[PATCH RFC 01/10] common: Move host-only logic in image-sig.c to separate file

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

From: Alexandru Gagniuc <mr.nuke.me@gmail.com>
To: u-boot@lists.denx.de
Subject: [PATCH RFC 01/10] common: Move host-only logic in image-sig.c to separate file
Date: Fri, 14 May 2021 14:45:53 -0500	[thread overview]
Message-ID: <20210514194602.598322-2-mr.nuke.me@gmail.com> (raw)
In-Reply-To: <20210514194602.598322-1-mr.nuke.me@gmail.com>

image-sig.c is used to map a hash or crypto algorithm name to a
handler of that algorithm. There is some similarity between the host
and target variants, with the differences worked out by #ifdefs. The
purpose of this change is to remove those ifdefs.

First, copy the file to a host-only version, and remove target
specific code. Although it looks like we are duplicating code,
subsequent patches will change the way target algorithms are searched.
Besides we are only duplicating three string to struct mapping
functions. This isn't something to fuss about.
---
 common/image-sig-host.c | 134 ++++++++++++++++++++++++++++++++++++++++
 tools/Makefile          |   2 +-
 2 files changed, 135 insertions(+), 1 deletion(-)
 create mode 100644 common/image-sig-host.c

diff --git a/common/image-sig-host.c b/common/image-sig-host.c
new file mode 100644
index 0000000000..22e9c53c3e
--- /dev/null
+++ b/common/image-sig-host.c
@@ -0,0 +1,134 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright (c) 2013, Google Inc.
+ */
+
+#include "mkimage.h"
+#include <fdt_support.h>
+#include <time.h>
+#include <linux/libfdt.h>
+#include <image.h>
+#include <u-boot/ecdsa.h>
+#include <u-boot/rsa.h>
+#include <u-boot/hash-checksum.h>
+
+
+struct checksum_algo checksum_algos[] = {
+	{
+		.name = "sha1",
+		.checksum_len = SHA1_SUM_LEN,
+		.der_len = SHA1_DER_LEN,
+		.der_prefix = sha1_der_prefix,
+		.calculate_sign = EVP_sha1,
+		.calculate = hash_calculate,
+	},
+	{
+		.name = "sha256",
+		.checksum_len = SHA256_SUM_LEN,
+		.der_len = SHA256_DER_LEN,
+		.der_prefix = sha256_der_prefix,
+		.calculate_sign = EVP_sha256,
+		.calculate = hash_calculate,
+	},
+	{
+		.name = "sha384",
+		.checksum_len = SHA384_SUM_LEN,
+		.der_len = SHA384_DER_LEN,
+		.der_prefix = sha384_der_prefix,
+		.calculate_sign = EVP_sha384,
+		.calculate = hash_calculate,
+	},
+	{
+		.name = "sha512",
+		.checksum_len = SHA512_SUM_LEN,
+		.der_len = SHA512_DER_LEN,
+		.der_prefix = sha512_der_prefix,
+		.calculate_sign = EVP_sha512,
+		.calculate = hash_calculate,
+	},
+};
+
+struct crypto_algo crypto_algos[] = {
+	{
+		.name = "rsa2048",
+		.key_len = RSA2048_BYTES,
+		.sign = rsa_sign,
+		.add_verify_data = rsa_add_verify_data,
+		.verify = rsa_verify,
+	},
+	{
+		.name = "rsa4096",
+		.key_len = RSA4096_BYTES,
+		.sign = rsa_sign,
+		.add_verify_data = rsa_add_verify_data,
+		.verify = rsa_verify,
+	},
+	{
+		.name = "ecdsa256",
+		.key_len = ECDSA256_BYTES,
+		.sign = ecdsa_sign,
+		.add_verify_data = ecdsa_add_verify_data,
+		.verify = ecdsa_verify,
+	},
+};
+
+struct padding_algo padding_algos[] = {
+	{
+		.name = "pkcs-1.5",
+		.verify = padding_pkcs_15_verify,
+	},
+	{
+		.name = "pss",
+		.verify = padding_pss_verify,
+	}
+};
+
+struct checksum_algo *image_get_checksum_algo(const char *full_name)
+{
+	int i;
+	const char *name;
+
+	for (i = 0; i < ARRAY_SIZE(checksum_algos); i++) {
+		name = checksum_algos[i].name;
+		/* Make sure names match and next char is a comma */
+		if (!strncmp(name, full_name, strlen(name)) &&
+		    full_name[strlen(name)] == ',')
+			return &checksum_algos[i];
+	}
+
+	return NULL;
+}
+
+struct crypto_algo *image_get_crypto_algo(const char *full_name)
+{
+	int i;
+	const char *name;
+
+	/* Move name to after the comma */
+	name = strchr(full_name, ',');
+	if (!name)
+		return NULL;
+	name += 1;
+
+	for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
+		if (!strcmp(crypto_algos[i].name, name))
+			return &crypto_algos[i];
+	}
+
+	return NULL;
+}
+
+struct padding_algo *image_get_padding_algo(const char *name)
+{
+	int i;
+
+	if (!name)
+		return NULL;
+
+	for (i = 0; i < ARRAY_SIZE(padding_algos); i++) {
+		if (!strcmp(padding_algos[i].name, name))
+			return &padding_algos[i];
+	}
+
+	return NULL;
+}
diff --git a/tools/Makefile b/tools/Makefile
index d020c55d66..6751d9874b 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -58,7 +58,7 @@ hostprogs-$(CONFIG_FIT_SIGNATURE) += fit_info fit_check_sign
 hostprogs-$(CONFIG_CMD_BOOTEFI_SELFTEST) += file2include
 
