mirror of
https://github.com/brain-hackers/u-boot-brain
synced 2024-09-28 15:40:29 +09:00
lib/rsa: Modify rsa to use DM driver
Modify rsa_verify to use the rsa driver of DM library .The tools will continue to use the same RSA sw library. CONFIG_RSA is now dependent on CONFIG_DM. All configurations which enable FIT based signatures have been modified to enable CONFIG_DM by default. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
parent
11a9662ba9
commit
c937ff6dc2
7
README
7
README
@ -3176,8 +3176,13 @@ CBFS (Coreboot Filesystem) support
|
|||||||
This enables the RSA algorithm used for FIT image verification
|
This enables the RSA algorithm used for FIT image verification
|
||||||
in U-Boot. See doc/uImage.FIT/signature.txt for more information.
|
in U-Boot. See doc/uImage.FIT/signature.txt for more information.
|
||||||
|
|
||||||
|
The Modular Exponentiation algorithm in RSA is implemented using
|
||||||
|
driver model. So CONFIG_DM needs to be enabled by default for this
|
||||||
|
library to function.
|
||||||
|
|
||||||
The signing part is build into mkimage regardless of this
|
The signing part is build into mkimage regardless of this
|
||||||
option.
|
option. The software based modular exponentiation is built into
|
||||||
|
mkimage irrespective of this option.
|
||||||
|
|
||||||
- bootcount support:
|
- bootcount support:
|
||||||
CONFIG_BOOTCOUNT_LIMIT
|
CONFIG_BOOTCOUNT_LIMIT
|
||||||
|
@ -4,3 +4,7 @@ CONFIG_SYS_EXTRA_OPTIONS="EMMC_BOOT,ENABLE_VBOOT"
|
|||||||
+S:CONFIG_TARGET_AM335X_EVM=y
|
+S:CONFIG_TARGET_AM335X_EVM=y
|
||||||
CONFIG_OF_CONTROL=y
|
CONFIG_OF_CONTROL=y
|
||||||
CONFIG_DEFAULT_DEVICE_TREE="am335x-boneblack"
|
CONFIG_DEFAULT_DEVICE_TREE="am335x-boneblack"
|
||||||
|
CONFIG_FIT=y
|
||||||
|
CONFIG_FIT_VERBOSE=y
|
||||||
|
CONFIG_FIT_SIGNATURE=y
|
||||||
|
CONFIG_DM=y
|
||||||
|
@ -4,3 +4,4 @@ CONFIG_MPC83xx=y
|
|||||||
CONFIG_FIT=y
|
CONFIG_FIT=y
|
||||||
CONFIG_FIT_SIGNATURE=y
|
CONFIG_FIT_SIGNATURE=y
|
||||||
CONFIG_TARGET_IDS8313=y
|
CONFIG_TARGET_IDS8313=y
|
||||||
|
CONFIG_DM=y
|
||||||
|
@ -3,4 +3,5 @@ CONFIG_OF_HOSTFILE=y
|
|||||||
CONFIG_FIT=y
|
CONFIG_FIT=y
|
||||||
CONFIG_FIT_VERBOSE=y
|
CONFIG_FIT_VERBOSE=y
|
||||||
CONFIG_FIT_SIGNATURE=y
|
CONFIG_FIT_SIGNATURE=y
|
||||||
|
CONFIG_DM=y
|
||||||
CONFIG_DEFAULT_DEVICE_TREE="sandbox"
|
CONFIG_DEFAULT_DEVICE_TREE="sandbox"
|
||||||
|
@ -6,4 +6,5 @@ CONFIG_OF_CONTROL=y
|
|||||||
CONFIG_FIT=y
|
CONFIG_FIT=y
|
||||||
CONFIG_FIT_VERBOSE=y
|
CONFIG_FIT_VERBOSE=y
|
||||||
CONFIG_FIT_SIGNATURE=y
|
CONFIG_FIT_SIGNATURE=y
|
||||||
|
CONFIG_DM=y
|
||||||
CONFIG_DEFAULT_DEVICE_TREE="zynq-microzed"
|
CONFIG_DEFAULT_DEVICE_TREE="zynq-microzed"
|
||||||
|
@ -7,3 +7,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zc702"
|
|||||||
CONFIG_FIT=y
|
CONFIG_FIT=y
|
||||||
CONFIG_FIT_VERBOSE=y
|
CONFIG_FIT_VERBOSE=y
|
||||||
CONFIG_FIT_SIGNATURE=y
|
CONFIG_FIT_SIGNATURE=y
|
||||||
|
CONFIG_DM=y
|
||||||
|
@ -8,3 +8,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zc770-xm010"
|
|||||||
CONFIG_FIT=y
|
CONFIG_FIT=y
|
||||||
CONFIG_FIT_VERBOSE=y
|
CONFIG_FIT_VERBOSE=y
|
||||||
CONFIG_FIT_SIGNATURE=y
|
CONFIG_FIT_SIGNATURE=y
|
||||||
|
CONFIG_DM=y
|
||||||
|
@ -8,3 +8,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zc770-xm012"
|
|||||||
CONFIG_FIT=y
|
CONFIG_FIT=y
|
||||||
CONFIG_FIT_VERBOSE=y
|
CONFIG_FIT_VERBOSE=y
|
||||||
CONFIG_FIT_SIGNATURE=y
|
CONFIG_FIT_SIGNATURE=y
|
||||||
|
CONFIG_DM=y
