22 Nov, 2016

1 commit

• da29f2991   rsa: Verify RSA padding programatically ... Browse Code »

  Padding verification was done against static SHA/RSA pair arrays which
  take up a lot of static memory, are mostly 0xff, and cannot be reused
  for additional SHA/RSA pairings. The padding can be easily computed
  according to PKCS#1v2.1 as:

  EM = 0x00 || 0x01 || PS || 0x00 || T

  where PS is (emLen - tLen - 3) octets of 0xff and T is DER encoding
  of the hash.

  Store DER prefix in checksum_algo and create rsa_verify_padding
  function to handle verification of a message for any SHA/RSA pairing.

  Signed-off-by: Andrew Duda
  Signed-off-by: aduda
  Reviewed-by: Simon Glass

  Andrew Duda

  2016-11-22 03:07:30 +0800  

24 Sep, 2016

1 commit

• 1221ce459   treewide: replace #include <asm/errno.h> with <linux/errno.h> ... Browse Code »

  Now, arch/${ARCH}/include/asm/errno.h and include/linux/errno.h have
  the same content. (both just wrap )

  Replace all include directives for with .

  Signed-off-by: Masahiro Yamada
  [trini: Fixup include/clk.]
  Signed-off-by: Tom Rini

  Masahiro Yamada

  2016-09-24 05:55:42 +0800  

30 Jan, 2015

1 commit

• b37b46f04   rsa: Use checksum algorithms from struct hash_algo ... Browse Code »

  Currently the hash functions used in RSA are called directly from the sha1
  and sha256 libraries. Change the RSA checksum library to use the progressive
  hash API's registered with struct hash_algo. This will allow the checksum
  library to use the hardware accelerated progressive hash API's once available.

  Signed-off-by: Ruchika Gupta
  CC: Simon Glass
  Acked-by: Simon Glass
  Signed-off-by: Simon Glass
  (Fixed build error in am335x_boneblack_vboot due to duplicate CONFIG_DM)

  Change-Id: Ic44279432f88d4e8594c6e94feb1cfcae2443a54

  Ruchika Gupta

  2015-01-30 08:09:59 +0800  

19 Jun, 2014

1 commit

• 2b9912e6a   includes: move openssl headers to include/u-boot ... Browse Code »

  commit 18b06652cd "tools: include u-boot version of sha256.h"
  unconditionally forced the sha256.h from u-boot to be used
  for tools instead of the host version. This is fragile though
  as it will also include the host version. Therefore move it
  to include/u-boot to join u-boot/md5.h etc which were renamed
  for the same reason.

  cc: Simon Glass
  Signed-off-by: Jeroen Hofstee

  Jeroen Hofstee

  2014-06-19 23:19:04 +0800  

22 Mar, 2014

3 commits

• 29a23f9d6   tools, fit_check_sign: verify a signed fit image ... Browse Code »

  add host tool "fit_check_sign" which verifies, if a fit image is
  signed correct.

  Signed-off-by: Heiko Schocher
  Cc: Simon Glass

  Heiko Schocher

  2014-03-22 04:40:38 +0800  
• db1b5f3d2   rsa: add sha256,rsa4096 algorithm ... Browse Code »

  Add support for sha256,rsa4096 signatures in u-boot.

  Signed-off-by: Heiko Schocher
  Acked-by: Simon Glass
  Cc: andreas@oetken.name

  Heiko Schocher

  2014-03-22 04:39:35 +0800  
• 646257d1f   rsa: add sha256-rsa2048 algorithm ... Browse Code »

  based on patch from andreas@oetken.name:

  http://patchwork.ozlabs.org/patch/294318/
  commit message:
  I currently need support for rsa-sha256 signatures in u-boot and found out that
  the code for signatures is not very generic. Thus adding of different
  hash-algorithms for rsa-signatures is not easy to do without copy-pasting the
  rsa-code. I attached a patch for how I think it could be better and included
  support for rsa-sha256. This is a fast first shot.

  aditionally work:
  - removed checkpatch warnings
  - removed compiler warnings
  - rebased against current head

  Signed-off-by: Heiko Schocher
  Cc: andreas@oetken.name
  Cc: Simon Glass

  Heiko Schocher

  2014-03-22 04:39:34 +0800