summaryrefslogtreecommitdiff
path: root/include/image.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/image.h')
-rw-r--r--include/image.h23
1 files changed, 18 insertions, 5 deletions
diff --git a/include/image.h b/include/image.h
index b316d167d8..a1eea94f7d 100644
--- a/include/image.h
+++ b/include/image.h
@@ -1114,6 +1114,7 @@ int fit_conf_get_prop_node(const void *fit, int noffset,
int fit_check_ramdisk(const void *fit, int os_noffset,
uint8_t arch, int verify);
+#endif /* IMAGE_ENABLE_FIT */
int calculate_hash(const void *data, int data_len, const char *algo,
uint8_t *value, int *value_len);
@@ -1126,16 +1127,20 @@ int calculate_hash(const void *data, int data_len, const char *algo,
# if defined(CONFIG_FIT_SIGNATURE)
# define IMAGE_ENABLE_SIGN 1
# define IMAGE_ENABLE_VERIFY 1
+# define FIT_IMAGE_ENABLE_VERIFY 1
# include <openssl/evp.h>
# else
# define IMAGE_ENABLE_SIGN 0
# define IMAGE_ENABLE_VERIFY 0
+# define FIT_IMAGE_ENABLE_VERIFY 0
# endif
#else
# define IMAGE_ENABLE_SIGN 0
-# define IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE)
+# define IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(RSA_VERIFY)
+# define FIT_IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE)
#endif
+#if IMAGE_ENABLE_FIT
#ifdef USE_HOSTCC
void *image_get_host_blob(void);
void image_set_host_blob(void *host_blob);
@@ -1149,6 +1154,7 @@ void image_set_host_blob(void *host_blob);
#else
#define IMAGE_ENABLE_BEST_MATCH 0
#endif
+#endif /* IMAGE_ENABLE_FIT */
/* Information passed to the signing routines */
struct image_sign_info {
@@ -1164,18 +1170,21 @@ struct image_sign_info {
int required_keynode; /* Node offset of key to use: -1=any */
const char *require_keys; /* Value for 'required' property */
const char *engine_id; /* Engine to use for signing */
+ /*
+ * Note: the following two fields are always valid even w/o
+ * RSA_VERIFY_WITH_PKEY in order to make sure this structure is
+ * the same on target and host. Otherwise, vboot test may fail.
+ */
+ const void *key; /* Pointer to public key in DER */
+ int keylen; /* Length of public key */
};
-#endif /* Allow struct image_region to always be defined for rsa.h */
-
/* A part of an image, used for hashing */
struct image_region {
const void *data;
int size;
};
-#if IMAGE_ENABLE_FIT
-
#if IMAGE_ENABLE_VERIFY
# include <u-boot/rsa-checksum.h>
#endif
@@ -1276,6 +1285,8 @@ struct crypto_algo *image_get_crypto_algo(const char *full_name);
*/
struct padding_algo *image_get_padding_algo(const char *name);
+#if IMAGE_ENABLE_FIT
+
/**
* fit_image_verify_required_sigs() - Verify signatures marked as 'required'
*
@@ -1416,6 +1427,7 @@ struct cipher_algo *image_get_cipher_algo(const char *full_name);
#endif /* CONFIG_FIT_VERBOSE */
#endif /* CONFIG_FIT */
+#if !defined(USE_HOSTCC)
#if defined(CONFIG_ANDROID_BOOT_IMAGE)
struct andr_img_hdr;
int android_image_check_header(const struct andr_img_hdr *hdr);
@@ -1437,6 +1449,7 @@ bool android_image_print_dtb_contents(ulong hdr_addr);
#endif
#endif /* CONFIG_ANDROID_BOOT_IMAGE */
+#endif /* !USE_HOSTCC */
/**
* board_fit_config_name_match() - Check for a matching board name