|
||||||
|
@ -8,3 +8,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zc770-xm013"
|
|||||||
CONFIG_FIT=y
|
CONFIG_FIT=y
|
||||||
CONFIG_FIT_VERBOSE=y
|
CONFIG_FIT_VERBOSE=y
|
||||||
CONFIG_FIT_SIGNATURE=y
|
CONFIG_FIT_SIGNATURE=y
|
||||||
|
CONFIG_DM=y
|
||||||
|
@ -7,3 +7,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zed"
|
|||||||
CONFIG_FIT=y
|
CONFIG_FIT=y
|
||||||
CONFIG_FIT_VERBOSE=y
|
CONFIG_FIT_VERBOSE=y
|
||||||
CONFIG_FIT_SIGNATURE=y
|
CONFIG_FIT_SIGNATURE=y
|
||||||
|
CONFIG_DM=y
|
||||||
|
@ -7,3 +7,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zybo"
|
|||||||
CONFIG_FIT=y
|
CONFIG_FIT=y
|
||||||
CONFIG_FIT_VERBOSE=y
|
CONFIG_FIT_VERBOSE=y
|
||||||
CONFIG_FIT_SIGNATURE=y
|
CONFIG_FIT_SIGNATURE=y
|
||||||
|
CONFIG_DM=y
|
||||||
|
@ -19,13 +19,11 @@
|
|||||||
#include <configs/ti_am335x_common.h>
|
#include <configs/ti_am335x_common.h>
|
||||||
|
|
||||||
#ifndef CONFIG_SPL_BUILD
|
#ifndef CONFIG_SPL_BUILD
|
||||||
|
#ifndef CONFIG_FIT
|
||||||
# define CONFIG_FIT
|
# define CONFIG_FIT
|
||||||
|
#endif
|
||||||
# define CONFIG_TIMESTAMP
|
# define CONFIG_TIMESTAMP
|
||||||
# define CONFIG_LZO
|
# define CONFIG_LZO
|
||||||
# ifdef CONFIG_ENABLE_VBOOT
|
|
||||||
# define CONFIG_FIT_SIGNATURE
|
|
||||||
# define CONFIG_RSA
|
|
||||||
# endif
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define CONFIG_SYS_BOOTM_LEN (16 << 20)
|
#define CONFIG_SYS_BOOTM_LEN (16 << 20)
|
||||||
|
@ -23,7 +23,6 @@
|
|||||||
|
|
||||||
#define CONFIG_BOOTSTAGE
|
#define CONFIG_BOOTSTAGE
|
||||||
#define CONFIG_BOOTSTAGE_REPORT
|
#define CONFIG_BOOTSTAGE_REPORT
|
||||||
#define CONFIG_DM
|
|
||||||
#define CONFIG_CMD_DEMO
|
#define CONFIG_CMD_DEMO
|
||||||
#define CONFIG_CMD_DM
|
#define CONFIG_CMD_DM
|
||||||
#define CONFIG_DM_DEMO
|
#define CONFIG_DM_DEMO
|
||||||
|
@ -12,6 +12,7 @@
|
|||||||
#include <asm/errno.h>
|
#include <asm/errno.h>
|
||||||
#include <asm/types.h>
|
#include <asm/types.h>
|
||||||
#include <asm/unaligned.h>
|
#include <asm/unaligned.h>
|
||||||
|
#include <dm.h>
|
||||||
#else
|
#else
|
||||||
#include "fdt_host.h"
|
#include "fdt_host.h"
|
||||||
#include "mkimage.h"
|
#include "mkimage.h"
|
||||||
@ -43,6 +44,9 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
|
|||||||
const uint8_t *padding;
|
const uint8_t *padding;
|
||||||
int pad_len;
|
int pad_len;
|
||||||
int ret;
|
int ret;
|
||||||
|
#if !defined(USE_HOSTCC)
|
||||||
|
struct udevice *mod_exp_dev;
|
||||||
|
#endif
|
||||||
|
|
||||||
if (!prop || !sig || !hash || !algo)
|
if (!prop || !sig || !hash || !algo)
|
||||||
return -EIO;
|
return -EIO;
|
||||||
@ -63,7 +67,17 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
|
|||||||
|
|
||||||
uint8_t buf[sig_len];
|
uint8_t buf[sig_len];
|
||||||
|
|
||||||
|
#if !defined(USE_HOSTCC)
|
||||||
|
ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
|
||||||
|
if (ret) {
|
||||||
|
printf("RSA: Can't find Modular Exp implementation\n");
|
||||||
|
return -EINVAL;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = rsa_mod_exp(mod_exp_dev, sig, sig_len, prop, buf);
|
||||||
|
#else
|
||||||
ret = rsa_mod_exp_sw(sig, sig_len, prop, buf);
|
ret = rsa_mod_exp_sw(sig, sig_len, prop, buf);
|
||||||
|
#endif
|
||||||
if (ret) {
|
if (ret) {
|
||||||
debug("Error in Modular exponentation\n");
|
debug("Error in Modular exponentation\n");
|
||||||
return ret;
|
return ret;
|
||||||
|
Loading…
Reference in New Issue
Block a user