summaryrefslogtreecommitdiff
path: root/tools/Makefile
diff options
context:
space:
mode:
authorReuben Dowle <reubendowle0@gmail.com>2020-04-16 17:36:52 +1200
committerTom Rini <trini@konsulko.com>2020-06-12 13:14:07 -0400
commitd16b38f42704fe3cc94fbee1601be96045013151 (patch)
treeabd95e88387701d92c5319565ed4a6aaf9c02a1b /tools/Makefile
parentf191f3a1027ede56e2501920e3e8a8acd7033e77 (diff)
Add support for SHA384 and SHA512
The current recommendation for best security practice from the US government is to use SHA384 for TOP SECRET [1]. This patch adds support for SHA384 and SHA512 in the hash command, and also allows FIT images to be hashed with these algorithms, and signed with sha384,rsaXXXX and sha512,rsaXXXX The SHA implementation is adapted from the linux kernel implementation. [1] Commercial National Security Algorithm Suite http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
Diffstat (limited to 'tools/Makefile')
-rw-r--r--tools/Makefile2
1 files changed, 2 insertions, 0 deletions
diff --git a/tools/Makefile b/tools/Makefile
index 879c3fd4a7..51123fd929 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -107,6 +107,7 @@ dumpimage-mkimage-objs := aisimage.o \
lib/crc16.o \
lib/sha1.o \
lib/sha256.o \
+ lib/sha512.o \
common/hash.o \
ublimage.o \
zynqimage.o \
@@ -225,6 +226,7 @@ HOSTCFLAGS_crc8.o := -pedantic
HOSTCFLAGS_md5.o := -pedantic
HOSTCFLAGS_sha1.o := -pedantic
HOSTCFLAGS_sha256.o := -pedantic
+HOSTCFLAGS_sha512.o := -pedantic -DCONFIG_SHA512 -DCONFIG_SHA384
quiet_cmd_wrap = WRAP $@
cmd_wrap = echo "\#include <../$(patsubst $(obj)/%,%,$@)>" >$@