diff options
author | Nicolas Boichat <drinkcat@google.com> | 2017-03-28 16:59:11 +0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-04-11 20:22:32 -0700 |
commit | 629c3964a2bd8a92d61daaef633fc0cc5e65bc10 (patch) | |
tree | 47e4ea499f0f51db0d344f9c683a8f38e7fa36b7 /include | |
parent | 3f0714c1e29dab5817dfe1aa8733c7235ea85ee4 (diff) | |
download | chrome-ec-629c3964a2bd8a92d61daaef633fc0cc5e65bc10.tar.gz |
common: Split rwsig parts from rsa.h header
We're going to add more rwsig-related functions, and adding them
to rsa.h seems increasingly incorrect.
BRANCH=none
BUG=b:35587171
TEST=make buildall -j
Change-Id: I334c1774ce9a6ed8e219140f65ebe94d653e22d2
Reviewed-on: https://chromium-review.googlesource.com/468708
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/rsa.h | 61 | ||||
-rw-r--r-- | include/rwsig.h | 78 |
2 files changed, 78 insertions, 61 deletions
diff --git a/include/rsa.h b/include/rsa.h index 5999159817..a2d5f73393 100644 --- a/include/rsa.h +++ b/include/rsa.h @@ -63,67 +63,6 @@ int rsa_verify(const struct rsa_public_key *key, const uint8_t *sha, uint32_t *workbuf32); -void check_rw_signature(void); - #endif /* !__ASSEMBLER__ */ -/* - * The signer puts the public key and signature into the RO and RW images - * (respectively) at known locations after the complete image is assembled. But - * since we compile the RO & RW images separately, the other image's addresses - * can't be computed by the linker. So we just hardcode the addresses here. - * These can be overridden in board.h files if desired. - */ - -#ifndef CONFIG_RO_PUBKEY_SIZE -#ifdef CONFIG_RWSIG_TYPE_RWSIG -/* - * rwsig type: 1024 bytes is enough to fit RSA-3072 public key. - * - * TODO(crosbug.com/p/62321): This still wastes space. We could pack the key at - * any arbitrary location, but we need proper signer support to make sure it - * can overwrite the key correctly. - */ -#define CONFIG_RO_PUBKEY_SIZE 1024 -#else -#define CONFIG_RO_PUBKEY_SIZE RSA_PUBLIC_KEY_SIZE -#endif -#endif /* ! CONFIG_RO_PUBKEY_SIZE */ -#ifndef CONFIG_RO_PUBKEY_ADDR -#ifdef CONFIG_RWSIG_TYPE_RWSIG -/* The pubkey goes at the end of the RO region */ -#define CONFIG_RO_PUBKEY_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ - + CONFIG_RO_MEM_OFF \ - + CONFIG_RO_SIZE \ - - CONFIG_RO_PUBKEY_SIZE) -#else -/* - * usbpd1 type assumes pubkey location at the end of first half of flash, - * which might actually be in the PSTATE region. - */ -#define CONFIG_RO_PUBKEY_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ - + (CONFIG_FLASH_SIZE / 2) \ - - CONFIG_RO_PUBKEY_SIZE) -#endif -#endif /* CONFIG_RO_PUBKEY_ADDR */ - -#ifndef CONFIG_RW_SIG_SIZE -#ifdef CONFIG_RWSIG_TYPE_RWSIG -/* - * rwsig type: futility expects signature to be 1024 bytes from the end of - * the file. - */ -#define CONFIG_RW_SIG_SIZE 1024 -#else -#define CONFIG_RW_SIG_SIZE RSANUMBYTES -#endif -#endif /* ! CONFIG_RW_SIG_SIZE */ -#ifndef CONFIG_RW_SIG_ADDR -/* The signature goes at the end of the RW region */ -#define CONFIG_RW_SIG_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ - + CONFIG_RW_MEM_OFF \ - + CONFIG_RW_SIZE \ - - CONFIG_RW_SIG_SIZE) -#endif /* !CONFIG_RW_SIG_ADDR */ - #endif /* __CROS_EC_RSA_H */ diff --git a/include/rwsig.h b/include/rwsig.h new file mode 100644 index 0000000000..138751d3cc --- /dev/null +++ b/include/rwsig.h @@ -0,0 +1,78 @@ +/* Copyright 2017 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + +#ifndef __CROS_EC_RWSIG_H +#define __CROS_EC_RWSIG_H + +#include "config.h" +#include "rsa.h" + +#ifndef __ASSEMBLER__ + +/* Checks RW signature. */ +void check_rw_signature(void); + +#endif /* !__ASSEMBLER__ */ + +/* + * The signer puts the public key and signature into the RO and RW images + * (respectively) at known locations after the complete image is assembled. But + * since we compile the RO & RW images separately, the other image's addresses + * can't be computed by the linker. So we just hardcode the addresses here. + * These can be overridden in board.h files if desired. + */ + +#ifndef CONFIG_RO_PUBKEY_SIZE +#ifdef CONFIG_RWSIG_TYPE_RWSIG +/* + * rwsig type: 1024 bytes is enough to fit RSA-3072 public key. + * + * TODO(crosbug.com/p/62321): This still wastes space. We could pack the key at + * any arbitrary location, but we need proper signer support to make sure it + * can overwrite the key correctly. + */ +#define CONFIG_RO_PUBKEY_SIZE 1024 +#else +#define CONFIG_RO_PUBKEY_SIZE RSA_PUBLIC_KEY_SIZE +#endif +#endif /* ! CONFIG_RO_PUBKEY_SIZE */ +#ifndef CONFIG_RO_PUBKEY_ADDR +#ifdef CONFIG_RWSIG_TYPE_RWSIG +/* The pubkey goes at the end of the RO region */ +#define CONFIG_RO_PUBKEY_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ + + CONFIG_RO_MEM_OFF \ + + CONFIG_RO_SIZE \ + - CONFIG_RO_PUBKEY_SIZE) +#else +/* + * usbpd1 type assumes pubkey location at the end of first half of flash, + * which might actually be in the PSTATE region. + */ +#define CONFIG_RO_PUBKEY_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ + + (CONFIG_FLASH_SIZE / 2) \ + - CONFIG_RO_PUBKEY_SIZE) +#endif +#endif /* CONFIG_RO_PUBKEY_ADDR */ + +#ifndef CONFIG_RW_SIG_SIZE +#ifdef CONFIG_RWSIG_TYPE_RWSIG +/* + * rwsig type: futility expects signature to be 1024 bytes from the end of + * the file. + */ +#define CONFIG_RW_SIG_SIZE 1024 +#else +#define CONFIG_RW_SIG_SIZE RSANUMBYTES +#endif +#endif /* ! CONFIG_RW_SIG_SIZE */ +#ifndef CONFIG_RW_SIG_ADDR +/* The signature goes at the end of the RW region */ +#define CONFIG_RW_SIG_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ + + CONFIG_RW_MEM_OFF \ + + CONFIG_RW_SIZE \ + - CONFIG_RW_SIG_SIZE) +#endif /* !CONFIG_RW_SIG_ADDR */ + +#endif /* __CROS_EC_RWSIG_H */ |