From patchwork Wed Nov 27 12:10:08 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "andreas@oetken.name" X-Patchwork-Id: 294567 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from theia.denx.de (theia.denx.de [85.214.87.163]) by ozlabs.org (Postfix) with ESMTP id 9E2492C00A9 for ; Wed, 27 Nov 2013 23:33:09 +1100 (EST) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 973274B761; Wed, 27 Nov 2013 13:33:07 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at theia.denx.de Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mZqNbxmx4ypA; Wed, 27 Nov 2013 13:33:07 +0100 (CET) Received: from theia.denx.de (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id EA5E64B73F; Wed, 27 Nov 2013 13:33:02 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id EED3C4B727 for ; Wed, 27 Nov 2013 13:15:29 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at theia.denx.de Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mg3Qlxl+mrIt for ; Wed, 27 Nov 2013 13:15:24 +0100 (CET) X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 BL_NJABL=ERR(-1.5) (only DNSBL check requested) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.17.9]) by theia.denx.de (Postfix) with ESMTPS id A078F4B728 for ; Wed, 27 Nov 2013 13:15:16 +0100 (CET) Received: from oxbsltgw04.schlund.de (oxbsltgw04.schlund.de [172.19.249.21]) by mrelayeu.kundenserver.de (node=mrbap0) with ESMTP (Nemesis) id 0MalwI-1W5vz90RzO-00KViH; Wed, 27 Nov 2013 13:10:09 +0100 Date: Wed, 27 Nov 2013 13:10:08 +0100 (CET) From: "andreas@oetken.name" To: u-boot@lists.denx.de Message-ID: <842410203.349181.1385554208943.open-xchange@email.1und1.de> MIME-Version: 1.0 X-Priority: 3 Importance: Medium X-Mailer: Open-Xchange Mailer v7.4.0-Rev20 X-Provags-ID: V02:K0:pvXnS/yco9IuXoSIaV+CLmQb7F41KleEoVowVf6uVVu hFMVC37qi3Nx8NzO5ynkt3BqZAqQMDs6URs3A2Qg/+58bq4GhH QPwFLfsx1EfrHUYvU14fwiCmRC9BbSS9rSC7JUBSOiAm95QTm7 Eu0W7NZcWjXx0qfAzC369vcsPbxxTYDG7aXAHa8oLCzd3DEe+y HvAz4sERuMt4leAD+2ovZor0yQ0IPqiTpswZKIOmeyeu4jDPAn 74cH1cjJDmax2T2jxLOZqjRElKSiVSuYctSW2hccmpQxwofEoy lFb4Zuv2rQOurWDtcpIl44AbKmb8O+bH4wZiLz+hDGCm//NjKY dbIJRJtebhMDhbTCOuawDevumlGWhbfzNBYasbKVpDJdjXbHAc kVGQMxX7AL+61LZyvDtcSnDHCMRvdSV7yI= X-Mailman-Approved-At: Wed, 27 Nov 2013 13:33:01 +0100 Subject: [U-Boot] [U-Boot v2] [PATCH] rsa: add a more flexible way to support different hash algorithms (e.g. sha256) X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.11 Precedence: list Reply-To: "andreas@oetken.name" List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: u-boot-bounces@lists.denx.de Errors-To: u-boot-bounces@lists.denx.de As proposed by Heiko I made some small changes and verified the patch with the checkpatch-script.     From 169f40e72fceb222bb15dd59c1337f42371e97a5 Mon Sep 17 00:00:00 2001 From: Andreas Oetken Date: Wed, 27 Nov 2013 13:09:19 +0100 Subject: [PATCH] Added rsa-sha256 support. Signed-off-by: Andreas Oetken ---  common/image-sig.c          |   33 +++++++++++++  include/image.h             |   20 +++++++-  include/rsa-checksum.h      |   25 ++++++++++  include/rsa.h               |   17 +++++++  lib/rsa/Makefile            |    2 +-  lib/rsa/rsa-checksum.c      |  108 +++++++++++++++++++++++++++++++++++++++++++  lib/rsa/rsa-sign.c          |   10 ++--  lib/rsa/rsa-verify.c        |   80 +++++++++-----------------------  test/vboot/sign-configs.its |    2 +-  test/vboot/sign-images.its  |    2 +-  10 files changed, 233 insertions(+), 66 deletions(-)  create mode 100644 include/rsa-checksum.h  create mode 100644 lib/rsa/rsa-checksum.c -- 1.7.10.4 diff --git a/common/image-sig.c b/common/image-sig.c index 973b06d..5ce6b80 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -14,15 +14,48 @@ DECLARE_GLOBAL_DATA_PTR;  #endif /* !USE_HOSTCC*/  #include  #include +#include    #define IMAGE_MAX_HASHED_NODES         100   + +struct image_hash_algo image_hash_algos[] = { +       { +               "sha1", +               SHA1_SUM_LEN, +#if IMAGE_ENABLE_SIGN +               EVP_sha1, +#else +               sha1_calculate, +               padding_sha1_rsa2048, +#endif +       }, +       { +               "sha256", +               SHA256_SUM_LEN, +#if