image: Allow CalcHash to accept an initial hash
The initial hash is only used for split images.
diff --git a/image/create.go b/image/create.go
index 6fc0f27..225a386 100644
--- a/image/create.go
+++ b/image/create.go
@@ -487,8 +487,6 @@
img.Header.ProtSz = calcProtSize(img.ProtTlvs)
- payload := &ic.Body
-
// Followed by data.
if ic.PlainSecret != nil {
encBody, err := sec.EncryptAES(ic.Body, ic.PlainSecret, ic.Nonce)
@@ -496,16 +494,11 @@
return img, err
}
img.Body = append(img.Body, encBody...)
-
- if ic.HWKeyIndex >= 0 {
- payload = &encBody
- }
-
} else {
img.Body = append(img.Body, ic.Body...)
}
- hashBytes, err := calcHash(ic.InitialHash, img.Header, img.Pad, *payload, img.ProtTlvs)
+ hashBytes, err := img.CalcHash(ic.InitialHash)
if err != nil {
return img, err
}
diff --git a/image/image.go b/image/image.go
index 97bb080..c543cd3 100644
--- a/image/image.go
+++ b/image/image.go
@@ -475,9 +475,10 @@
return tlv.Data, nil
}
-// CalcHash calculates a SHA256 of the given image.
-func (i *Image) CalcHash() ([]byte, error) {
- return calcHash(nil, i.Header, i.Pad, i.Body, i.ProtTlvs)
+// CalcHash calculates a SHA256 of the given image. initialHash should be nil
+// for non-split-images.
+func (i *Image) CalcHash(initialHash []byte) ([]byte, error) {
+ return calcHash(initialHash, i.Header, i.Pad, i.Body, i.ProtTlvs)
}
// WritePlusOffsets writes a binary image to the given writer. It returns
diff --git a/image/verify.go b/image/verify.go
index 7096621..ec98b67 100644
--- a/image/verify.go
+++ b/image/verify.go
@@ -35,7 +35,7 @@
return err
}
- wantHash, err := img.CalcHash()
+ wantHash, err := img.CalcHash(nil)
if err != nil {
return err
}