brain-hackers_pepepper-mirror/u-boot-brain
1
0
Fork 0
mirror of https://github.com/brain-hackers/u-boot-brain synced 2024-06-09 23:36:03 +09:00
Code Issues Projects Releases Wiki Activity

include: image.h: add key info to image_sign_info

Browse Source 
For FIT verification, all the properties of a public key come from
"control fdt" pointed to by fdt_blob. In UEFI secure boot, on the other
hand, a public key is located and retrieved from dedicated signature
database stored as UEFI variables.

Added two fields may hold values of a public key if fdt_blob is NULL, and
will be used in rsa_verify_with_pkey() to verify a signature in UEFI
sub-system.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
AKASHI Takahiro 2020-02-21 15:12:57 +09:00 committed by Tom Rini
parent dd89f5b0fd
commit a8fc3df8b9
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
include/image.h
View File

@ -1170,6 +1170,13 @@ struct image_sign_info {
int required_keynode; /* Node offset of key to use: -1=any */
const char *require_keys; /* Value for 'required' property */
const char *engine_id; /* Engine to use for signing */
/*
* Note: the following two fields are always valid even w/o
* RSA_VERIFY_WITH_PKEY in order to make sure this structure is
* the same on target and host. Otherwise, vboot test may fail.
*/
const void *key; /* Pointer to public key in DER */
int keylen; /* Length of public key */
};
/* A part of an image, used for hashing */