 FIT_OBJS-$(CONFIG_FIT) := fit_common.o fit_image.o image-host.o common/image-fit.o
-FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig.o common/image-fit-sig.o
+FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig-host.o common/image-fit-sig.o
 FIT_CIPHER_OBJS-$(CONFIG_FIT_CIPHER) := common/image-cipher.o
 
 # The following files are synced with upstream DTC.
-- 
2.31.1

next prev parent reply	other threads:[~2021-05-14 19:45 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-14 19:45 [PATCH RFC 00/10] image: Reduce the abuse of #ifdefs in image-sig.c Alexandru Gagniuc
2021-05-14 19:45 ` Alexandru Gagniuc [this message]
2021-05-15 15:20   ` [PATCH RFC 01/10] common: Move host-only logic in image-sig.c to separate file Simon Glass
2021-05-17 14:19     ` Alex G.
2021-05-14 19:45 ` [PATCH RFC 02/10] common: image-sig.c: Remove host-specific logic and #ifdefs Alexandru Gagniuc
2021-05-15 15:20   ` Simon Glass
2021-05-14 19:45 ` [PATCH RFC 03/10] image: Add support for placing crypto_algo in linker lists Alexandru Gagniuc
2021-05-15 15:20   ` Simon Glass
2021-05-14 19:45 ` [PATCH RFC 04/10] [UNTESTED] image: Add support for relocating crypto_algos " Alexandru Gagniuc
2021-05-15 15:20   ` Simon Glass
2021-05-19  7:07     ` Michal Simek
2021-05-14 19:45 ` [PATCH RFC 05/10] image: rsa: Move verification algorithm to a linker list Alexandru Gagniuc
2021-05-15 15:20   ` Simon Glass
2021-05-14 19:45 ` [PATCH RFC 06/10] image: image-sig.c: Remove crypto_algos array Alexandru Gagniuc
2021-05-15 15:20   ` Simon Glass
2021-05-14 19:45 ` [PATCH RFC 07/10] lib: ecdsa: Remove #ifdefs from ecdsa.h Alexandru Gagniuc
2021-05-15 15:20   ` Simon Glass
2021-05-14 19:46 ` [PATCH RFC 08/10] lib: rsa: Remove #ifdefs from rsa.h Alexandru Gagniuc
2021-05-15 15:20   ` Simon Glass
2021-05-14 19:46 ` [PATCH RFC 09/10] image: Eliminate IMAGE_ENABLE_VERIFY macro Alexandru Gagniuc
2021-05-15 15:20   ` Simon Glass
2021-05-14 19:46 ` [PATCH RFC 10/10] image: Eliminate IMAGE_ENABLE_VERIFY_ECDSA macro Alexandru Gagniuc
2021-05-15 15:20   ` Simon Glass

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:22e9c53c3 dfblob:d020c55d6 dfblob:6751d9874 )
 OR (
bs:"[PATCH RFC 01/10] common: Move host-only logic in image-sig.c to separate file" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210514194602.598322-2-mr.nuke.me@gmail.com \
    --to=mr.nuke.me@gmail.com \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox