tpm-eventlog: Always look at all supported algorithms

This will effectively mean that both sha1 and sha256 results are sent back to uefi plugin for analysis.
2025-08-06 04:57:59 +00:00 · 2020-06-17 13:19:01 -05:00 · 2020-06-17 13:19:01 -05:00 · fe862a1d1b
commit fe862a1d1b
parent 87143298cd
4 changed files with 15 additions and 17 deletions
--- a/plugins/tpm-eventlog/fu-self-test.c
+++ b/plugins/tpm-eventlog/fu-self-test.c
@ -75,9 +75,11 @@ fu_test_tpm_eventlog_parse_v2_func (void)
 	pcr0s = fu_tpm_eventlog_device_get_checksums (dev, 0, &error);
 	g_assert_no_error (error);
 	g_assert_nonnull (pcr0s);
-	g_assert_cmpint (pcr0s->len, ==, 1);
+	g_assert_cmpint (pcr0s->len, ==, 2);
 	tmp = g_ptr_array_index (pcr0s, 0);
 	g_assert_cmpstr (tmp, ==, "ebead4b31c7c49e193c440cd6ee90bc1b61a3ca6");
+	tmp = g_ptr_array_index (pcr0s, 1);
+	g_assert_cmpstr (tmp, ==, "6d9fed68092cfb91c9552bcb7879e75e1df36efd407af67690dc3389a5722fab");
 }

 int
--- a/plugins/tpm-eventlog/fu-tpm-eventlog-parser.c
+++ b/plugins/tpm-eventlog/fu-tpm-eventlog-parser.c
@ -110,6 +110,7 @@ fu_tpm_eventlog_parser_parse_blob_v2 (const guint8 *buf, gsize bufsz,
 		for (guint i = 0; i < digestcnt; i++) {
 			guint16 alg_type = 0;
 			guint32 alg_size = 0;
+			g_autofree guint8 *digest = NULL;

 			/* get checksum type */
 			if (!fu_common_read_uint16_safe	(buf, bufsz, idx,
@ -127,11 +128,9 @@ fu_tpm_eventlog_parser_parse_blob_v2 (const guint8 *buf, gsize bufsz,

 			/* build checksum */
 			idx += sizeof(alg_type);
-			if (alg_type == TPM2_ALG_SHA1 ||
-			    flags & FU_TPM_EVENTLOG_PARSER_FLAG_ALL_ALGS) {
-				g_autofree guint8 *digest = g_malloc0 (alg_size);

 			/* copy hash */
+			digest = g_malloc0 (alg_size);
 			if (!fu_memcpy_safe (digest, alg_size, 0x0,	/* dst */
 					     buf, bufsz, idx,		/* src */
 					     alg_size, error))
@ -142,7 +141,6 @@ fu_tpm_eventlog_parser_parse_blob_v2 (const guint8 *buf, gsize bufsz,
 				checksum_sha1 = g_bytes_new_take (g_steal_pointer (&digest), alg_size);
 			else if (alg_type == TPM2_ALG_SHA256)
 				checksum_sha256 = g_bytes_new_take (g_steal_pointer (&digest), alg_size);
-			}

 			/* next block */
 			idx += alg_size;
--- a/plugins/tpm-eventlog/fu-tpm-eventlog-parser.h
+++ b/plugins/tpm-eventlog/fu-tpm-eventlog-parser.h
@ -13,7 +13,6 @@
 typedef enum {
 	FU_TPM_EVENTLOG_PARSER_FLAG_NONE		= 0,
 	FU_TPM_EVENTLOG_PARSER_FLAG_ALL_PCRS		= 1 << 0,
-	FU_TPM_EVENTLOG_PARSER_FLAG_ALL_ALGS		= 1 << 1,
 	FU_TPM_EVENTLOG_PARSER_FLAG_LAST
 } FuTpmEventlogParserFlags;

--- a/plugins/tpm-eventlog/fu-tpm-eventlog.c
+++ b/plugins/tpm-eventlog/fu-tpm-eventlog.c
@ -42,7 +42,6 @@ fu_tmp_eventlog_process (const gchar *fn, gint pcr, GError **error)
 	if (!g_file_get_contents (fn, (gchar **) &buf, &bufsz, error))
 		return FALSE;
 	items = fu_tpm_eventlog_parser_new (buf, bufsz,
-					    FU_TPM_EVENTLOG_PARSER_FLAG_ALL_ALGS |
 					    FU_TPM_EVENTLOG_PARSER_FLAG_ALL_PCRS,
 					    error);
 	if (items == NULL)