diff mbox

[U-Boot,U-Boot,v2] rsa: add a more flexible way to support different hash algorithms (e.g. sha256)

Message ID 842410203.349181.1385554208943.open-xchange@email.1und1.de
State Changes Requested
Delegated to: Tom Rini
Headers show

Commit Message

andreas@oetken.name Nov. 27, 2013, 12:10 p.m. UTC 
As proposed by Heiko I made some small changes and verified the patch with the
checkpatch-script.
 
 
From 169f40e72fceb222bb15dd59c1337f42371e97a5 Mon Sep 17 00:00:00 2001
From: Andreas Oetken <andreas.oetken@siemens.com>
Date: Wed, 27 Nov 2013 13:09:19 +0100
Subject: [PATCH] Added rsa-sha256 support.


Signed-off-by: Andreas Oetken <andreas.oetken@siemens.com>
---
 common/image-sig.c          |   33 +++++++++++++
 include/image.h             |   20 +++++++-
 include/rsa-checksum.h      |   25 ++++++++++
 include/rsa.h               |   17 +++++++
 lib/rsa/Makefile            |    2 +-
 lib/rsa/rsa-checksum.c      |  108 +++++++++++++++++++++++++++++++++++++++++++
 lib/rsa/rsa-sign.c          |   10 ++--
 lib/rsa/rsa-verify.c        |   80 +++++++++-----------------------
 test/vboot/sign-configs.its |    2 +-
 test/vboot/sign-images.its  |    2 +-
 10 files changed, 233 insertions(+), 66 deletions(-)
 create mode 100644 include/rsa-checksum.h
 create mode 100644 lib/rsa/rsa-checksum.c

--
1.7.10.4

Comments

Heiko Schocher Dec. 2, 2013, 6:10 a.m. UTC | #1 
Hello Andreas,

Am 27.11.2013 13:10, schrieb andreas@oetken.name:
> As proposed by Heiko I made some small changes and verified the patch with the
> checkpatch-script.
>
>
>> From 169f40e72fceb222bb15dd59c1337f42371e97a5 Mon Sep 17 00:00:00 2001
> From: Andreas Oetken<andreas.oetken@siemens.com>
> Date: Wed, 27 Nov 2013 13:09:19 +0100
> Subject: [PATCH] Added rsa-sha256 support.

Could you fix your commit message?

Please write in the commit message why and what you have changed
in your patch. After "---" you can write for example the changelog
of your patch, see a detailed help for sending patches, here:

http://www.denx.de/wiki/U-Boot/Patches

> Signed-off-by: Andreas Oetken<andreas.oetken@siemens.com>
> ---
>   common/image-sig.c          |   33 +++++++++++++
>   include/image.h             |   20 +++++++-
>   include/rsa-checksum.h      |   25 ++++++++++
>   include/rsa.h               |   17 +++++++
>   lib/rsa/Makefile            |    2 +-
>   lib/rsa/rsa-checksum.c      |  108 +++++++++++++++++++++++++++++++++++++++++++
>   lib/rsa/rsa-sign.c          |   10 ++--
>   lib/rsa/rsa-verify.c        |   80 +++++++++-----------------------
>   test/vboot/sign-configs.its |    2 +-
>   test/vboot/sign-images.its  |    2 +-
>   10 files changed, 233 insertions(+), 66 deletions(-)
>   create mode 100644 include/rsa-checksum.h
>   create mode 100644 lib/rsa/rsa-checksum.c

