From: Jamin Lin <jamin_lin@aspeedtech.com>
To: Alexandru Gagniuc <mr.nuke.me@gmail.com>,
Simon Glass <sjg@chromium.org>,
Philippe Reynes <philippe.reynes@softathome.com>,
Sean Anderson <sean.anderson@seco.com>,
Thomas Perrot <thomas.perrot@bootlin.com>,
"open list" <u-boot@lists.denx.de>
Cc: <troy_lee@aspeedtech.com>, <steven_lee@aspeedtech.com>
Subject: [PATCH v2] rsa: adds rsa3072 algorithm
Date: Thu, 9 Dec 2021 11:57:14 +0800 [thread overview]
Message-ID: <20211209035715.5733-2-jamin_lin@aspeedtech.com> (raw)
In-Reply-To: <20211209035715.5733-1-jamin_lin@aspeedtech.com>
Add to support rsa 30272 bits algorithm in tools
for image sign at host side and adds rsa 3027 bits
verification in the image binary.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
wq
---
include/u-boot/rsa.h | 1 +
lib/rsa/rsa-verify.c | 6 ++++++
tools/image-sig-host.c | 7 +++++++
3 files changed, 14 insertions(+)
diff --git a/include/u-boot/rsa.h b/include/u-boot/rsa.h
index 7556aa5b4b..bb56c2243c 100644
--- a/include/u-boot/rsa.h
+++ b/include/u-boot/rsa.h
@@ -110,6 +110,7 @@ int padding_pss_verify(struct image_sign_info *info,
#define RSA_DEFAULT_PADDING_NAME "pkcs-1.5"
#define RSA2048_BYTES (2048 / 8)
+#define RSA3072_BYTES (3072 / 8)
#define RSA4096_BYTES (4096 / 8)
/* This is the minimum/maximum key size we support, in bits */
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 83f7564101..4fe487d7e5 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -588,6 +588,12 @@ U_BOOT_CRYPTO_ALGO(rsa2048) = {
.verify = rsa_verify,
};
+U_BOOT_CRYPTO_ALGO(rsa3072) = {
+ .name = "rsa3072",
+ .key_len = RSA3072_BYTES,
+ .verify = rsa_verify,
+};
+
U_BOOT_CRYPTO_ALGO(rsa4096) = {
.name = "rsa4096",
.key_len = RSA4096_BYTES,
diff --git a/tools/image-sig-host.c b/tools/image-sig-host.c
index 8ed6998dab..d0133aec4c 100644
--- a/tools/image-sig-host.c
+++ b/tools/image-sig-host.c
@@ -55,6 +55,13 @@ struct crypto_algo crypto_algos[] = {
.add_verify_data = rsa_add_verify_data,
.verify = rsa_verify,
},
+ {
+ .name = "rsa3072",
+ .key_len = RSA3072_BYTES,
+ .sign = rsa_sign,
+ .add_verify_data = rsa_add_verify_data,
+ .verify = rsa_verify,
+ },
{
.name = "rsa4096",
.key_len = RSA4096_BYTES,
--
2.17.1
next prev parent reply other threads:[~2021-12-09 3:58 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-09 3:57 [PATCH v2 0/1] rsa: adds rsa3072 algorithm Jamin Lin
2021-12-09 3:57 ` Jamin Lin [this message]
2021-12-10 0:15 ` [PATCH v2] " Simon Glass
2021-12-10 6:05 ` Jamin Lin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211209035715.5733-2-jamin_lin@aspeedtech.com \
--to=jamin_lin@aspeedtech.com \
--cc=mr.nuke.me@gmail.com \
--cc=philippe.reynes@softathome.com \
--cc=sean.anderson@seco.com \
--cc=sjg@chromium.org \
--cc=steven_lee@aspeedtech.com \
--cc=thomas.perrot@bootlin.com \
--cc=troy_lee@aspeedtech.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.