mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-12-01 00:49:43 +00:00
da29f2991d
Padding verification was done against static SHA/RSA pair arrays which take up a lot of static memory, are mostly 0xff, and cannot be reused for additional SHA/RSA pairings. The padding can be easily computed according to PKCS#1v2.1 as: EM = 0x00 || 0x01 || PS || 0x00 || T where PS is (emLen - tLen - 3) octets of 0xff and T is DER encoding of the hash. Store DER prefix in checksum_algo and create rsa_verify_padding function to handle verification of a message for any SHA/RSA pairing. Signed-off-by: Andrew Duda <aduda@meraki.com> Signed-off-by: aduda <aduda@meraki.com> Reviewed-by: Simon Glass <sjg@chromium.org>
25 lines
661 B
C
25 lines
661 B
C
#ifndef _SHA256_H
|
|
#define _SHA256_H
|
|
|
|
#define SHA256_SUM_LEN 32
|
|
#define SHA256_DER_LEN 19
|
|
|
|
extern const uint8_t sha256_der_prefix[];
|
|
|
|
/* Reset watchdog each time we process this many bytes */
|
|
#define CHUNKSZ_SHA256 (64 * 1024)
|
|
|
|
typedef struct {
|
|
uint32_t total[2];
|
|
uint32_t state[8];
|
|
uint8_t buffer[64];
|
|
} sha256_context;
|
|
|
|
void sha256_starts(sha256_context * ctx);
|
|
void sha256_update(sha256_context *ctx, const uint8_t *input, uint32_t length);
|
|
void sha256_finish(sha256_context * ctx, uint8_t digest[SHA256_SUM_LEN]);
|
|
|
|
void sha256_csum_wd(const unsigned char *input, unsigned int ilen,
|
|
unsigned char *output, unsigned int chunk_sz);
|
|
|
|
#endif /* _SHA256_H */
|