From: Heiko Schocher <hs@denx.de>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 4/7] rsa: add sha256-rsa2048 algorithm
Date: Mon, 27 Jan 2014 07:45:23 +0100 [thread overview]
Message-ID: <52E60083.2070303@denx.de> (raw)
In-Reply-To: <CAPnjgZ19eSgAYRyOFSCA_AoA_2x30EaBxQ=i43Xa5HjM6-5Grg@mail.gmail.com>
Hello Simon,
Am 26.01.2014 22:10, schrieb Simon Glass:
> Hi Heiko,
>
> On 24 January 2014 23:44, Heiko Schocher<hs@denx.de> wrote:
>> based on patch from andreas at oetken.name:
>>
>> http://patchwork.ozlabs.org/patch/294318/
>
> Should probably add the full commit message in here.
Ok, do this in v2.
>> - removed checkpatch warnings
>> - removed compiler warnings
>> - rebased against current head
>>
>> Signed-off-by: Heiko Schocher<hs@denx.de>
>> Cc: Simon Glass<sjg@chromium.org>
>> Cc: andreas at oetken.name
>> ---
>> common/image-sig.c | 33 +++++++++++++++++
>> include/image.h | 21 +++++++++++
>> include/rsa-checksum.h | 25 +++++++++++++
>> include/rsa.h | 25 +++++++++++++
>> lib/rsa/Makefile | 2 +-
>> lib/rsa/rsa-checksum.c | 98 ++++++++++++++++++++++++++++++++++++++++++++++++++
>> lib/rsa/rsa-sign.c | 10 +++---
>> lib/rsa/rsa-verify.c | 83 +++++++++++++-----------------------------
>> 8 files changed, 233 insertions(+), 64 deletions(-)
>> create mode 100644 include/rsa-checksum.h
>> create mode 100644 lib/rsa/rsa-checksum.c
[...]
>> diff --git a/include/rsa.h b/include/rsa.h
>> index add4c78..adf809b 100644
>> --- a/include/rsa.h
>> +++ b/include/rsa.h
>> @@ -15,6 +15,20 @@
>> #include<errno.h>
>> #include<image.h>
>>
>> +/**
>> + * struct rsa_public_key - holder for a public key
>> + *
>> + * An RSA public key consists of a modulus (typically called N), the inverse
>> + * and R^2, where R is 2^(# key bits).
>> + */
>> +
>> +struct rsa_public_key {
>> + uint len; /* Length of modulus[] in number of uint32_t */
>> + uint32_t n0inv; /* -1 / modulus[0] mod 2^32 */
>> + uint32_t *modulus; /* modulus as little endian array */
>> + uint32_t *rr; /* R^2 as little endian array */
>> +};
>> +
>> #if IMAGE_ENABLE_SIGN
>> /**
>> * sign() - calculate and return signature for given input data
>> @@ -80,6 +94,10 @@ static inline int rsa_add_verify_data(struct image_sign_info *info,
>> int rsa_verify(struct image_sign_info *info,
>> const struct image_region region[], int region_count,
>> uint8_t *sig, uint sig_len);
>> +
>> +int rsa_verify_256(struct image_sign_info *info,
>> + const struct image_region region[], int region_count,
>> + uint8_t *sig, uint sig_len);
>
> Do we need to create this as a separate function? It seems a bit icky.
> Can rsa_verify() not handle both?
Good catch! I never defined rsa_verify_256(), remove this in v2.
>> #else
>> static inline int rsa_verify(struct image_sign_info *info,
>> const struct image_region region[], int region_count,
>> @@ -87,6 +105,13 @@ static inline int rsa_verify(struct image_sign_info *info,
>> {
>> return -ENXIO;
>> }
>> +
>> +static inline int rsa_verify_256(struct image_sign_info *info,
>> + const struct image_region region[], int region_count,
>> + uint8_t *sig, uint sig_len)
>> +{
>> + return -ENXIO;
>> +}
>> #endif
>>
>> #endif
[...]
> Also can you please update the tests to include a sha256 test?
You mean the "test/vboot/vboot_test.sh" ?
bye,
Heiko
--
DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
next prev parent reply other threads:[~2014-01-27 6:45 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-25 6:44 [U-Boot] [PATCH 0/7] common, fit, rsa: enhancements Heiko Schocher
2014-01-25 6:44 ` [U-Boot] [PATCH 1/7] tools/image-host: fix sign-images bug Heiko Schocher
2014-01-26 21:05 ` Simon Glass
2014-01-25 6:44 ` [U-Boot] [PATCH 2/7] fdt: add "fdt sign" command Heiko Schocher
2014-01-26 21:04 ` Simon Glass
2014-01-27 6:37 ` Heiko Schocher
2014-01-27 6:50 ` Wolfgang Denk
2014-01-27 7:42 ` Heiko Schocher
2014-02-08 14:09 ` Marek Vasut
2014-02-10 6:15 ` Heiko Schocher
2014-02-12 10:46 ` Marek Vasut
2014-02-12 15:31 ` Heiko Schocher
2014-02-13 20:26 ` Marek Vasut
2014-02-14 5:06 ` Heiko Schocher
2014-01-25 6:44 ` [U-Boot] [PATCH 3/7] fit: add sha256 support Heiko Schocher
2014-01-26 21:07 ` Simon Glass
2014-01-25 6:44 ` [U-Boot] [PATCH 4/7] rsa: add sha256-rsa2048 algorithm Heiko Schocher
2014-01-26 21:10 ` Simon Glass
2014-01-27 6:45 ` Heiko Schocher [this message]
2014-01-27 17:36 ` Simon Glass
2014-01-25 6:44 ` [U-Boot] [PATCH 5/7] rsa: add sha256,rsa4096 algorithm Heiko Schocher
2014-01-26 21:19 ` Simon Glass
2014-01-27 7:36 ` Heiko Schocher
2014-01-27 17:39 ` Simon Glass
2014-01-25 6:44 ` [U-Boot] [PATCH 6/7] tools, fit: add fit_info host command Heiko Schocher
2014-02-08 14:16 ` Marek Vasut
2014-02-10 6:28 ` Heiko Schocher
2014-02-12 10:46 ` Marek Vasut
2014-01-25 6:44 ` [U-Boot] [PATCH 7/7] tools, fit_check_sign: verify a signed fit image Heiko Schocher
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52E60083.2070303@denx.de \
--to=hs@denx.de \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.