X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=common%2Fimage-sig.c;h=eda5e1353ab0add00db84fd00a53590ac28238cc;hb=edd35f712ec74f7d34702ba891d8e1fdc8a9955f;hp=5d907cfc42c66b3a4971bc00c24771a7420a9a2a;hpb=fbbbc86e8ebac4f42f4ca39ceba80cea27c983bc;p=u-boot diff --git a/common/image-sig.c b/common/image-sig.c index 5d907cfc42..eda5e1353a 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -1,20 +1,7 @@ /* * Copyright (c) 2013, Google Inc. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of - * the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, - * MA 02111-1307 USA + * SPDX-License-Identifier: GPL-2.0+ */ #ifdef USE_HOSTCC @@ -26,17 +13,80 @@ DECLARE_GLOBAL_DATA_PTR; #endif /* !USE_HOSTCC*/ #include -#include +#include +#include #define IMAGE_MAX_HASHED_NODES 100 +#ifdef USE_HOSTCC +void *host_blob; +void image_set_host_blob(void *blob) +{ + host_blob = blob; +} +void *image_get_host_blob(void) +{ + return host_blob; +} +#endif + +struct checksum_algo checksum_algos[] = { + { + "sha1", + SHA1_SUM_LEN, + RSA2048_BYTES, +#if IMAGE_ENABLE_SIGN + EVP_sha1, +#endif + hash_calculate, + padding_sha1_rsa2048, + }, + { + "sha256", + SHA256_SUM_LEN, + RSA2048_BYTES, +#if IMAGE_ENABLE_SIGN + EVP_sha256, +#endif + hash_calculate, + padding_sha256_rsa2048, + }, + { + "sha256", + SHA256_SUM_LEN, + RSA4096_BYTES, +#if IMAGE_ENABLE_SIGN + EVP_sha256, +#endif + hash_calculate, + padding_sha256_rsa4096, + } + +}; + struct image_sig_algo image_sig_algos[] = { { "sha1,rsa2048", rsa_sign, rsa_add_verify_data, rsa_verify, + &checksum_algos[0], + }, + { + "sha256,rsa2048", + rsa_sign, + rsa_add_verify_data, + rsa_verify, + &checksum_algos[1], + }, + { + "sha256,rsa4096", + rsa_sign, + rsa_add_verify_data, + rsa_verify, + &checksum_algos[2], } + }; struct image_sig_algo *image_get_sig_algo(const char *name) @@ -162,9 +212,7 @@ static int fit_image_verify_sig(const void *fit, int image_noffset, int ret; /* Process all hash subnodes of the component image node */ - for (noffset = fdt_first_subnode(fit, image_noffset); - noffset >= 0; - noffset = fdt_next_subnode(fit, noffset)) { + fdt_for_each_subnode(fit, noffset, image_noffset) { const char *name = fit_get_name(fit, noffset, NULL); if (!strncmp(name, FIT_SIG_NODENAME, @@ -212,9 +260,7 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset, return 0; } - for (noffset = fdt_first_subnode(sig_blob, sig_node); - noffset >= 0; - noffset = fdt_next_subnode(sig_blob, noffset)) { + fdt_for_each_subnode(sig_blob, noffset, sig_node) { const char *required; int ret; @@ -347,9 +393,7 @@ static int fit_config_verify_sig(const void *fit, int conf_noffset, int ret; /* Process all hash subnodes of the component conf node */ - for (noffset = fdt_first_subnode(fit, conf_noffset); - noffset >= 0; - noffset = fdt_next_subnode(fit, noffset)) { + fdt_for_each_subnode(fit, noffset, conf_noffset) { const char *name = fit_get_name(fit, noffset, NULL); if (!strncmp(name, FIT_SIG_NODENAME, @@ -394,9 +438,7 @@ int fit_config_verify_required_sigs(const void *fit, int conf_noffset, return 0; } - for (noffset = fdt_first_subnode(sig_blob, sig_node); - noffset >= 0; - noffset = fdt_next_subnode(sig_blob, noffset)) { + fdt_for_each_subnode(sig_blob, noffset, sig_node) { const char *required; int ret; @@ -417,6 +459,6 @@ int fit_config_verify_required_sigs(const void *fit, int conf_noffset, int fit_config_verify(const void *fit, int conf_noffset) { - return !fit_config_verify_required_sigs(fit, conf_noffset, - gd_fdt_blob()); + return fit_config_verify_required_sigs(fit, conf_noffset, + gd_fdt_blob()); }