summaryrefslogtreecommitdiff
path: root/lib/crypto
AgeCommit message (Collapse)Author
2020-08-08lib/crypto: simplify public_key_verify_signatureHeinrich Schuchardt
The variable region is filled but never used. Remove it. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-22lib: crypto: export and enhance pkcs7_verify_one()AKASHI Takahiro
The function, pkcs7_verify_one(), will be utilized to rework signature verification logic aiming to support intermediate certificates in "chain of trust." To do that, its function interface is expanded, adding an extra argument which is expected to return the last certificate in trusted chain. Then, this last one must further be verified with signature database, db and/or dbx. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-22lib: crypto: add pkcs7_digest()AKASHI Takahiro
This function was nullified when the file, pkcs7_verify.c, was imported because it calls further linux-specific interfaces inside, hence that could lead to more files being imported from linux. We need this function in pkcs7_verify_one() and so simply re-implement it here instead of re-using the code. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-22lib: crypto: import pkcs7_verify.c from linuxAKASHI Takahiro
The file, pkcs7_verify.c, will now be imported from linux code (crypto/asymmetric_keys/pkcs7_verify.c in 5.7) and modified to fit into U-Boot environment. In particular, pkcs7_verify_one() function will be used in a later patch to rework signature verification logic aiming to support intermediate certificates in "chain of trust." Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-22lib: crypto: enable x509_check_for_self_signed()AKASHI Takahiro
When the file, x509_public_key.c, was imported from linux code in commit b4adf627d5b7 ("lib: crypto: add x509 parser"), x509_check_for_self_signed() was commented out for simplicity. Now it need be enabled in order to make pkcs7_verify_one(), which will be imported in a later patch, functional. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-22lib: crypto: add public_key_verify_signature()AKASHI Takahiro
This function will be called from x509_check_for_self_signed() and pkcs7_verify_one(), which will be imported from linux in a later patch. While it does exist in linux code and has a similar functionality of rsa_verify(), it calls further linux-specific interfaces inside. That could lead to more files being imported from linux. So simply re-implement it here instead of re-using the code. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-05-18common: Drop linux/bug.h from common headerSimon Glass
Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18common: Drop log.h from common headerSimon Glass
Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-04lib/crypto, efi_loader: move some headers to include/cryptoAKASHI Takahiro
Pkcs7_parse.h and x509_parser.h are used in UEFI subsystem, in particular, secure boot. So move them to include/crypto to avoid relative paths. Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Don't include include x509_parser.h twice. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-05-04lib/crypto, efi_loader: avoid multiple inclusions of header filesAKASHI Takahiro
By adding extra symbols, we can now avoid including x509_parser and pkcs7_parser.h files multiple times. Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Don't include include x509_parser.h twice. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-02-05dm: core: Create a new header file for 'compat' featuresSimon Glass
At present dm/device.h includes the linux-compatible features. This requires including linux/compat.h which in turn includes a lot of headers. One of these is malloc.h which we thus end up including in every file in U-Boot. Apart from the inefficiency of this, it is problematic for sandbox which needs to use the system malloc() in some files. Move the compatibility features into a separate header file. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05dm: core: Require users of devres to include the headerSimon Glass
At present devres.h is included in all files that include dm.h but few make use of it. Also this pulls in linux/compat which adds several more headers. Drop the automatic inclusion and require files to include devres themselves. This provides a good indication of which files use devres. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Anatolij Gustschin <agust@denx.de>
2019-12-06lib: crypto: add pkcs7 message parserAKASHI Takahiro
Imported from linux kernel v5.3: pkcs7.asn1 without changes pkcs7.h with changes marked as __UBOOT__ pkcs7_parser.h without changes pkcs7_parser.c with changes marked as __UBOOT__ Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2019-12-06lib: crypto: add x509 parserAKASHI Takahiro
Imported from linux kernel v5.3: x509.asn1 without changes x509_akid.asn1 without changes x509_parser.h without changes x509_cert_parser.c with changes marked as __UBOOT__ x509_public_key.c with changes marked as __UBOOT__ Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2019-12-06lib: crypto: add rsa public key parserAKASHI Takahiro
Imported from linux kernel v5.3: rsapubkey.asn1 without changes rsa.h without changes rsa_helper.c with changes marked as __UBOOT__ Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2019-12-06lib: crypto: add public key utilityAKASHI Takahiro
Imported from linux kernel v5.3: asymmetric-type.h with changes marked as __UBOOT__ asymmetric_type.c with changes marked as __UBOOT__ public_key.h with changes marked as __UBOOT__ public_key.c with changes marked as __UBOOT__ Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>