From mboxrd@z Thu Jan 1 00:00:00 1970 From: Heiko Schocher Date: Mon, 10 Mar 2014 07:00:56 +0100 Subject: [U-Boot] [PATCH v3 4/8] rsa: add sha256-rsa2048 algorithm In-Reply-To: References: <1393845570-3283-1-git-send-email-hs@denx.de> <1393845570-3283-5-git-send-email-hs@denx.de> Message-ID: <531D5518.2010102@denx.de> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de Hello Simon, Am 09.03.2014 06:33, schrieb Simon Glass: > Hi Heiko, > > On 3 March 2014 04:19, Heiko Schocher wrote: >> based on patch from andreas at oetken.name: >> >> http://patchwork.ozlabs.org/patch/294318/ >> commit message: >> I currently need support for rsa-sha256 signatures in u-boot and found out that >> the code for signatures is not very generic. Thus adding of different >> hash-algorithms for rsa-signatures is not easy to do without copy-pasting the >> rsa-code. I attached a patch for how I think it could be better and included >> support for rsa-sha256. This is a fast first shot. >> >> aditionally work: >> - removed checkpatch warnings >> - removed compiler warnings >> - rebased against current head >> >> Signed-off-by: Heiko Schocher >> Cc: andreas at oetken.name >> Cc: Simon Glass > > This looks good to me. However, when running it I hit this crash? > > O=b/sandbox test/vboot/vboot_test.sh > Simple Verified Boot Test > ========================= > > Please see doc/uImage.FIT/verified-boot.txt for more information > > /home/sjg/c/src/third_party/u-boot/files/b/sandbox/tools/mkimage -D -I > dts -O dtb -p 2000 > Build keys > do sha1 test > Build FIT with signed images > Test Verified Boot Run: unsigned signatures:: OK > Sign images > Test Verified Boot Run: signed images: OK > Build FIT with signed configuration > Test Verified Boot Run: unsigned config: OK > Sign images > Test Verified Boot Run: signed config: OK > check signed config on the host > *** buffer overflow detected ***: > /home/sjg/c/src/third_party/u-boot/files/b/sandbox/tools/fit_check_sign > terminated > ======= Backtrace: ========= > /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f07c7ba9f47] > /lib/x86_64-linux-gnu/libc.so.6(+0x109e40)[0x7f07c7ba8e40] [...] > [vsyscall] > test/vboot/vboot_test.sh: line 65: 7597 Aborted (core > dumped) ${fit_check_sign} -f test.fit -k sandbox-u-boot.dtb> ${tmp} > > Verified boot key check on host failed, output follows: > > > Do you see this? Presumably not - I can dig a bit if you like? No, I do not see this crash ... Hmm... you reply this error to the 4/8 patch of this series, but "fit_check_sign" is introduced in the 8/8 ... did you tried with all 8 patches applied? Just tested with current head of U-Boot and I see no error: commit 247161b8160fc699b0a517f081220bb50bc502a8 Merge: d57d60c 96ac18c Author: Tom Rini Date: Fri Mar 7 20:54:22 2014 -0500 Merge branch 'master' of git://git.denx.de/u-boot-mpc85xx $ O=sandbox ./test/vboot/vboot_test.sh Simple Verified Boot Test ========================= Please see doc/uImage.FIT/verified-boot.txt for more information /home/hs/ids/u-boot/sandbox/tools/mkimage -D -I dts -O dtb -p 2000 Build keys do sha1 test Build FIT with signed images Test Verified Boot Run: unsigned signatures:: OK Sign images Test Verified Boot Run: signed images: OK Build FIT with signed configuration Test Verified Boot Run: unsigned config: OK Sign images Test Verified Boot Run: signed config: OK check signed config on the host OK Test Verified Boot Run: signed config: OK Test Verified Boot Run: signed config with bad hash: OK do sha256 test Build FIT with signed images Test Verified Boot Run: unsigned signatures:: OK Sign images Test Verified Boot Run: signed images: OK Build FIT with signed configuration Test Verified Boot Run: unsigned config: OK Sign images Test Verified Boot Run: signed config: OK check signed config on the host OK Test Verified Boot Run: signed config: OK Test Verified Boot Run: signed config with bad hash: OK Test passed pollux:u-boot hs [temp] $ Can you try with current head again? bye, Heiko -- DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany