[U-Boot,1/4] rsa: cosmetic: rename pad_len to key_len

Message ID	010101584549df3d-f1973c42-cc9a-4ead-9101-6dc6da46ed0e-000000@us-west-2.amazonses.com
State	Accepted
Commit	5300a4f9336291fb713fcfaf9ea6e51b71824800
Delegated to:	Tom Rini
Headers	show Return-Path: <u-boot-bounces@lists.denx.de> From: aduda <aduda@meraki.com> To: u-boot@lists.denx.de Date: Tue, 8 Nov 2016 18:53:39 +0000 Message-ID: <010101584549df3d-f1973c42-cc9a-4ead-9101-6dc6da46ed0e-000000@us-west-2.amazonses.com> Feedback-ID: 1.us-west-2.DxRZOCs9DiH8lxfPkAlniueNDmTBJB7vVnRhSIlFZi0=:AmazonSES Cc: Michal Simek <michal.simek@xilinx.com>, Daniel Allred <d-allred@ti.com> Subject: [U-Boot] [PATCH 1/4] rsa: cosmetic: rename pad_len to key_len Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" <u-boot-bounces@lists.denx.de>

Message ID

010101584549df3d-f1973c42-cc9a-4ead-9101-6dc6da46ed0e-000000@us-west-2.amazonses.com

State

Accepted

Commit

5300a4f9336291fb713fcfaf9ea6e51b71824800

Delegated to:

Tom Rini

Headers

show

Return-Path: <u-boot-bounces@lists.denx.de>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from theia.denx.de (theia.denx.de [85.214.87.163])
	by ozlabs.org (Postfix) with ESMTP id 3tDL0G58zXz9s65
	for <incoming@patchwork.ozlabs.org>;
	Wed,  9 Nov 2016 20:06:53 +1100 (AEDT)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (1024-bit key;
	unprotected) header.d=meraki.com header.i=@meraki.com
	header.b="jqpHeaSk"; 
	dkim=fail reason="signature verification failed" (1024-bit key;
	unprotected) header.d=amazonses.com header.i=@amazonses.com
	header.b="ZR60oZHi"; dkim-atps=neutral
Received: from localhost (localhost [127.0.0.1])
	by theia.denx.de (Postfix) with ESMTP id EDEC84BA5C;
	Wed,  9 Nov 2016 10:06:48 +0100 (CET)
Received: from theia.denx.de ([127.0.0.1])
	by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id NzWllk3CW_bS; Wed,  9 Nov 2016 10:06:48 +0100 (CET)
Received: from theia.denx.de (localhost [127.0.0.1])
	by theia.denx.de (Postfix) with ESMTP id 7FC0E4B9F9;
	Wed,  9 Nov 2016 10:06:48 +0100 (CET)
Received: from localhost (localhost [127.0.0.1])
	by theia.denx.de (Postfix) with ESMTP id BF46E4B9F9
	for <u-boot@lists.denx.de>; Wed,  9 Nov 2016 10:06:45 +0100 (CET)
Received: from theia.denx.de ([127.0.0.1])
	by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 53K3ZRXsLqWm for <u-boot@lists.denx.de>;
	Wed,  9 Nov 2016 10:06:45 +0100 (CET)
X-Greylist: delayed 44177 seconds by postgrey-1.34 at theia;
	Wed, 09 Nov 2016 10:06:41 CET
X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5
	NOT_IN_BL_NJABL=-1.5 (only DNSBL check requested)
Received: from a27-106.smtp-out.us-west-2.amazonses.com
	(a27-106.smtp-out.us-west-2.amazonses.com [54.240.27.106])
	by theia.denx.de (Postfix) with ESMTP id 39D9C4B99D
	for <u-boot@lists.denx.de>; Wed,  9 Nov 2016 10:06:41 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
	s=ap56vgvphs2p3o6xqrnkf5qbpkog3pzi; d=meraki.com; t=1478631219;
	h=From:To:Cc:Subject:Date:Message-Id;
	bh=rYU2rypmXmHebmOA3NKO2LNfBmOItezqJd2vCAhQhZc=;
	b=jqpHeaSksCF+PkBkf0S7z72dJJWYno0RPw2RBM+fgNJAq/hGhp5sLT004DweUbbn
	4bl46QkaX/C4gjuj2Ype3G6hMjKT8Uywmgs0JqenhJaiAvnKAwXiezbsFUBQ4IfrxUf
	RLG2dALAvv6iBMWwM/jsFVx2OQMA3eqBP/xWDkZg=
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
	s=gdwg2y3kokkkj5a55z2ilkup5wp5hhxx; d=amazonses.com; t=1478631219;
	h=From:To:Cc:Subject:Date:Message-Id:Feedback-ID;
	bh=rYU2rypmXmHebmOA3NKO2LNfBmOItezqJd2vCAhQhZc=;
	b=ZR60oZHi0gKcLCFZtAMFgd3JgfDqq+fNBbT+TQc1rMDCpjl9P9BDdmQ/2xMnfUGQ
	fKcUxAiRdwEHhj0EjJZhw3B2bQvvM+FtssJto7bzz+xFybT8IACI3Uo9OTT7mlJeYy+
	qKPz6436TBIjzuM3+uGYm4/9mzYmt9b072FhlsI8=
From: aduda <aduda@meraki.com>
To: u-boot@lists.denx.de
Date: Tue, 8 Nov 2016 18:53:39 +0000
Message-ID: <010101584549df3d-f1973c42-cc9a-4ead-9101-6dc6da46ed0e-000000@us-west-2.amazonses.com>
X-Mailer: git-send-email 2.10.2
X-SES-Outgoing: 2016.11.09-54.240.27.106
Feedback-ID: 1.us-west-2.DxRZOCs9DiH8lxfPkAlniueNDmTBJB7vVnRhSIlFZi0=:AmazonSES
Cc: Michal Simek <michal.simek@xilinx.com>, Daniel Allred <d-allred@ti.com>
Subject: [U-Boot] [PATCH 1/4] rsa: cosmetic: rename pad_len to key_len
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <http://lists.denx.de/mailman/options/u-boot>,
	<mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <http://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <http://lists.denx.de/mailman/listinfo/u-boot>,
	<mailto:u-boot-request@lists.denx.de?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>

Commit Message

aduda Nov. 8, 2016, 6:53 p.m. UTC

From: Andrew Duda <aduda@meraki.com>

checksum_algo's pad_len field isn't actually used to store the length of
the padding but the total length of the RSA key (msg_len + pad_len)

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
---

 include/image.h      | 2 +-
 lib/rsa/rsa-verify.c | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

Comments

Simon Glass Nov. 11, 2016, 4:17 p.m. UTC | #1

Hi,

On 8 November 2016 at 11:53, aduda <aduda@meraki.com> wrote:
> From: Andrew Duda <aduda@meraki.com>
>
> checksum_algo's pad_len field isn't actually used to store the length of
> the padding but the total length of the RSA key (msg_len + pad_len)

Perhaps it should be padded_key_len or padded_len?

>
> Signed-off-by: Andrew Duda <aduda@meraki.com>
> Signed-off-by: aduda <aduda@meraki.com>
> ---
>
>  include/image.h      | 2 +-
>  lib/rsa/rsa-verify.c | 6 +++---
>  2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/include/image.h b/include/image.h
> index 2b1296c..bfe10a0 100644
> --- a/include/image.h
> +++ b/include/image.h
> @@ -1070,7 +1070,7 @@ struct image_region {
>  struct checksum_algo {
>         const char *name;
>         const int checksum_len;
> -       const int pad_len;
> +       const int key_len;
>  #if IMAGE_ENABLE_SIGN
>         const EVP_MD *(*calculate_sign)(void);
>  #endif
> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
> index 442b769..5418f59 100644
> --- a/lib/rsa/rsa-verify.c
> +++ b/lib/rsa/rsa-verify.c
> @@ -84,7 +84,7 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
>         }
>
>         padding = algo->rsa_padding;
> -       pad_len = algo->pad_len - algo->checksum_len;
> +       pad_len = algo->key_len - algo->checksum_len;
>
>         /* Check pkcs1.5 padding bytes. */
>         if (memcmp(buf, padding, pad_len)) {
> @@ -160,7 +160,7 @@ int rsa_verify(struct image_sign_info *info,
>  {
>         const void *blob = info->fdt_blob;
>         /* Reserve memory for maximum checksum-length */
> -       uint8_t hash[info->algo->checksum->pad_len];
> +       uint8_t hash[info->algo->checksum->key_len];
>         int ndepth, noffset;
>         int sig_node, node;
>         char name[100];
> @@ -171,7 +171,7 @@ int rsa_verify(struct image_sign_info *info,
>          * rsa-signature-length
>          */
>         if (info->algo->checksum->checksum_len >
> -           info->algo->checksum->pad_len) {
> +           info->algo->checksum->key_len) {
>                 debug("%s: invlaid checksum-algorithm %s for %s\n",
>                       __func__, info->algo->checksum->name, info->algo->name);
>                 return -EINVAL;
> --
> 2.10.2
>

Regards,
Simon

Andrew Duda Nov. 11, 2016, 9:16 p.m. UTC | #2

Simon,

padded_len could work. I decided to go with key_len to be more
RSA-independent since I have been dealing with ECDSA primarily. More
specifically, ECDSA has no notion of padding or padded_len, but it
does have a notion of key_len. And in RSA, I believe the padded_len is
the same as the key_len. So the name key_len name would be applicable
to both RSA and ECDSA. Granted, only RSA is currently supported in
u-boot so I wouldn't have much of a problem updating this to
padded_len.

