summaryrefslogtreecommitdiff
path: root/lib/rsa
AgeCommit message (Collapse)Author
2020-09-14rsa: crash in br_i32_decode() called from rsa_gen_key_prop()Robert Reither
Fixes problem for unaligned 32bit big-endian access in lib/rsa/rsa-keyprop.c. Exchanges br_i32_decode() with get_unaligned_be32(). This will keep the unaligned access for architectures capable and will do some byte-shift magic for the not so capable ones. Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-by: Robert Reither <robert.reither@external.thalesgroup.com> Remove unused include. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-08-27lib/rsa: correct check after allocation in fdt_add_bignum()Heinrich Schuchardt
After allocating to pointer ctx we should check that pointer and not another pointer already checked above. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-07-11lib: rsa: export rsa_verify_with_pkey()AKASHI Takahiro
This function will be used to implement public_key_verify_signature() in a later patch. rsa_verify() is not suitable here because calculation of message digest is not necessary. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-08lib: rsa: function to verify a signature against a hashHeiko Stuebner
rsa_verify() expects a memory region and wants to do the hashing itself, but there may be cases where the hashing is done via other means, like hashing a squashfs rootfs. So add rsa_verify_hash() to allow verifiying a signature against an existing hash. As this entails the same verification routines we can just move the relevant code over from rsa_verify() and also call rsa_verify_hash() from there. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
2020-07-08lib: rsa: add documentation to padding_pss_verify to document limitationsHeiko Stuebner
padding_pss_verify only works with the default pss salt setting of -2 (length to be automatically determined based on the PSS block structure) not -1 (salt length set to the maximum permissible value), which makes verifications of signatures with that saltlen fail. Until this gets implemented at least document this behaviour. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-07-08lib: rsa: free local arrays after use in rsa_gen_key_prop()Heiko Stuebner
n, rr and rrtmp are used for internal calculations, but in the end the results are copied into separately allocated elements of the actual key_prop, so the n, rr and rrtmp elements are not used anymore when returning from the function and should of course be freed. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-07-08lib: rsa: fix allocated size for rr and rrtmp in rsa_gen_key_prop()Heiko Stuebner
When calculating rrtmp/rr rsa_gen_key_prop() tries to make (((rlen + 31) >> 5) + 1) steps in the rr uint32_t array and (((rlen + 7) >> 3) + 1) / 4 steps in uint32_t rrtmp[] with rlen being num_bits * 2 On a 4096bit key this comes down to to 257 uint32_t elements in rr and 256 elements in rrtmp but with the current allocation rr and rrtmp only have 129 uint32_t elements. On 2048bit keys this works by chance as the defined max_rsa_size=4096 allocates a suitable number of elements, but with an actual 4096bit key this results in other memory parts getting overwritten. So as suggested by Heinrich Schuchardt just use the actual bit-size of the key as base for the size calculation, in turn making the code compatible to any future keysizes. Suggested-by: Heinrich Schuchardt <xypron.debian@gmx.de> Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Simon Glass <sjg@chromium.org> rrtmp needs 2 + (((*prop)->num_bits * 2) >> 5) array elements. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-08lib: rsa: bring exp_len in line when generating a key_propHeiko Stuebner
The exponent field of struct key_prop gets allocated an uint64_t, and the contents are positioned from the back, so an exponent of "0x01 0x00 0x01" becomes 0x0 0x0 0x0 0x0 0x0 0x1 0x0 0x1" Right now rsa_gen_key_prop() allocates a uint64_t but sets exp_len to the size returned from the parser, while on the other hand the when getting the key from the devicetree exp_len always gets set to sizeof(uint64_t). So bring that in line with the established code. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-07-08lib: rsa: take spl/non-spl into account when building rsa_verify_with_pkey()Heiko Stuebner
Right now in multiple places there are only checks for the full CONFIG_RSA_VERIFY_WITH_PKEY option, not split into main,spl,tpl variants. This breaks when the rsa functions get enabled for SPL, for example to verify u-boot proper from spl. So fix this by using the existing helpers to distinguis between build-steps. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-07-08lib: rsa: distinguish between tpl and spl for CONFIG_RSA_VERIFYHeiko Stuebner
While the SPL may want to do signature checking this won't be the case for TPL in all cases, as TPL is mostly used when the amount of initial memory is not enough for a full SPL. So on a system where SPL uses DM but TPL does not we currently end up with a TPL compile error of: lib/rsa/rsa-verify.c:48:25: error: dereferencing pointer to incomplete type ‘struct checksum_algo’ To prevent that change the $(SPL_) to $(SPL_TPL_) to distinguish between both. If someone really needs FIT signature checking in TPL as well, a new TPL_RSA_VERIFY config symbol needs to be added. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-05-18common: Drop log.h from common headerSimon Glass
Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-15lib: rsa: avoid overriding the object name when already specifiedJan Luebbe
If "object=" is specified in "keydir" when using the pkcs11 engine do not append another "object=<key-name-hint>". This makes it possible to use object names other than the key name hint. These two string identifiers are not necessarily equal. Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Bastian Krause <bst@pengutronix.de> Reviewed-by: George McCollister <george.mccollister@gmail.com>
2020-05-15lib: rsa: Also check for presence of r-squared propertyJan Kiszka
Better than crashing later if it is missing. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2020-05-15rsa: don't use malloc.h in rsa-sign.cJonathan Gray
stdlib.h is the header for malloc since at least c89/c90. There is no system malloc.h on OpenBSD and trying to use malloc.h here falls back to the U-Boot malloc.h breaking the build of qemu_arm64. Fixes: 336d4615f8 ("dm: core: Create a new header file for 'compat' features") Signed-off-by: Jonathan Gray <jsg@jsg.id.au>
2020-05-07rsa: fix alignment issue when getting public exponentHeiko Stuebner
To fill the exponent field of the rsa_public_key struct, rsa_mod_exp_sw did a cast to uint64_t of the key_prop->public_exponent field. But that alignment is not guaranteed in all cases. This came to light when in my spl-fit-signature the key-name exceeded a certain length and with it the verification then started failing. (naming it "integrity" worked fine, "integrity-uboot" failed) key_prop.public_exponent itself is actually a void-pointer, fdt_getprop() also just returns such a void-pointer and inside the devicetree the 64bit exponent is represented as 2 32bit numbers, so assuming a 64bit alignment can lead to false reads. So just use the already existing rsa_convert_big_endian() to do the actual conversion from the dt's big-endian to the needed uint64 value. Fixes: fc2f4246b4b3 ("rsa: Split the rsa-verify to separate the modular exponentiation") Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-04-07Merge tag 'xilinx-for-v2020.07' of ↵Tom Rini
https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-01image: Use constants for 'required' and 'key-name-hint'Simon Glass
These are used in multiple places so update them to use a shared #define. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
2020-03-12lib: rsa: add rsa_verify_with_pkey()AKASHI Takahiro
This function, and hence rsa_verify(), will perform RSA verification with two essential parameters for a RSA public key in contract of rsa_verify_with_keynode(), which requires additional three parameters stored in FIT image. It will be used in implementing UEFI secure boot, i.e. image authentication and variable authentication. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-03-12lib: rsa: generate additional parameters for public keyAKASHI Takahiro
In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-03-12rsa: add CONFIG_RSA_VERIFY_WITH_PKEY configAKASHI Takahiro
In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-03-12lib: rsa: decouple rsa from FIT image verificationAKASHI Takahiro
Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-05dm: core: Create a new header file for 'compat' featuresSimon Glass
At present dm/device.h includes the linux-compatible features. This requires including linux/compat.h which in turn includes a lot of headers. One of these is malloc.h which we thus end up including in every file in U-Boot. Apart from the inefficiency of this, it is problematic for sandbox which needs to use the system malloc() in some files. Move the compatibility features into a separate header file. Signed-off-by: Simon Glass <sjg@chromium.org>
2019-10-15rsa: Return immediately if required-key verification failsDaniele Alessandrelli
Currently, if image verification with a required key fails, rsa_verify() code tries to find another key to verify the FIT image. This however, is not the intended behavior as the documentation says that required keys "must be verified for the image / configuration to be considered valid". This patch fixes the issue by making rsa_verify() return immediately if the verification of a required key fails. Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli@gmail.com>
2019-07-18lib: rsa: add support to other openssl engine types than pkcs11Vesa Jääskeläinen
There are multiple other openssl engines used by HSMs that can be used to sign FIT images instead of forcing users to use pkcs11 type of service. Relax engine selection so that other openssl engines can be specified and use generic key id definition formula. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Cc: Tom Rini <trini@konsulko.com>
2019-03-25rsa: check that pointer checksum isn't NULL before using itPhilippe Reynes
The pointer checksum were used before checking that it isn't NULL. We move the code that use it after the check. Reported-by: Coverity (CID: 185835) Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2018-12-03rsa: add support of padding pssPhilippe Reynes
We add the support of the padding pss for rsa signature. This new padding is often recommended instead of pkcs-1.5. Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2018-12-03rsa: add a structure for the paddingPhilippe Reynes
The rsa signature use a padding algorithm. By default, we use the padding pkcs-1.5. In order to add some new padding algorithm, we add a padding framework to manage several padding algorithm. The choice of the padding is done in the file .its. Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2018-12-03rsa: use new openssl API to create signaturePhilippe Reynes
Previous implementation of the rsa signature was using the openssl API EVP_Sign*, but the new openssl API EVP_DigestSign* is more flexible. So we move to this new API. Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2018-08-13rsa: Fix LibreSSL before v2.7.0Caliph Nomble
Fix LibreSSL compilation for versions before v2.7.0. Signed-off-by: Caliph Nomble <nomble@palism.com> Reviewed-by: Jonathan Gray <jsg@jsg.id.au>
2018-07-19xilinx: zynq: Add support to secure imagesSiva Durga Prasad Paladugu
This patch basically adds two new commands for loadig secure images. 1. zynq rsa adds support to load secure image which can be both authenticated or encrypted or both authenticated and encrypted image in xilinx bootimage(BOOT.bin) format. 2. zynq aes command adds support to decrypt and load encrypted image back to DDR as per destination address. The image has to be encrypted using xilinx bootgen tool and to get only the encrypted image from tool use -split option while invoking bootgen. Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com> Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2018-06-19rsa: Fix missing memory leak on error in fdt_add_bignum()Simon Glass
Thsi function can fail without freeing all its memory. Fix it. Reported-by: Coverity (CID: 131217) Signed-off-by: Simon Glass <sjg@chromium.org>
2018-05-07SPDX: Convert all of our single license tags to Linux Kernel styleTom Rini
When U-Boot started using SPDX tags we were among the early adopters and there weren't a lot of other examples to borrow from. So we picked the area of the file that usually had a full license text and replaced it with an appropriate SPDX-License-Identifier: entry. Since then, the Linux Kernel has adopted SPDX tags and they place it as the very first line in a file (except where shebangs are used, then it's second line) and with slightly different comment styles than us. In part due to community overlap, in part due to better tag visibility and in part for other minor reasons, switch over to that style. This commit changes all instances where we have a single declared license in the tag as both the before and after are identical in tag contents. There's also a few places where I found we did not have a tag and have introduced one. Signed-off-by: Tom Rini <trini@konsulko.com>
2018-04-28lib/rsa: Kconfig: Remove superfluous 'depends on RSA'Eugeniu Rosca
RSA_SOFTWARE_EXP and RSA_FREESCALE_EXP are wrapped inside: if RSA ... endif So, remove the redundant "depends on RSA" from their depends expression. In addition, move SPL_RSA into the same "if RSA ... endif" block, since its only direct dependeny is CONFIG_RSA. This tidies up and simplifies reading of lib/rsa/Kconfig. No functional change intended. Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2017-05-12rsa: Fix build with OpenSSL 1.1.xJelle van der Waa
The rsa_st struct has been made opaque in 1.1.x, add forward compatible code to access the n, e, d members of rsa_struct. EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be called to reinitialise an already created structure.
2017-03-20Kconfig: Don't use RSA_FREESCALE_EXP on IMXGeorge McCollister
The CAAM in IMX parts doesn't support public key hardware acceleration (PKHA), so don't use RSA_FREESCALE_EXP. If you try to use it on IMX (assuming you have the clocks enabled first) you will get back an "Invalid KEY Command" error since PKHA isn't a valid key destination for these parts. Signed-off-by: George McCollister <george.mccollister@gmail.com> Reviewed-by: Tom Rini <trini@konsulko.com>
2017-01-14mkimage: Add support for signing with pkcs11George McCollister
Add support for signing with the pkcs11 engine. This allows FIT images to be signed with keys securely stored on a smartcard, hardware security module, etc without exposing the keys. Support for other engines can be added in the future by modifying rsa_engine_get_pub_key() and rsa_engine_get_priv_key() to construct correct key_id strings. Signed-off-by: George McCollister <george.mccollister@gmail.com>
2016-11-21image: Combine image_sig_algo with image_sign_infoAndrew Duda
Remove the need to explicitly add SHA/RSA pairings. Invalid SHA/RSA pairings will still fail on verify operations when the hash length is longer than the key length. Follow the same naming scheme "checksum,crytpo" without explicitly defining the string. Indirectly adds support for "sha1,rsa4096" signing/verification. Signed-off-by: Andrew Duda <aduda@meraki.com> Signed-off-by: aduda <aduda@meraki.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21image: Add crypto_algo struct for RSA infoAndrew Duda
Cut down on the repetition of algorithm information by defining separate checksum and crypto structs. image_sig_algos are now simply pairs of unique checksum and crypto algos. Signed-off-by: Andrew Duda <aduda@meraki.com> Signed-off-by: aduda <aduda@meraki.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21rsa: Verify RSA padding programaticallyAndrew Duda
Padding verification was done against static SHA/RSA pair arrays which take up a lot of static memory, are mostly 0xff, and cannot be reused for additional SHA/RSA pairings. The padding can be easily computed according to PKCS#1v2.1 as: EM = 0x00 || 0x01 || PS || 0x00 || T where PS is (emLen - tLen - 3) octets of 0xff and T is DER encoding of the hash. Store DER prefix in checksum_algo and create rsa_verify_padding function to handle verification of a message for any SHA/RSA pairing. Signed-off-by: Andrew Duda <aduda@meraki.com> Signed-off-by: aduda <aduda@meraki.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21rsa: cosmetic: rename pad_len to key_lenAndrew Duda
checksum_algo's pad_len field isn't actually used to store the length of the padding but the total length of the RSA key (msg_len + pad_len) Signed-off-by: Andrew Duda <aduda@meraki.com> Signed-off-by: aduda <aduda@meraki.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2016-09-23treewide: replace #include <asm/errno.h> with <linux/errno.h>Masahiro Yamada
Now, arch/${ARCH}/include/asm/errno.h and include/linux/errno.h have the same content. (both just wrap <asm-generic/errno.h>) Replace all include directives for <asm/errno.h> with <linux/errno.h>. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> [trini: Fixup include/clk.] Signed-off-by: Tom Rini <trini@konsulko.com>
2016-07-25tools, rsa: Further minor cleanups on top of c236ebd and 2b9ec7mario.six@gdsys.cc
[NOTE: I took v1 of these patches in, and then v2 came out, this commit is squashing the minor deltas from v1 -> v2 of updates to c236ebd and 2b9ec76 into this commit - trini] - Added an additional NULL check, as suggested by Simon Glass to fit_image_process_sig - Re-formatted the comment blocks Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org> [For merging the chnages from v2 back onto v1] Signed-off-by: Tom Rini <trini@konsulko.com>
2016-07-22rsa: Fix return value and masked errormario.six@gdsys.cc
When signing images, we repeatedly call fit_add_file_data() with successively increasing size values to include the keys in the DTB. Unfortunately, if large keys are used (such as 4096 bit RSA keys), this process fails sometimes, and mkimage needs to be called repeatedly to integrate the keys into the DTB. This is because fit_add_file_data actually returns the wrong error code, and the loop terminates prematurely, instead of trying again with a larger size value. This patch corrects the return value by fixing the return value of fdt_add_bignum, fixes a case where an error is masked by a unconditional setting of a return value variable, and also removes a error message, which is misleading, since we actually allow the function to fail. A (hopefully helpful) comment is also added to explain the lack of error message. This is probably related to 1152a05 ("tools: Correct error handling in fit_image_process_hash()") and the corresponding error reported here: https://www.mail-archive.com/u-boot@lists.denx.de/msg217417.html Signed-off-by: Mario Six <mario.six@gdsys.cc>
2016-06-12verified-boot: Minimal support for booting U-Boot proper from SPLTeddy Reed
This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation. The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Acked-by: Simon Glass <sjg@chromium.org> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Acked-by: Sumit Garg <sumit.garg@nxp.com>
2016-03-14Kconfig: Move CONFIG_FIT and related options to KconfigSimon Glass
There are already two FIT options in Kconfig but the CONFIG options are still in the header files. We need to do a proper move to fix this. Move these options to Kconfig and tidy up board configuration: CONFIG_FIT CONFIG_OF_BOARD_SETUP CONFIG_OF_SYSTEM_SETUP CONFIG_FIT_SIGNATURE CONFIG_FIT_BEST_MATCH CONFIG_FIT_VERBOSE CONFIG_OF_STDOUT_VIA_ALIAS CONFIG_RSA Unfortunately the first one is a little complicated. We need to make sure this option is not enabled in SPL by this change. Also this option is enabled automatically in the host builds by defining CONFIG_FIT in the image.h file. To solve this, add a new IMAGE_USE_FIT #define which can be used in files that are built on the host but must also build for U-Boot and SPL. Note: Masahiro's moveconfig.py script is amazing. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Add microblaze change, various configs/ re-applies] Signed-off-by: Tom Rini <trini@konsulko.com>
2015-03-05rsa : Compile Modular Exponentiation files based on CONFIG_RSA_SOFTWARE_EXPgaurav rana
Remove dependency of rsa_mod_exp from CONFIG_FIT_SIGNATURE. As rsa modular exponentiation is an independent module and can be invoked independently. Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com> Acked-by: Simon Glass <sjg@chromium.org> Reviewed-by: York Sun <yorksun@freescale.com>
2015-01-29rsa: Use checksum algorithms from struct hash_algoRuchika Gupta
Currently the hash functions used in RSA are called directly from the sha1 and sha256 libraries. Change the RSA checksum library to use the progressive hash API's registered with struct hash_algo. This will allow the checksum library to use the hardware accelerated progressive hash API's once available. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> Signed-off-by: Simon Glass <sjg@chromium.org> (Fixed build error in am335x_boneblack_vboot due to duplicate CONFIG_DM) Change-Id: Ic44279432f88d4e8594c6e94feb1cfcae2443a54
2015-01-29lib/rsa: Add Kconfig for devices supporting RSA Modular ExponentiationRuchika Gupta
Kconfig option added for devices which support RSA Verification. 1. RSA_SOFTWARE_EXP Enables driver for supporting RSA Modular Exponentiation in Software 2. RSA_FREESCALE_EXP Enables driver for supporting RSA Modular Exponentiation using Freescale specific driver The above drivers use RSA uclass Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> Signed-off-by: Simon Glass <sjg@chromium.org> (Removed duplicate line in Kconfig comment) Change-Id: I7663c4d5350e2bfc3dfa2696f70ef777d6ccc6f6
2015-01-29lib/rsa: Modify rsa to use DM driverRuchika Gupta
Modify rsa_verify to use the rsa driver of DM library .The tools will continue to use the same RSA sw library. CONFIG_RSA is now dependent on CONFIG_DM. All configurations which enable FIT based signatures have been modified to enable CONFIG_DM by default. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org>
2015-01-29rsa: Split the rsa-verify to separate the modular exponentiationRuchika Gupta
Public exponentiation which is required in rsa verify functionality is tightly integrated with verification code in rsa_verify.c. The patch splits the file into twp separating the modular exponentiation. 1. rsa-verify.c - The file parses device tree keys node to fill a keyprop structure. The keyprop structure can then be converted to implementation specific format. (struct rsa_pub_key for sw implementation) - The parsed device tree node is then passed to a generic rsa_mod_exp function. 2. rsa-mod-exp.c Move the software specific functions related to modular exponentiation from rsa-verify.c to this file. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org>