b/sw/device/silicon_creator/rom_ext/rom_ext.c
index a3ca7c5..fe00dd3 100644
--- a/sw/device/silicon_creator/rom_ext/rom_ext.c
+++ b/sw/device/silicon_creator/rom_ext/rom_ext.c
@@ -78,19 +78,17 @@
manifest_usage_constraints_t usage_constraints_from_hw;
sigverify_usage_constraints_get(manifest->usage_constraints.selector_bits,
&usage_constraints_from_hw);
- RETURN_IF_ERROR(hmac_sha256_update(&usage_constraints_from_hw,
- sizeof(usage_constraints_from_hw)));
+ hmac_sha256_update(&usage_constraints_from_hw,
+ sizeof(usage_constraints_from_hw));
// Hash the remaining part of the image.
manifest_digest_region_t digest_region = manifest_digest_region_get(manifest);
- RETURN_IF_ERROR(
- hmac_sha256_update(digest_region.start, digest_region.length));
+ hmac_sha256_update(digest_region.start, digest_region.length);
// Verify signature
hmac_digest_t act_digest;
- RETURN_IF_ERROR(hmac_sha256_final(&act_digest));
+ hmac_sha256_final(&act_digest);
uint32_t flash_exec = 0;
- RETURN_IF_ERROR(sigverify_rsa_verify(&manifest->signature, key, &act_digest,
- lc_state, &flash_exec));
- return kErrorOk;
+ return sigverify_rsa_verify(&manifest->signature, key, &act_digest, lc_state,
+ &flash_exec);
}
static rom_error_t rom_ext_boot(const manifest_t *manifest) {
