summaryrefslogtreecommitdiff
path: root/lib/libfdt
diff options
context:
space:
mode:
authorIlias Apalodimas <ilias.apalodimas@linaro.org>2022-05-06 15:36:00 +0300
committerHeinrich Schuchardt <heinrich.schuchardt@canonical.com>2022-05-07 23:17:26 +0200
commitb436cc6a57cae017343a549f4b701e748d7e6448 (patch)
treeb109ed047f6936b107e135b04c0e937cd912013a /lib/libfdt
parent3ae6cf5400ee004c309f73f358c1043cf6d8eecc (diff)
downloadu-boot-b436cc6a57cae017343a549f4b701e748d7e6448.tar.gz
u-boot-b436cc6a57cae017343a549f4b701e748d7e6448.tar.bz2
u-boot-b436cc6a57cae017343a549f4b701e748d7e6448.zip
efi_loader: add sha384/512 on certificate revocation
Currently we don't support sha384/512 for the X.509 certificate in dbx. Moreover if we come across such a hash we skip the check and approve the image, although the image might needs to be rejected. Rework the code a bit and fix it by adding an array of structs with the supported GUIDs, len and literal used in the U-Boot crypto APIs instead of hardcoding the GUID types. It's worth noting here that efi_hash_regions() can now be reused from efi_signature_lookup_digest() and add sha348/512 support there as well Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Diffstat (limited to 'lib/libfdt')
0 files changed, 0 insertions, 0 deletions