Commit Graph

7 Commits

Author SHA1 Message Date
Andrew Duda
da29f2991d rsa: Verify RSA padding programatically
Padding verification was done against static SHA/RSA pair arrays which
take up a lot of static memory, are mostly 0xff, and cannot be reused
for additional SHA/RSA pairings. The padding can be easily computed
according to PKCS#1v2.1 as:

  EM = 0x00 || 0x01 || PS || 0x00 || T

where PS is (emLen - tLen - 3) octets of 0xff and T is DER encoding
of the hash.

Store DER prefix in checksum_algo and create rsa_verify_padding
function to handle verification of a message for any SHA/RSA pairing.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21 14:07:30 -05:00
Jeroen Hofstee
2b9912e6a7 includes: move openssl headers to include/u-boot
commit 18b06652cd "tools: include u-boot version of sha256.h"
unconditionally forced the sha256.h from u-boot to be used
for tools instead of the host version. This is fragile though
as it will also include the host version. Therefore move it
to include/u-boot to join u-boot/md5.h etc which were renamed
for the same reason.

cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Jeroen Hofstee <jeroen@myspectrum.nl>
2014-06-19 11:19:04 -04:00
Andreas Bießmann
822ef00e98 lib/sha256: fix compile on some hosts
Commit 2842c1c242 introduced lib/sha256 into
mkimage. Since then it will be compiled with HOSTCC which may produce errors
on some systems. Most BSD systems (like OS X for me) do not ship a
linux/string.h which will lead to take the U-Boot provided
include/linux/string.h in the end. This header howver is completely wrong
here. Just take the string.h if compiling with HOSTCC and linux/string.h when
not.

Signed-off-by: Andreas Bießmann <andreas.devel@googlemail.com>
Cc: Heiko Schocher <hs@denx.de>
Acked-by: Heiko Schocher<hs@denx.de>
2014-05-12 15:19:46 -04:00
Heiko Schocher
2842c1c242 fit: add sha256 support
add sha256 support to fit images

Signed-off-by: Heiko Schocher <hs@denx.de>
Acked-by: Simon Glass <sjg@chromium.org>
2014-03-21 16:39:33 -04:00
Wolfgang Denk
1a4596601f Add GPL-2.0+ SPDX-License-Identifier to source files
Signed-off-by: Wolfgang Denk <wd@denx.de>
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini <trini@ti.com>
2013-07-24 09:44:38 -04:00
Simon Glass
ec7381fbf6 sha256: Use const where possible and add watchdog function
In preparation for making the hash function common, we may as well use
const where we can.

Also add a watchdog version of the hashing function.

Signed-off-by: Simon Glass <sjg@chromium.org>
2012-12-11 13:17:33 -07:00
Peter Tyser
78acc472d9 Rename lib_generic/ to lib/
Now that the other architecture-specific lib directories have been
moved out of the top-level directory there's not much reason to have the
'_generic' suffix on the common lib directory.

Signed-off-by: Peter Tyser <ptyser@xes-inc.com>
2010-04-13 09:13:04 +02:00