(sorry for the duplicate Simon)

Thanks,
Andrew

On Fri, Nov 11, 2016 at 8:17 AM, Simon Glass <sjg@chromium.org> wrote:
> Hi,
>
> On 8 November 2016 at 11:53, aduda <aduda@meraki.com> wrote:
>> From: Andrew Duda <aduda@meraki.com>
>>
>> checksum_algo's pad_len field isn't actually used to store the length of
>> the padding but the total length of the RSA key (msg_len + pad_len)
>
> Perhaps it should be padded_key_len or padded_len?
>
>>
>> Signed-off-by: Andrew Duda <aduda@meraki.com>
>> Signed-off-by: aduda <aduda@meraki.com>
>> ---
>>
>>  include/image.h      | 2 +-
>>  lib/rsa/rsa-verify.c | 6 +++---
>>  2 files changed, 4 insertions(+), 4 deletions(-)
>>
>> diff --git a/include/image.h b/include/image.h
>> index 2b1296c..bfe10a0 100644
>> --- a/include/image.h
>> +++ b/include/image.h
>> @@ -1070,7 +1070,7 @@ struct image_region {
>>  struct checksum_algo {
>>         const char *name;
>>         const int checksum_len;
>> -       const int pad_len;
>> +       const int key_len;
>>  #if IMAGE_ENABLE_SIGN
>>         const EVP_MD *(*calculate_sign)(void);
>>  #endif
>> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
>> index 442b769..5418f59 100644
>> --- a/lib/rsa/rsa-verify.c
>> +++ b/lib/rsa/rsa-verify.c
>> @@ -84,7 +84,7 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
>>         }
>>
>>         padding = algo->rsa_padding;
>> -       pad_len = algo->pad_len - algo->checksum_len;
>> +       pad_len = algo->key_len - algo->checksum_len;
>>
>>         /* Check pkcs1.5 padding bytes. */
>>         if (memcmp(buf, padding, pad_len)) {
>> @@ -160,7 +160,7 @@ int rsa_verify(struct image_sign_info *info,
>>  {
>>         const void *blob = info->fdt_blob;
>>         /* Reserve memory for maximum checksum-length */
>> -       uint8_t hash[info->algo->checksum->pad_len];
>> +       uint8_t hash[info->algo->checksum->key_len];
>>         int ndepth, noffset;
>>         int sig_node, node;
>>         char name[100];
>> @@ -171,7 +171,7 @@ int rsa_verify(struct image_sign_info *info,
>>          * rsa-signature-length
>>          */
>>         if (info->algo->checksum->checksum_len >
>> -           info->algo->checksum->pad_len) {
>> +           info->algo->checksum->key_len) {
>>                 debug("%s: invlaid checksum-algorithm %s for %s\n",
>>                       __func__, info->algo->checksum->name, info->algo->name);
>>                 return -EINVAL;
>> --
>> 2.10.2
>>
>
> Regards,
> Simon

Simon Glass Nov. 14, 2016, 7:04 p.m. UTC | #3

On 11 November 2016 at 14:16, Andrew Duda <andrew.duda@meraki.net> wrote:
>
> Simon,
>
> padded_len could work. I decided to go with key_len to be more
> RSA-independent since I have been dealing with ECDSA primarily. More
> specifically, ECDSA has no notion of padding or padded_len, but it
> does have a notion of key_len. And in RSA, I believe the padded_len is
> the same as the key_len. So the name key_len name would be applicable
> to both RSA and ECDSA. Granted, only RSA is currently supported in
> u-boot so I wouldn't have much of a problem updating this to
> padded_len.
>
> (sorry for the duplicate Simon)

OK I see.