IMAGE_ENABLE_SIGN +               EVP_sha256, +#else +               sha256_calculate, +               padding_sha256_rsa2048, +#endif +       } +}; +  struct image_sig_algo image_sig_algos[] = {         {                 "sha1,rsa2048",                 rsa_sign,                 rsa_add_verify_data,                 rsa_verify, +               &image_hash_algos[0], +       }, +       { +               "sha256,rsa2048", +               rsa_sign, +               rsa_add_verify_data, +               rsa_verify, +               &image_hash_algos[1],         }  };   diff --git a/include/image.h b/include/image.h index ee6eb8d..1f7ca61 100644 --- a/include/image.h +++ b/include/image.h @@ -822,7 +822,8 @@ int calculate_hash(const void *data, int data_len, const char *algo,  # ifdef USE_HOSTCC  #  define IMAGE_ENABLE_SIGN    1  #  define IMAGE_ENABLE_VERIFY  0 -#else +#  include  +# else  #  define IMAGE_ENABLE_SIGN    0  #  define IMAGE_ENABLE_VERIFY  1  # endif @@ -861,6 +862,20 @@ struct image_region {         int size;  };   +struct image_hash_algo { +       const char *name; +       const int checksum_len; +#if IMAGE_ENABLE_SIGN +       EVP_MD *(*calculate)(void); +#else +#if IMAGE_ENABLE_VERIFY +       void (*calculate)(const struct image_region region[], +                         int region_count, uint8_t *checksum); +       const uint8_t *rsa_padding; +#endif +#endif +}; +  struct image_sig_algo {         const char *name;               /* Name of algorithm */   @@ -911,6 +926,9 @@ struct image_sig_algo {         int (*verify)(struct image_sign_info *info,                       const struct image_region region[], int region_count,                       uint8_t *sig, uint sig_len); + +       /* pointer to hash algorithm */ +       struct image_hash_algo *hash_algo;  };    /** diff --git a/include/rsa-checksum.h b/include/rsa-checksum.h new file mode 100644 index 0000000..d2c6474 --- /dev/null +++ b/include/rsa-checksum.h @@ -0,0 +1,25 @@ +/* + * Copyright (c) 2013, Andreas Oetken. + * + * SPDX-License-Identifier:    GPL-2.0+ + */ + +#ifndef _RSA_CHECKSUM_H +#define _RSA_CHECKSUM_H + +#include +#include +#include +#include + +#if IMAGE_ENABLE_VERIFY +extern const uint8_t padding_sha256_rsa2048[]; +extern const uint8_t padding_sha1_rsa2048[]; + +void sha256_calculate(const struct image_region region[], +                     int region_count, uint8_t *checksum); +void sha1_calculate(const struct image_region region[], +                   int region_count, uint8_t *checksum); +#endif + +#endif diff --git a/include/rsa.h b/include/rsa.h index add4c78..12ae443 100644 --- a/include/rsa.h +++ b/include/rsa.h @@ -15,6 +15,23 @@  #include  #include   +#define RSA2048_BYTES  (2048 / 8) + +/** + * struct rsa_public_key - holder for a public key + * + * An RSA public key consists of a modulus (typically called N), the inverse + * and R^2, where R is 2^(# key bits). + */ + +struct rsa_public_key { +       uint len;               /* Length of modulus[] in number of uint32_t */ +       uint32_t n0inv;         /* -1 / modulus[0] mod 2^32 */ +       uint32_t *modulus;      /* modulus as little endian array */ +       uint32_t *rr;           /* R^2 as little endian array */ +}; + +  #if IMAGE_ENABLE_SIGN  /**   * sign() - calculate and return signature for given input data diff --git a/lib/rsa/Makefile b/lib/rsa/Makefile index 164ab39..a5a96cb6 100644 --- a/lib/rsa/Makefile +++ b/lib/rsa/Makefile @@ -7,4 +7,4 @@  # SPDX-License-Identifier:     GPL-2.0+  #   -obj-$(CONFIG_FIT_SIGNATURE) += rsa-verify.o +obj-$(CONFIG_FIT_SIGNATURE) += rsa-verify.o rsa-checksum.o diff --git a/lib/rsa/rsa-checksum.c b/lib/rsa/rsa-checksum.c new file mode 100644 index 0000000..e75abb8 --- /dev/null +++ b/lib/rsa/rsa-checksum.c @@ -0,0 +1,108 @@ +/* + * Copyright (c) 2013, Andreas Oetken. + * + * SPDX-License-Identifier:    GPL-2.0+ + */ + +#include +#include +#include +#include +#include +#include +#include +#include + + +/* PKCS 1.5 paddings as described in the RSA PKCS#1 v2.1 standard. */ + + +const uint8_t padding_sha256_rsa2048[RSA2048_BYTES - SHA256_SUM_LEN] = { +       0x00, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0x00, 0x30, 0x31, 0x30, +       0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, +       0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20 +}; + +const uint8_t padding_sha1_rsa2048[RSA2048_BYTES - SHA1_SUM_LEN] = { +       0x00, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +       0xff, 0xff, 0xff, 0xff, 0x00, 0x30, 0x21, 0x30, +       0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, +       0x05, 0x00, 0x04, 0x14 +}; + + +void sha1_calculate(const struct image_region region[], +                   int region_count, uint8_t *checksum) +{ +       sha1_context ctx; +       uint32_t i; + +       sha1_starts(&ctx); +       for (i = 0; i < region_count; i++) +               sha1_update(&ctx, region[i].data, region[i].size); +       sha1_finish(&ctx, checksum); +} + +void sha256_calculate(const struct image_region region[], +                     int region_count, uint8_t *checksum) +{ +       sha256_context ctx; +       uint32_t i; + +       sha256_starts(&ctx); +       for (i = 0; i < region_count; i++) +               sha256_update(&ctx, region[i].data, region[i].size); +       sha256_finish(&ctx, checksum); +} + diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 549130e..e3b8790 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -159,8 +159,9 @@ static void rsa_remove(void)         EVP_cleanup();  }   -static int rsa_sign_with_key(RSA *rsa, const struct image_region region[], -               int region_count, uint8_t **sigp, uint *sig_size) +static int rsa_sign_with_key(RSA *rsa, struct image_hash_algo *hash_algo, +                           const struct image_region region[], +                           int region_count, uint8_t **sigp, uint *sig_size)  {         EVP_PKEY *key;         EVP_MD_CTX *context; @@ -192,7 +193,7 @@ static int rsa_sign_with_key(RSA *rsa, const struct image_region region[],                 goto err_create;         }         EVP_MD_CTX_init(context); -       if (!EVP_SignInit(context, EVP_sha1())) { +       if (!EVP_SignInit(context, hash_algo->calculate())) {                 ret = rsa_err("Signer setup failed");                 goto err_sign;         } @@ -242,7 +243,8 @@ int rsa_sign(struct image_sign_info *info,         ret = rsa_get_priv_key(info->keydir, info->keyname, &rsa);         if (ret)                 goto err_priv; -       ret = rsa_sign_with_key(rsa, region, region_count, sigp, sig_len); +       ret = rsa_sign_with_key(rsa, info->algo->hash_algo, +                               region, region_count, sigp, sig_len);         if (ret)                 goto err_sign;   diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 02cc4e3..9a42641 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -7,28 +7,14 @@  #include  #include  #include -#include  #include  #include  #include   -/** - * struct rsa_public_key - holder for a public key - * - * An RSA public key consists of a modulus (typically called N), the inverse - * and R^2, where R is 2^(# key bits). - */ -struct rsa_public_key { -       uint len;               /* Length of modulus[] in number of uint32_t */ -       uint32_t n0inv;         /* -1 / modulus[0] mod 2^32 */ -       uint32_t *modulus;      /* modulus as little endian array */ -       uint32_t *rr;           /* R^2 as little endian array */ -}; +#define MAXIMUM_CHECKSUM_LEN 512    #define UINT64_MULT32(v, multby)  (((uint64_t)(v)) * ((uint32_t)(multby)))   -#define RSA2048_BYTES  (2048 / 8) -  /* This is the minimum/maximum key size we support, in bits */  #define RSA_MIN_KEY_BITS       2048  #define RSA_MAX_KEY_BITS       2048 @@ -36,38 +22,6 @@ struct rsa_public_key {  /* This is the maximum signature length that we support, in bits */  #define RSA_MAX_SIG_BITS       2048   -static const uint8_t padding_sha1_rsa2048[RSA2048_BYTES - SHA1_SUM_LEN] = { -       0x00, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -       0xff, 0xff, 0xff, 0xff, 0x00, 0x30, 0x21, 0x30, -       0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, -       0x05, 0x00, 0x04, 0x14 -};    /**   * subtract_modulus() - subtract modulus from the given value @@ -209,7 +163,8 @@ static int pow_mod(const struct rsa_public_key *key, uint32_t *inout)  }    static int rsa_verify_key(const struct rsa_public_key *key, const uint8_t *sig, -               const uint32_t sig_len, const uint8_t *hash) +                  const uint32_t sig_len, const uint8_t *hash, +                  struct image_hash_algo *hash_algo)  {         const uint8_t *padding;         int pad_len; @@ -223,6 +178,8 @@ static int rsa_verify_key(const struct rsa_public_key *key, const uint8_t *sig,                 return -EINVAL;         }   +       debug("Hash-algorithm: %s", hash_algo->name); +         /* Sanity check for stack size */         if (sig_len > RSA_MAX_SIG_BITS / 8) {                 debug("Signature length %u exceeds maximum %d\n", sig_len, @@ -239,8 +196,8 @@ static int rsa_verify_key(const struct rsa_public_key *key, const uint8_t *sig,                 return ret;           /* Determine padding to use depending on the signature type. */ -       padding = padding_sha1_rsa2048; -       pad_len = RSA2048_BYTES - SHA1_SUM_LEN; +       padding = hash_algo->rsa_padding; +       pad_len = RSA2048_BYTES - hash_algo->checksum_len;           /* Check pkcs1.5 padding bytes. */         if (memcmp(buf, padding, pad_len)) { @@ -309,7 +266,7 @@ static int rsa_verify_with_keynode(struct image_sign_info *info,         }           debug("key length %d\n", key.len); -       ret = rsa_verify_key(&key, sig, sig_len, hash); +       ret = rsa_verify_key(&key, sig, sig_len, hash, info->algo->hash_algo);         if (ret) {                 printf("%s: RSA failed to verify: %d\n", __func__, ret);                 return ret; @@ -323,12 +280,21 @@ int rsa_verify(struct image_sign_info *info,                uint8_t *sig, uint sig_len)  {         const void *blob = info->fdt_blob; -       uint8_t hash[SHA1_SUM_LEN]; +       /* Reserve memory for a maximum checksum-length of 512 bytes */ +       uint8_t hash[MAXIMUM_CHECKSUM_LEN];         int ndepth, noffset;         int sig_node, node;         char name[100]; -       sha1_context ctx; -       int ret, i; +       int ret; + +       /* Verify that checksum-length is lower than MAXIMUM_CHECKSUM_LEN */ +       if (info->algo->hash_algo->checksum_len > MAXIMUM_CHECKSUM_LEN) { +               debug("%s: invlaid checksum-length %s, a maximum \ +                       of %d is currently set.\n", +                        __func__, info->algo->hash_algo->name, +                       MAXIMUM_CHECKSUM_LEN); +               return -EINVAL; +       }           sig_node = fdt_subnode_offset(blob, 0, FIT_SIG_NODENAME);         if (sig_node < 0) { @@ -336,10 +302,8 @@ int rsa_verify(struct image_sign_info *info,                 return -ENOENT;         }   -       sha1_starts(&ctx); -       for (i = 0; i < region_count; i++) -               sha1_update(&ctx, region[i].data, region[i].size); -       sha1_finish(&ctx, hash); +       /* Calculate checksum with checksum-algorithm */ +       info->algo->hash_algo->calculate(region, region_count, hash);           /* See if we must use a particular key */         if (info->required_keynode != -1) { diff --git a/test/vboot/sign-configs.its b/test/vboot/sign-configs.its index db2ed79..5b315f3 100644 --- a/test/vboot/sign-configs.its +++ b/test/vboot/sign-configs.its @@ -36,7 +36,7 @@                         kernel = "kernel@1";                         fdt = "fdt@1";                         signature@1 { -                               algo = "sha1,rsa2048"; +                               algo = "sha256,rsa2048";                                 key-name-hint = "dev";                                 sign-images = "fdt", "kernel";                         }; diff --git a/test/vboot/sign-images.its b/test/vboot/sign-images.its index f69326a..e2b0446 100644 --- a/test/vboot/sign-images.its +++ b/test/vboot/sign-images.its @@ -27,7 +27,7 @@                         compression = "none";                         fdt-version = <1>;                         signature@1 { -                               algo = "sha1,rsa2048"; +                               algo = "sha256,rsa2048";                                 key-name-hint = "dev";                         };                 };