Hmm.. I tried to apply your patch, but I get:

pollux:u-boot hs [20131202] $ git am mbox
Wende an: rsa: add a more flexible way to support different hash algorithms (e.g. sha256)
fatal: fehlerhafter Patch bei Zeile 24
Anwendung des Patches fehlgeschlagen bei 0001 rsa: add a more flexible way to support different hash algorithms (e.g. sha256)
Die Kopie des fehlgeschlagenen Patches befindet sich in:
    /home/hs/ids/u-boot/.git/rebase-apply/patch
Wenn Sie das Problem gelöst haben, führen Sie "git am --resolved" aus.
Falls Sie diesen Patch auslassen möchten, führen Sie stattdessen
"git am --skip" aus.
Um den ursprünglichen Zweig wiederherzustellen und die Anwendung der
Patches abzubrechen, führen Sie "git am --abort" aus.
pollux:u-boot hs [20131202] $ git am --abort
pollux:u-boot hs [20131202] $ vi mbox
pollux:u-boot hs [20131202] $ patch -p1 < mbox
patching file common/image-sig.c
patch: **** malformed patch at line 49:  #endif /* !USE_HOSTCC*/

pollux:u-boot hs [20131202] $

Can you have a look at this issue?

Beside of that, just some nitpicking comment:

[...]
> diff --git a/include/rsa.h b/include/rsa.h
> index add4c78..12ae443 100644
> --- a/include/rsa.h
> +++ b/include/rsa.h
> @@ -15,6 +15,23 @@
>   #include<errno.h>
>   #include<image.h>
>
> +#define RSA2048_BYTES  (2048 / 8)
> +
> +/**
> + * struct rsa_public_key - holder for a public key
> + *
> + * An RSA public key consists of a modulus (typically called N), the inverse
> + * and R^2, where R is 2^(# key bits).
> + */
> +
> +struct rsa_public_key {
> +       uint len;               /* Length of modulus[] in number of uint32_t */
> +       uint32_t n0inv;         /* -1 / modulus[0] mod 2^32 */
> +       uint32_t *modulus;      /* modulus as little endian array */
> +       uint32_t *rr;           /* R^2 as little endian array */
> +};
> +
> +

only one empty line please.

>   #if IMAGE_ENABLE_SIGN
>   /**
>    * sign() - calculate and return signature for given input data
[...]
> diff --git a/lib/rsa/rsa-checksum.c b/lib/rsa/rsa-checksum.c
> new file mode 100644
> index 0000000..e75abb8
> --- /dev/null
> +++ b/lib/rsa/rsa-checksum.c
> @@ -0,0 +1,108 @@
> +/*
> + * Copyright (c) 2013, Andreas Oetken.
> + *
> + * SPDX-License-Identifier:    GPL-2.0+
> + */
> +
> +#include<common.h>
> +#include<fdtdec.h>
> +#include<rsa.h>
> +#include<sha1.h>
> +#include<sha256.h>
> +#include<asm/byteorder.h>
> +#include<asm/errno.h>
> +#include<asm/unaligned.h>
> +
> +

only one empty line please.

> +/* PKCS 1.5 paddings as described in the RSA PKCS#1 v2.1 standard. */
> +
> +

here too.. please fix globally.

[...]

bye,
Heiko
Simon Glass Dec. 13, 2013, 10:40 p.m. UTC | #2 
Hi,

On 1 December 2013 23:10, Heiko Schocher <hs@denx.de> wrote:
> Hello Andreas,
>
> Am 27.11.2013 13:10, schrieb andreas@oetken.name:
>
>> As proposed by Heiko I made some small changes and verified the patch with
>> the
>> checkpatch-script.

You can also use patman to generate, check and send your patch if you like.

I couldn't apply it due to the problems Heiko mentioned, but it looks
promising. One I think I wonder if whether you could use the existing
infrastructure in common/hash.c to select the hash algorithm?

Regards,
Simon

>>
>>
>>> From 169f40e72fceb222bb15dd59c1337f42371e97a5 Mon Sep 17 00:00:00 2001
>>
>> From: Andreas Oetken<andreas.oetken@siemens.com>
>> Date: Wed, 27 Nov 2013 13:09:19 +0100
>> Subject: [PATCH] Added rsa-sha256 support.
>
>
> Could you fix your commit message?
>
> Please write in the commit message why and what you have changed
> in your patch. After "---" you can write for example the changelog
> of your patch, see a detailed help for sending patches, here:
>
> http://www.denx.de/wiki/U-Boot/Patches
>
>
>> Signed-off-by: Andreas Oetken<andreas.oetken@siemens.com>
>> ---
>>   common/image-sig.c          |   33 +++++++++++++
>>   include/image.h             |   20 +++++++-
>>   include/rsa-checksum.h      |   25 ++++++++++
>>   include/rsa.h               |   17 +++++++
>>   lib/rsa/Makefile            |    2 +-
>>   lib/rsa/rsa-checksum.c      |  108
>> +++++++++++++++++++++++++++++++++++++++++++
>>   lib/rsa/rsa-sign.c          |   10 ++--
>>   lib/rsa/rsa-verify.c        |   80 +++++++++-----------------------
>>   test/vboot/sign-configs.its |    2 +-
>>   test/vboot/sign-images.its  |    2 +-
>>   10 files changed, 233 insertions(+), 66 deletions(-)
>>   create mode 100644 include/rsa-checksum.h
>>   create mode 100644 lib/rsa/rsa-checksum.c
>
>
> Hmm.. I tried to apply your patch, but I get:
>
> pollux:u-boot hs [20131202] $ git am mbox
> Wende an: rsa: add a more flexible way to support different hash algorithms
> (e.g. sha256)
> fatal: fehlerhafter Patch bei Zeile 24
> Anwendung des Patches fehlgeschlagen bei 0001 rsa: add a more flexible way
> to support different hash algorithms (e.g. sha256)
> Die Kopie des fehlgeschlagenen Patches befindet sich in:
>    /home/hs/ids/u-boot/.git/rebase-apply/patch
> Wenn Sie das Problem gelöst haben, führen Sie "git am --resolved" aus.
> Falls Sie diesen Patch auslassen möchten, führen Sie stattdessen
> "git am --skip" aus.
> Um den ursprünglichen Zweig wiederherzustellen und die Anwendung der
> Patches abzubrechen, führen Sie "git am --abort" aus.
> pollux:u-boot hs [20131202] $ git am --abort
> pollux:u-boot hs [20131202] $ vi mbox
> pollux:u-boot hs [20131202] $ patch -p1 < mbox
> patching file common/image-sig.c
> patch: **** malformed patch at line 49:  #endif /* !USE_HOSTCC*/
>
> pollux:u-boot hs [20131202] $
>
> Can you have a look at this issue?
>
> Beside of that, just some nitpicking comment:
>
> [...]
>
>> diff --git a/include/rsa.h b/include/rsa.h
>> index add4c78..12ae443 100644
>> --- a/include/rsa.h
>> +++ b/include/rsa.h
>> @@ -15,6 +15,23 @@
>>   #include<errno.h>
>>   #include<image.h>
>>
>> +#define RSA2048_BYTES  (2048 / 8)
>> +
>> +/**
>> + * struct rsa_public_key - holder for a public key
>> + *
>> + * An RSA public key consists of a modulus (typically called N), the
>> inverse
>> + * and R^2, where R is 2^(# key bits).
>> + */
>> +
>> +struct rsa_public_key {
>> +       uint len;               /* Length of modulus[] in number of
>> uint32_t */
>> +       uint32_t n0inv;         /* -1 / modulus[0] mod 2^32 */
>> +       uint32_t *modulus;      /* modulus as little endian array */
>> +       uint32_t *rr;           /* R^2 as little endian array */
>> +};
>> +
>> +
>
>
> only one empty line please.
>
>
>>   #if IMAGE_ENABLE_SIGN
>>   /**
>>    * sign() - calculate and return signature for given input data
>
> [...]
>
>> diff --git a/lib/rsa/rsa-checksum.c b/lib/rsa/rsa-checksum.c
>> new file mode 100644
>> index 0000000..e75abb8
>> --- /dev/null
>> +++ b/lib/rsa/rsa-checksum.c
>> @@ -0,0 +1,108 @@
>> +/*
>> + * Copyright (c) 2013, Andreas Oetken.
>> + *
>> + * SPDX-License-Identifier:    GPL-2.0+
>> + */
>> +
>> +#include<common.h>
>> +#include<fdtdec.h>
>> +#include<rsa.h>
>> +#include<sha1.h>
>> +#include<sha256.h>
>> +#include<asm/byteorder.h>
>> +#include<asm/errno.h>
>> +#include<asm/unaligned.h>
>> +
>> +
>
>
> only one empty line please.
>
>
>> +/* PKCS 1.5 paddings as described in the RSA PKCS#1 v2.1 standard. */
>> +
>> +
>
>
> here too.. please fix globally.
>
> [...]
>
> bye,
> Heiko
> --
> DENX Software Engineering GmbH,     MD: Wolfgang Denk & Detlev Zundel
> HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
diff mbox

Patch

diff --git a/common/image-sig.c b/common/image-sig.c
index 973b06d..5ce6b80 100644
--- a/common/image-sig.c
+++ b/common/image-sig.c
@@ -14,15 +14,48 @@  DECLARE_GLOBAL_DATA_PTR;
 #endif /* !USE_HOSTCC*/
 #include <image.h>
 #include <rsa.h>
+#include <rsa-checksum.h>
 
 #define IMAGE_MAX_HASHED_NODES         100
 
+
+struct image_hash_algo image_hash_algos[] = {
+       {
+               "sha1",
+               SHA1_SUM_LEN,
+#if IMAGE_ENABLE_SIGN
+               EVP_sha1,
+#else
+               sha1_calculate,
+               padding_sha1_rsa2048,
+#endif
+       },
+       {
+               "sha256",
+               SHA256_SUM_LEN,
+#if IMAGE_ENABLE_SIGN
+               EVP_sha256,
+#else
+               sha256_calculate,
+               padding_sha256_rsa2048,
+#endif
+       }
+};
+
 struct image_sig_algo image_sig_algos[] = {
        {
                "sha1,rsa2048",
                rsa_sign,
                rsa_add_verify_data,
                rsa_verify,
+               &image_hash_algos[0],
+       },
+       {
+               "sha256,rsa2048",
+               rsa_sign,
+               rsa_add_verify_data,
+               rsa_verify,
+               &image_hash_algos[1],
        }
 };
 
diff --git a/include/image.h b/include/image.h
index ee6eb8d..1f7ca61 100644
--- a/include/image.h
+++ b/include/image.h
@@ -822,7 +822,8 @@  int calculate_hash(const void *data, int data_len, const
char *algo,
 # ifdef USE_HOSTCC
 #  define IMAGE_ENABLE_SIGN    1
 #  define IMAGE_ENABLE_VERIFY  0
-#else
+#  include  <openssl/evp.h>
+# else
 #  define IMAGE_ENABLE_SIGN    0
 #  define IMAGE_ENABLE_VERIFY  1
 # endif
@@ -861,6 +862,20 @@  struct image_region {
        int size;
 };
 
+struct image_hash_algo {
+       const char *name;
+       const int checksum_len;
+#if IMAGE_ENABLE_SIGN
+       EVP_MD *(*calculate)(void);
+#else
+#if IMAGE_ENABLE_VERIFY
+       void (*calculate)(const struct image_region region[],
+                         int region_count, uint8_t *checksum);
+       const uint8_t *rsa_padding;
+#endif
+#endif
+};
+
 struct image_sig_algo {
        const char *name;               /* Name of algorithm */
 
@@ -911,6 +926,9 @@  struct image_sig_algo {
        int (*verify)(struct image_sign_info *info,
                      const struct image_region region[], int region_count,
                      uint8_t *sig, uint sig_len);
+
+       /* pointer to hash algorithm */
+       struct image_hash_algo *hash_algo;
 };
 
 /**
diff --git a/include/rsa-checksum.h b/include/rsa-checksum.h
new file mode 100644
index 0000000..d2c6474
--- /dev/null
+++ b/include/rsa-checksum.h
@@ -0,0 +1,25 @@ 
+/*
+ * Copyright (c) 2013, Andreas Oetken.
+ *
+ * SPDX-License-Identifier:    GPL-2.0+
+ */
+
+#ifndef _RSA_CHECKSUM_H
+#define _RSA_CHECKSUM_H
+
+#include <errno.h>
+#include <image.h>
+#include <sha1.h>
+#include <sha256.h>
+
+#if IMAGE_ENABLE_VERIFY
+extern const uint8_t padding_sha256_rsa2048[];
+extern const uint8_t padding_sha1_rsa2048[];
+
+void sha256_calculate(const struct image_region region[],
+                     int region_count, uint8_t *checksum);
+void sha1_calculate(const struct image_region region[],
+                   int region_count, uint8_t *checksum);
+#endif
+
+#endif
diff --git a/include/rsa.h b/include/rsa.h
index add4c78..12ae443 100644
--- a/include/rsa.h
+++ b/include/rsa.h
@@ -15,6 +15,23 @@ 
 #include <errno.h>
 #include <image.h>
 
+#define RSA2048_BYTES  (2048 / 8)
+
+/**
+ * struct rsa_public_key - holder for a public key
+ *
+ * An RSA public key consists of a modulus (typically called N), the inverse
+ * and R^2, where R is 2^(# key bits).
+ */
+
+struct rsa_public_key {
+       uint len;               /* Length of modulus[] in number of uint32_t */
+       uint32_t n0inv;         /* -1 / modulus[0] mod 2^32 */
+       uint32_t *modulus;      /* modulus as little endian array */
+       uint32_t *rr;           /* R^2 as little endian array */
+};
+
+
 #if IMAGE_ENABLE_SIGN
 /**
  * sign() - calculate and return signature for given input data
diff --git a/lib/rsa/Makefile b/lib/rsa/Makefile
index 164ab39..a5a96cb6 100644
--- a/lib/rsa/Makefile
+++ b/lib/rsa/Makefile
@@ -7,4 +7,4 @@ 
 # SPDX-License-Identifier:     GPL-2.0+
 #
 
-obj-$(CONFIG_FIT_SIGNATURE) += rsa-verify.o
+obj-$(CONFIG_FIT_SIGNATURE) += rsa-verify.o rsa-checksum.o
diff --git a/lib/rsa/rsa-checksum.c b/lib/rsa/rsa-checksum.c
new file mode 100644
index 0000000..e75abb8
--- /dev/null
+++ b/lib/rsa/rsa-checksum.c
@@ -0,0 +1,108 @@ 
+/*
+ * Copyright (c) 2013, Andreas Oetken.
+ *
+ * SPDX-License-Identifier:    GPL-2.0+
+ */
+
+#include <common.h>
+#include <fdtdec.h>
+#include <rsa.h>
+#include <sha1.h>
+#include <sha256.h>
+#include <asm/byteorder.h>
+#include <asm/errno.h>
+#include <asm/unaligned.h>
+
+
+/* PKCS 1.5 paddings as described in the RSA PKCS#1 v2.1 standard. */
+
+
+const uint8_t padding_sha256_rsa2048[RSA2048_BYTES - SHA256_SUM_LEN] = {
+       0x00, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0x00, 0x30, 0x31, 0x30,
+       0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65,
+       0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20
+};
+
+const uint8_t padding_sha1_rsa2048[RSA2048_BYTES - SHA1_SUM_LEN] = {
+       0x00, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+       0xff, 0xff, 0xff, 0xff, 0x00, 0x30, 0x21, 0x30,
+       0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
+       0x05, 0x00, 0x04, 0x14
+};
+
+
+void sha1_calculate(const struct image_region region[],
+                   int region_count, uint8_t *checksum)
+{
+       sha1_context ctx;
+       uint32_t i;
+
+       sha1_starts(&ctx);
+       for (i = 0; i < region_count; i++)
+               sha1_update(&ctx, region[i].data, region[i].size);
+       sha1_finish(&ctx, checksum);
+}
+
+void sha256_calculate(const struct image_region region[],
+                     int region_count, uint8_t *checksum)
+{
+       sha256_context ctx;
+       uint32_t i;
+
+       sha256_starts(&ctx);
+       for (i = 0; i < region_count; i++)
+               sha256_update(&ctx, region[i].data, region[i].size);
+       sha256_finish(&ctx, checksum);
+}
+
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 549130e..e3b8790 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -159,8 +159,9 @@  static void rsa_remove(void)
        EVP_cleanup();
 }
 
-static int rsa_sign_with_key(RSA *rsa, const struct image_region region[],
-               int region_count, uint8_t **sigp, uint *sig_size)
+static int rsa_sign_with_key(RSA *rsa, struct image_hash_algo *hash_algo,
+                           const struct image_region region[],
+                           int region_count, uint8_t **sigp, uint *sig_size)
 {
        EVP_PKEY *key;
        EVP_MD_CTX *context;
@@ -192,7 +193,7 @@  static int rsa_sign_with_key(RSA *rsa, const struct
image_region region[],
                goto err_create;
        }
        EVP_MD_CTX_init(context);
-       if (!EVP_SignInit(context, EVP_sha1())) {
+       if (!EVP_SignInit(context, hash_algo->calculate())) {
                ret = rsa_err("Signer setup failed");
                goto err_sign;
        }
@@ -242,7 +243,8 @@  int rsa_sign(struct image_sign_info *info,
        ret = rsa_get_priv_key(info->keydir, info->keyname, &rsa);
        if (ret)
                goto err_priv;
-       ret = rsa_sign_with_key(rsa, region, region_count, sigp, sig_len);
+       ret = rsa_sign_with_key(rsa, info->algo->hash_algo,
+                               region, region_count, sigp, sig_len);
        if (ret)
                goto err_sign;
 
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 02cc4e3..9a42641 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -7,28 +7,14 @@ 
 #include <common.h>
 #include <fdtdec.h>
 #include <rsa.h>
-#include <sha1.h>
 #include <asm/byteorder.h>
 #include <asm/errno.h>
 #include <asm/unaligned.h>
 
-/**
- * struct rsa_public_key - holder for a public key
- *
- * An RSA public key consists of a modulus (typically called N), the inverse
- * and R^2, where R is 2^(# key bits).
- */
-struct rsa_public_key {
-       uint len;               /* Length of modulus[] in number of uint32_t */
-       uint32_t n0inv;         /* -1 / modulus[0] mod 2^32 */
-       uint32_t *modulus;      /* modulus as little endian array */
-       uint32_t *rr;           /* R^2 as little endian array */
-};
+#define MAXIMUM_CHECKSUM_LEN 512
 
 #define UINT64_MULT32(v, multby)  (((uint64_t)(v)) * ((uint32_t)(multby)))
 
-#define RSA2048_BYTES  (2048 / 8)
-
 /* This is the minimum/maximum key size we support, in bits */
 #define RSA_MIN_KEY_BITS       2048
 #define RSA_MAX_KEY_BITS       2048
@@ -36,38 +22,6 @@  struct rsa_public_key {
 /* This is the maximum signature length that we support, in bits */
 #define RSA_MAX_SIG_BITS       2048
 
-static const uint8_t padding_sha1_rsa2048[RSA2048_BYTES - SHA1_SUM_LEN] = {
-       0x00, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-       0xff, 0xff, 0xff, 0xff, 0x00, 0x30, 0x21, 0x30,
-       0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
-       0x05, 0x00, 0x04, 0x14
-};
 
 /**
  * subtract_modulus() - subtract modulus from the given value
@@ -209,7 +163,8 @@  static int pow_mod(const struct rsa_public_key *key,
uint32_t *inout)
 }
 
 static int rsa_verify_key(const struct rsa_public_key *key, const uint8_t *sig,
-               const uint32_t sig_len, const uint8_t *hash)
+                  const uint32_t sig_len, const uint8_t *hash,
+                  struct image_hash_algo *hash_algo)
 {
        const uint8_t *padding;
        int pad_len;
@@ -223,6 +178,8 @@  static int rsa_verify_key(const struct rsa_public_key *key,
const uint8_t *sig,
                return -EINVAL;
        }
 
