Add bg 1.0 verification functions, move subdirs into own namespace

Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>

Author: zaolin

pkg/intel/metadata/bg/bootpolicy/bpmh.go …g/intel/metadata/bg/bgbootpolicy/bpmh.gopkg/intel/metadata/bg/bootpolicy/bpmh.go renamed to pkg/intel/metadata/bg/bgbootpolicy/bpmh.go pkg/intel/metadata/bg/bootpolicy/bpmh.go renamed to pkg/intel/metadata/bg/bgbootpolicy/bpmh.go

@@ -4,7 +4,7 @@
 
 //go:generate manifestcodegen
 
-package bootpolicy
+package bgbootpolicy
 
 import "github.com/linuxboot/fiano/pkg/intel/metadata/bg"
 

…ta/bg/bootpolicy/bpmh_manifestcodegen.go …/bg/bgbootpolicy/bpmh_manifestcodegen.gopkg/intel/metadata/bg/bootpolicy/bpmh_manifestcodegen.go renamed to pkg/intel/metadata/bg/bgbootpolicy/bpmh_manifestcodegen.go pkg/intel/metadata/bg/bootpolicy/bpmh_manifestcodegen.go renamed to pkg/intel/metadata/bg/bgbootpolicy/bpmh_manifestcodegen.go

@@ -4,9 +4,12 @@
 
 //go:generate manifestcodegen
 
-package bootpolicy
+package bgbootpolicy
 
 import (
+	"bytes"
+	"fmt"
+
 	pkgbytes "github.com/linuxboot/fiano/pkg/bytes"
 
 	"github.com/linuxboot/fiano/pkg/intel/metadata/bg"
@@ -35,7 +38,28 @@ func (bpm Manifest) StructInfo() StructInfo {
 
 // ValidateIBB returns an error if IBB segments does not match the signature
 func (bpm *Manifest) ValidateIBB(firmware uefi.Firmware) error {
-	// TODO
+	if bpm.SE[0].Digest.TotalSize() == 0 {
+		return fmt.Errorf("no IBB hashes")
+	}
+
+	digest := bpm.SE[0].Digest
+
+	h, err := digest.HashAlg.Hash()
+	if err != nil {
+		return fmt.Errorf("invalid hash function: %v", digest.HashAlg)
+	}
+
+	for _, _range := range bpm.IBBDataRanges(uint64(len(firmware.Buf()))) {
+		if _, err := h.Write(firmware.Buf()[_range.Offset:_range.End()]); err != nil {
+			return fmt.Errorf("unable to hash: %w", err)
+		}
+	}
+	hashValue := h.Sum(nil)
+
+	if !bytes.Equal(hashValue, digest.HashBuffer) {
+		return fmt.Errorf("IBB %s hash mismatch: %X != %X", digest.HashAlg, hashValue, digest.HashBuffer)
+	}
+
 	return nil
 }
 

…intel/metadata/bg/bootpolicy/manifest.go …tel/metadata/bg/bgbootpolicy/manifest.gopkg/intel/metadata/bg/bootpolicy/manifest.go renamed to pkg/intel/metadata/bg/bgbootpolicy/manifest.go pkg/intel/metadata/bg/bootpolicy/manifest.go renamed to pkg/intel/metadata/bg/bgbootpolicy/manifest.go

@@ -10,7 +10,7 @@
 // "bpm.BPMH.PrettyString undefined" we place these functions to a file
 // with a build tag "!manifestcodegen"
 
-package bootpolicy
+package bgbootpolicy
 
 import (
 	"fmt"

…g/bootpolicy/manifest_manifestcodegen.go …bgbootpolicy/manifest_manifestcodegen.gopkg/intel/metadata/bg/bootpolicy/manifest_manifestcodegen.go renamed to pkg/intel/metadata/bg/bgbootpolicy/manifest_manifestcodegen.go pkg/intel/metadata/bg/bootpolicy/manifest_manifestcodegen.go renamed to pkg/intel/metadata/bg/bgbootpolicy/manifest_manifestcodegen.go

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-package bootpolicy
+package bgbootpolicy
 
 import (
 	"testing"

…data/bg/bootpolicy/manifest_nocodegen.go …ta/bg/bgbootpolicy/manifest_nocodegen.gopkg/intel/metadata/bg/bootpolicy/manifest_nocodegen.go renamed to pkg/intel/metadata/bg/bgbootpolicy/manifest_nocodegen.go pkg/intel/metadata/bg/bootpolicy/manifest_nocodegen.go renamed to pkg/intel/metadata/bg/bgbootpolicy/manifest_nocodegen.go

@@ -4,7 +4,7 @@
 
 //go:generate manifestcodegen
 
-package bootpolicy
+package bgbootpolicy
 
 type PM struct {
 	StructInfo `id:"__PMDA__" version:"0x10"`

…/metadata/bg/bootpolicy/manifest_test.go …etadata/bg/bgbootpolicy/manifest_test.gopkg/intel/metadata/bg/bootpolicy/manifest_test.go renamed to pkg/intel/metadata/bg/bgbootpolicy/manifest_test.go pkg/intel/metadata/bg/bootpolicy/manifest_test.go renamed to pkg/intel/metadata/bg/bgbootpolicy/manifest_test.go

@@ -4,7 +4,7 @@
 
 //go:generate manifestcodegen
 
-package bootpolicy
+package bgbootpolicy
 
 import (
 	"fmt"