Reviewed-by: Simon Glass <sjg@chromium.org>

>
> Thanks,
> Andrew
>
> On Fri, Nov 11, 2016 at 8:17 AM, Simon Glass <sjg@chromium.org> wrote:
> > Hi,
> >
> > On 8 November 2016 at 11:53, aduda <aduda@meraki.com> wrote:
> >> From: Andrew Duda <aduda@meraki.com>
> >>
> >> checksum_algo's pad_len field isn't actually used to store the length of
> >> the padding but the total length of the RSA key (msg_len + pad_len)
> >
> > Perhaps it should be padded_key_len or padded_len?
> >
> >>
> >> Signed-off-by: Andrew Duda <aduda@meraki.com>
> >> Signed-off-by: aduda <aduda@meraki.com>
> >> ---
> >>
> >>  include/image.h      | 2 +-
> >>  lib/rsa/rsa-verify.c | 6 +++---
> >>  2 files changed, 4 insertions(+), 4 deletions(-)
> >>
> >> diff --git a/include/image.h b/include/image.h
> >> index 2b1296c..bfe10a0 100644
> >> --- a/include/image.h
> >> +++ b/include/image.h
> >> @@ -1070,7 +1070,7 @@ struct image_region {
> >>  struct checksum_algo {
> >>         const char *name;
> >>         const int checksum_len;
> >> -       const int pad_len;
> >> +       const int key_len;
> >>  #if IMAGE_ENABLE_SIGN
> >>         const EVP_MD *(*calculate_sign)(void);
> >>  #endif
> >> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
> >> index 442b769..5418f59 100644
> >> --- a/lib/rsa/rsa-verify.c
> >> +++ b/lib/rsa/rsa-verify.c
> >> @@ -84,7 +84,7 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
> >>         }
> >>
> >>         padding = algo->rsa_padding;
> >> -       pad_len = algo->pad_len - algo->checksum_len;
> >> +       pad_len = algo->key_len - algo->checksum_len;
> >>
> >>         /* Check pkcs1.5 padding bytes. */
> >>         if (memcmp(buf, padding, pad_len)) {
> >> @@ -160,7 +160,7 @@ int rsa_verify(struct image_sign_info *info,
> >>  {
> >>         const void *blob = info->fdt_blob;
> >>         /* Reserve memory for maximum checksum-length */
> >> -       uint8_t hash[info->algo->checksum->pad_len];
> >> +       uint8_t hash[info->algo->checksum->key_len];
> >>         int ndepth, noffset;
> >>         int sig_node, node;
> >>         char name[100];
> >> @@ -171,7 +171,7 @@ int rsa_verify(struct image_sign_info *info,
> >>          * rsa-signature-length
> >>          */
> >>         if (info->algo->checksum->checksum_len >
> >> -           info->algo->checksum->pad_len) {
> >> +           info->algo->checksum->key_len) {
> >>                 debug("%s: invlaid checksum-algorithm %s for %s\n",
> >>                       __func__, info->algo->checksum->name, info->algo->name);
> >>                 return -EINVAL;
> >> --
> >> 2.10.2
> >>
> >
> > Regards,
> > Simon

Tom Rini Nov. 22, 2016, 2:54 a.m. UTC | #4

On Tue, Nov 08, 2016 at 06:53:39PM +0000, aduda wrote:

> From: Andrew Duda <aduda@meraki.com>
> 
> checksum_algo's pad_len field isn't actually used to store the length of
> the padding but the total length of the RSA key (msg_len + pad_len)
> 
> Signed-off-by: Andrew Duda <aduda@meraki.com>
> Signed-off-by: aduda <aduda@meraki.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>

Applied to u-boot/master, thanks!

diff --git a/include/image.h b/include/image.h
index 2b1296c..bfe10a0 100644
--- a/include/image.h
+++ b/include/image.h
@@ -1070,7 +1070,7 @@  struct image_region {
 struct checksum_algo {
 	const char *name;
 	const int checksum_len;
-	const int pad_len;
+	const int key_len;
 #if IMAGE_ENABLE_SIGN
 	const EVP_MD *(*calculate_sign)(void);
 #endif
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 442b769..5418f59 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -84,7 +84,7 @@  static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
 	}
 
 	padding = algo->rsa_padding;
-	pad_len = algo->pad_len - algo->checksum_len;
+	pad_len = algo->key_len - algo->checksum_len;
 
 	/* Check pkcs1.5 padding bytes. */
 	if (memcmp(buf, padding, pad_len)) {
@@ -160,7 +160,7 @@  int rsa_verify(struct image_sign_info *info,
 {
 	const void *blob = info->fdt_blob;
 	/* Reserve memory for maximum checksum-length */
-	uint8_t hash[info->algo->checksum->pad_len];
+	uint8_t hash[info->algo->checksum->key_len];
 	int ndepth, noffset;
 	int sig_node, node;
 	char name[100];
@@ -171,7 +171,7 @@  int rsa_verify(struct image_sign_info *info,
 	 * rsa-signature-length
 	 */
 	if (info->algo->checksum->checksum_len >
-	    info->algo->checksum->pad_len) {
+	    info->algo->checksum->key_len) {
 		debug("%s: invlaid checksum-algorithm %s for %s\n",
 		      __func__, info->algo->checksum->name, info->algo->name);
 		return -EINVAL;

[U-Boot,1/4] rsa: cosmetic: rename pad_len to key_len

Commit Message

Comments

Patch