+       debug("Hash-algorithm: %s", hash_algo->name);
+
        /* Sanity check for stack size */
        if (sig_len > RSA_MAX_SIG_BITS / 8) {
                debug("Signature length %u exceeds maximum %d\n", sig_len,
@@ -239,8 +196,8 @@  static int rsa_verify_key(const struct rsa_public_key *key,
const uint8_t *sig,
                return ret;
 
        /* Determine padding to use depending on the signature type. */
-       padding = padding_sha1_rsa2048;
-       pad_len = RSA2048_BYTES - SHA1_SUM_LEN;
+       padding = hash_algo->rsa_padding;
+       pad_len = RSA2048_BYTES - hash_algo->checksum_len;
 
        /* Check pkcs1.5 padding bytes. */
        if (memcmp(buf, padding, pad_len)) {
@@ -309,7 +266,7 @@  static int rsa_verify_with_keynode(struct image_sign_info
*info,
        }
 
        debug("key length %d\n", key.len);
-       ret = rsa_verify_key(&key, sig, sig_len, hash);
+       ret = rsa_verify_key(&key, sig, sig_len, hash, info->algo->hash_algo);
        if (ret) {
                printf("%s: RSA failed to verify: %d\n", __func__, ret);
                return ret;
@@ -323,12 +280,21 @@  int rsa_verify(struct image_sign_info *info,
               uint8_t *sig, uint sig_len)
 {
        const void *blob = info->fdt_blob;
-       uint8_t hash[SHA1_SUM_LEN];
+       /* Reserve memory for a maximum checksum-length of 512 bytes */
+       uint8_t hash[MAXIMUM_CHECKSUM_LEN];
        int ndepth, noffset;
        int sig_node, node;
        char name[100];
-       sha1_context ctx;
-       int ret, i;
+       int ret;
+
+       /* Verify that checksum-length is lower than MAXIMUM_CHECKSUM_LEN */
+       if (info->algo->hash_algo->checksum_len > MAXIMUM_CHECKSUM_LEN) {
+               debug("%s: invlaid checksum-length %s, a maximum \
+                       of %d is currently set.\n",
+                        __func__, info->algo->hash_algo->name,
+                       MAXIMUM_CHECKSUM_LEN);
+               return -EINVAL;
+       }
 
        sig_node = fdt_subnode_offset(blob, 0, FIT_SIG_NODENAME);
        if (sig_node < 0) {
@@ -336,10 +302,8 @@  int rsa_verify(struct image_sign_info *info,
                return -ENOENT;
        }
 
-       sha1_starts(&ctx);
-       for (i = 0; i < region_count; i++)
-               sha1_update(&ctx, region[i].data, region[i].size);
-       sha1_finish(&ctx, hash);
+       /* Calculate checksum with checksum-algorithm */
+       info->algo->hash_algo->calculate(region, region_count, hash);
 
        /* See if we must use a particular key */
        if (info->required_keynode != -1) {
diff --git a/test/vboot/sign-configs.its b/test/vboot/sign-configs.its
index db2ed79..5b315f3 100644
--- a/test/vboot/sign-configs.its
+++ b/test/vboot/sign-configs.its
@@ -36,7 +36,7 @@ 
                        kernel = "kernel@1";
                        fdt = "fdt@1";
                        signature@1 {
-                               algo = "sha1,rsa2048";
+                               algo = "sha256,rsa2048";
                                key-name-hint = "dev";
                                sign-images = "fdt", "kernel";
                        };
diff --git a/test/vboot/sign-images.its b/test/vboot/sign-images.its
index f69326a..e2b0446 100644
--- a/test/vboot/sign-images.its
+++ b/test/vboot/sign-images.its
@@ -27,7 +27,7 @@ 
                        compression = "none";
                        fdt-version = <1>;
                        signature@1 {
-                               algo = "sha1,rsa2048";
+                               algo = "sha256,rsa2048";
                                key-name-hint = "dev";
                        };
                };