u-boot/lib/rsa/rsa-checksum.c
Andrew Duda da29f2991d rsa: Verify RSA padding programatically
Padding verification was done against static SHA/RSA pair arrays which
take up a lot of static memory, are mostly 0xff, and cannot be reused
for additional SHA/RSA pairings. The padding can be easily computed
according to PKCS#1v2.1 as:

  EM = 0x00 || 0x01 || PS || 0x00 || T

where PS is (emLen - tLen - 3) octets of 0xff and T is DER encoding
of the hash.

Store DER prefix in checksum_algo and create rsa_verify_padding
function to handle verification of a message for any SHA/RSA pairing.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21 14:07:30 -05:00

52 lines
989 B
C

/*
* Copyright (c) 2013, Andreas Oetken.
*
* SPDX-License-Identifier: GPL-2.0+
*/
#ifndef USE_HOSTCC
#include <common.h>
#include <fdtdec.h>
#include <asm/byteorder.h>
#include <linux/errno.h>
#include <asm/unaligned.h>
#include <hash.h>
#else
#include "fdt_host.h"
#endif
#include <u-boot/rsa.h>
int hash_calculate(const char *name,
const struct image_region region[],
int region_count, uint8_t *checksum)
{
struct hash_algo *algo;
int ret = 0;
void *ctx;
uint32_t i;
i = 0;
ret = hash_progressive_lookup_algo(name, &algo);
if (ret)
return ret;
ret = algo->hash_init(algo, &ctx);
if (ret)
return ret;
for (i = 0; i < region_count - 1; i++) {
ret = algo->hash_update(algo, ctx, region[i].data,
region[i].size, 0);
if (ret)
return ret;
}
ret = algo->hash_update(algo, ctx, region[i].data, region[i].size, 1);
if (ret)
return ret;
ret = algo->hash_finish(algo, ctx, checksum, algo->digest_size);
if (ret)
return ret;
return 0;
}