From: Jamin Lin <jamin_lin@aspeedtech.com>
To: Alexandru Gagniuc <mr.nuke.me@gmail.com>,
Simon Glass <sjg@chromium.org>,
Philippe Reynes <philippe.reynes@softathome.com>,
Sean Anderson <sean.anderson@seco.com>,
Thomas Perrot <thomas.perrot@bootlin.com>,
"open list" <u-boot@lists.denx.de>
Cc: <troy_lee@aspeedtech.com>, <steven_lee@aspeedtech.com>
Subject: [PATCH v2] rsa: adds rsa3072 algorithm
Date: Thu, 9 Dec 2021 11:57:14 +0800 [thread overview]
Message-ID: <20211209035715.5733-2-jamin_lin@aspeedtech.com> (raw)
In-Reply-To: <20211209035715.5733-1-jamin_lin@aspeedtech.com>
Add to support rsa 30272 bits algorithm in tools
for image sign at host side and adds rsa 3027 bits
verification in the image binary.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
wq
---
include/u-boot/rsa.h | 1 +
lib/rsa/rsa-verify.c | 6 ++++++
tools/image-sig-host.c | 7 +++++++
3 files changed, 14 insertions(+)
diff --git a/include/u-boot/rsa.h b/include/u-boot/rsa.h
index 7556aa5b4b..bb56c2243c 100644
--- a/include/u-boot/rsa.h
+++ b/include/u-boot/rsa.h
@@ -110,6 +110,7 @@ int padding_pss_verify(struct image_sign_info *info,
#define RSA_DEFAULT_PADDING_NAME "pkcs-1.5"
#define RSA2048_BYTES (2048 / 8)
+#define RSA3072_BYTES (3072 / 8)
#define RSA4096_BYTES (4096 / 8)
/* This is the minimum/maximum key size we support, in bits */
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 83f7564101..4fe487d7e5 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -588,6 +588,12 @@ U_BOOT_CRYPTO_ALGO(rsa2048) = {
.verify = rsa_verify,
};
+U_BOOT_CRYPTO_ALGO(rsa3072) = {
+ .name = "rsa3072",
+ .key_len = RSA3072_BYTES,
+ .verify = rsa_verify,
+};
+
U_BOOT_CRYPTO_ALGO(rsa4096) = {
.name = "rsa4096",
.key_len = RSA4096_BYTES,
diff --git a/tools/image-sig-host.c b/tools/image-sig-host.c
index 8ed6998dab..d0133aec4c 100644
--- a/tools/image-sig-host.c
+++ b/tools/image-sig-host.c
@@ -55,6 +55,13 @@ struct crypto_algo crypto_algos[] = {
.add_verify_data = rsa_add_verify_data,
.verify = rsa_verify,
},
+ {
+ .name = "rsa3072",
+ .key_len = RSA3072_BYTES,
+ .sign = rsa_sign,
+ .add_verify_data = rsa_add_verify_data,
+ .verify = rsa_verify,
+ },
{
.name = "rsa4096",
.key_len = RSA4096_BYTES,
--
2.17.1
next prev parent reply other threads:[~2021-12-09 3:58 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-09 3:57 [PATCH v2 0/1] rsa: adds rsa3072 algorithm Jamin Lin
2021-12-09 3:57 ` Jamin Lin [this message]
2021-12-10 0:15 ` [PATCH v2] " Simon Glass
2021-12-10 6:05 ` Jamin Lin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211209035715.5733-2-jamin_lin@aspeedtech.com \
--to=jamin_lin@aspeedtech.com \
--cc=mr.nuke.me@gmail.com \
--cc=philippe.reynes@softathome.com \
--cc=sean.anderson@seco.com \
--cc=sjg@chromium.org \
--cc=steven_lee@aspeedtech.com \
--cc=thomas.perrot@bootlin.com \
--cc=troy_lee@aspeedtech.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox