From: Heiko Schocher <hs@denx.de>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 4/7] rsa: add sha256-rsa2048 algorithm
Date: Mon, 27 Jan 2014 07:45:23 +0100 [thread overview]
Message-ID: <52E60083.2070303@denx.de> (raw)
In-Reply-To: <CAPnjgZ19eSgAYRyOFSCA_AoA_2x30EaBxQ=i43Xa5HjM6-5Grg@mail.gmail.com>
Hello Simon,
Am 26.01.2014 22:10, schrieb Simon Glass:
> Hi Heiko,
>
> On 24 January 2014 23:44, Heiko Schocher<hs@denx.de> wrote:
>> based on patch from andreas at oetken.name:
>>
>> http://patchwork.ozlabs.org/patch/294318/
>
> Should probably add the full commit message in here.
Ok, do this in v2.
>> - removed checkpatch warnings
>> - removed compiler warnings
>> - rebased against current head
>>
>> Signed-off-by: Heiko Schocher<hs@denx.de>
>> Cc: Simon Glass<sjg@chromium.org>
>> Cc: andreas at oetken.name
>> ---
>> common/image-sig.c | 33 +++++++++++++++++
>> include/image.h | 21 +++++++++++
>> include/rsa-checksum.h | 25 +++++++++++++
>> include/rsa.h | 25 +++++++++++++
>> lib/rsa/Makefile | 2 +-
>> lib/rsa/rsa-checksum.c | 98 ++++++++++++++++++++++++++++++++++++++++++++++++++
>> lib/rsa/rsa-sign.c | 10 +++---
>> lib/rsa/rsa-verify.c | 83 +++++++++++++-----------------------------
>> 8 files changed, 233 insertions(+), 64 deletions(-)
>> create mode 100644 include/rsa-checksum.h
>> create mode 100644 lib/rsa/rsa-checksum.c
[...]
>> diff --git a/include/rsa.h b/include/rsa.h
>> index add4c78..adf809b 100644
>> --- a/include/rsa.h
>> +++ b/include/rsa.h
>> @@ -15,6 +15,20 @@
>> #include<errno.h>
>> #include<image.h>
>>
>> +/**
>> + * struct rsa_public_key - holder for a public key
>> + *
>> + * An RSA public key consists of a modulus (typically called N), the inverse
>> + * and R^2, where R is 2^(# key bits).
>> + */
>> +
>> +struct rsa_public_key {
>> + uint len; /* Length of modulus[] in number of uint32_t */
>> + uint32_t n0inv; /* -1 / modulus[0] mod 2^32 */
>> + uint32_t *modulus; /* modulus as little endian array */
>> + uint32_t *rr; /* R^2 as little endian array */
>> +};
>> +
>> #if IMAGE_ENABLE_SIGN
>> /**
>> * sign() - calculate and return signature for given input data
>> @@ -80,6 +94,10 @@ static inline int rsa_add_verify_data(struct image_sign_info *info,
>> int rsa_verify(struct image_sign_info *info,
>> const struct image_region region[], int region_count,
>> uint8_t *sig, uint sig_len);
>> +
>> +int rsa_verify_256(struct image_sign_info *info,
>> + const struct image_region region[], int region_count,
>> + uint8_t *sig, uint sig_len);
>
> Do we need to create this as a separate function? It seems a bit icky.
> Can rsa_verify() not handle both?
Good catch! I never defined rsa_verify_256(), remove this in v2.
>> #else
>> static inline int rsa_verify(struct image_sign_info *info,
>> const struct image_region region[], int region_count,
>> @@ -87,6 +105,13 @@ static inline int rsa_verify(struct image_sign_info *info,
>> {
>> return -ENXIO;
>> }
>> +
>> +static inline int rsa_verify_256(struct image_sign_info *info,
>> + const struct image_region region[], int region_count,
>> + uint8_t *sig, uint sig_len)
>> +{
>> + return -ENXIO;
>> +}
>> #endif
>>
>> #endif
[...]
> Also can you please update the tests to include a sha256 test?
You mean the "test/vboot/vboot_test.sh" ?
bye,
Heiko
--
DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
next prev parent reply other threads:[~2014-01-27 6:45 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-25 6:44 [U-Boot] [PATCH 0/7] common, fit, rsa: enhancements Heiko Schocher
2014-01-25 6:44 ` [U-Boot] [PATCH 1/7] tools/image-host: fix sign-images bug Heiko Schocher
2014-01-26 21:05 ` Simon Glass
2014-01-25 6:44 ` [U-Boot] [PATCH 2/7] fdt: add "fdt sign" command Heiko Schocher
2014-01-26 21:04 ` Simon Glass
2014-01-27 6:37 ` Heiko Schocher
2014-01-27 6:50 ` Wolfgang Denk
2014-01-27 7:42 ` Heiko Schocher
2014-02-08 14:09 ` Marek Vasut
2014-02-10 6:15 ` Heiko Schocher
2014-02-12 10:46 ` Marek Vasut
2014-02-12 15:31 ` Heiko Schocher
2014-02-13 20:26 ` Marek Vasut
2014-02-14 5:06 ` Heiko Schocher
2014-01-25 6:44 ` [U-Boot] [PATCH 3/7] fit: add sha256 support Heiko Schocher
2014-01-26 21:07 ` Simon Glass
2014-01-25 6:44 ` [U-Boot] [PATCH 4/7] rsa: add sha256-rsa2048 algorithm Heiko Schocher
2014-01-26 21:10 ` Simon Glass
2014-01-27 6:45 ` Heiko Schocher [this message]
2014-01-27 17:36 ` Simon Glass
2014-01-25 6:44 ` [U-Boot] [PATCH 5/7] rsa: add sha256,rsa4096 algorithm Heiko Schocher
2014-01-26 21:19 ` Simon Glass
2014-01-27 7:36 ` Heiko Schocher
2014-01-27 17:39 ` Simon Glass
2014-01-25 6:44 ` [U-Boot] [PATCH 6/7] tools, fit: add fit_info host command Heiko Schocher
2014-02-08 14:16 ` Marek Vasut
2014-02-10 6:28 ` Heiko Schocher
2014-02-12 10:46 ` Marek Vasut
2014-01-25 6:44 ` [U-Boot] [PATCH 7/7] tools, fit_check_sign: verify a signed fit image Heiko Schocher
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52E60083.2070303@denx.de \
--to=hs@denx.de \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).