summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--common/image-sig.c6
-rw-r--r--include/configs/ti_am335x_common.h2
-rw-r--r--include/image.h5
-rw-r--r--include/u-boot/rsa-checksum.h17
-rw-r--r--lib/rsa/rsa-checksum.c50
-rw-r--r--lib/rsa/rsa-verify.c7
6 files changed, 57 insertions, 30 deletions
diff --git a/common/image-sig.c b/common/image-sig.c
index 8601edaca3..2c9f0cdf7a 100644
--- a/common/image-sig.c
+++ b/common/image-sig.c
@@ -38,7 +38,7 @@ struct checksum_algo checksum_algos[] = {
#if IMAGE_ENABLE_SIGN
EVP_sha1,
#endif
- sha1_calculate,
+ hash_calculate,
padding_sha1_rsa2048,
},
{
@@ -48,7 +48,7 @@ struct checksum_algo checksum_algos[] = {
#if IMAGE_ENABLE_SIGN
EVP_sha256,
#endif
- sha256_calculate,
+ hash_calculate,
padding_sha256_rsa2048,
},
{
@@ -58,7 +58,7 @@ struct checksum_algo checksum_algos[] = {
#if IMAGE_ENABLE_SIGN
EVP_sha256,
#endif
- sha256_calculate,
+ hash_calculate,
padding_sha256_rsa4096,
}
diff --git a/include/configs/ti_am335x_common.h b/include/configs/ti_am335x_common.h
index 5ed86d9365..598526bf95 100644
--- a/include/configs/ti_am335x_common.h
+++ b/include/configs/ti_am335x_common.h
@@ -20,7 +20,9 @@
#define CONFIG_SPL_AM33XX_ENABLE_RTC32K_OSC
#ifndef CONFIG_SPL_BUILD
+#ifndef CONFIG_DM
# define CONFIG_DM
+#endif
# define CONFIG_CMD_DM
# define CONFIG_DM_GPIO
# define CONFIG_DM_SERIAL
diff --git a/include/image.h b/include/image.h
index ee3afe3567..dcbc72fc1e 100644
--- a/include/image.h
+++ b/include/image.h
@@ -927,8 +927,9 @@ struct checksum_algo {
#if IMAGE_ENABLE_SIGN
const EVP_MD *(*calculate_sign)(void);
#endif
- void (*calculate)(const struct image_region region[],
- int region_count, uint8_t *checksum);
+ int (*calculate)(const char *name,
+ const struct image_region region[],
+ int region_count, uint8_t *checksum);
const uint8_t *rsa_padding;
};
diff --git a/include/u-boot/rsa-checksum.h b/include/u-boot/rsa-checksum.h
index c996fb3e4c..3c69d85ecb 100644
--- a/include/u-boot/rsa-checksum.h
+++ b/include/u-boot/rsa-checksum.h
@@ -16,9 +16,18 @@ extern const uint8_t padding_sha256_rsa4096[];
extern const uint8_t padding_sha256_rsa2048[];
extern const uint8_t padding_sha1_rsa2048[];
-void sha256_calculate(const struct image_region region[], int region_count,
- uint8_t *checksum);
-void sha1_calculate(const struct image_region region[], int region_count,
- uint8_t *checksum);
+/**
+ * hash_calculate() - Calculate hash over the data
+ *
+ * @name: Name of algorithm to be used for hash calculation
+ * @region: Array having info of regions over which hash needs to be calculated
+ * @region_count: Number of regions in the region array
+ * @checksum: Buffer contanining the output hash
+ *
+ * @return 0 if OK, < 0 if error
+ */
+int hash_calculate(const char *name,
+ const struct image_region region[], int region_count,
+ uint8_t *checksum);
#endif
diff --git a/lib/rsa/rsa-checksum.c b/lib/rsa/rsa-checksum.c
index 8d8b59f779..68d9d651b0 100644
--- a/lib/rsa/rsa-checksum.c
+++ b/lib/rsa/rsa-checksum.c
@@ -10,12 +10,13 @@
#include <asm/byteorder.h>
#include <asm/errno.h>
#include <asm/unaligned.h>
+#include <hash.h>
#else
#include "fdt_host.h"
-#endif
-#include <u-boot/rsa.h>
#include <u-boot/sha1.h>
#include <u-boot/sha256.h>
+#endif
+#include <u-boot/rsa.h>
/* PKCS 1.5 paddings as described in the RSA PKCS#1 v2.1 standard. */
@@ -136,28 +137,37 @@ const uint8_t padding_sha256_rsa4096[RSA4096_BYTES - SHA256_SUM_LEN] = {
0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20
};
-void sha1_calculate(const struct image_region region[], int region_count,
- uint8_t *checksum)
+int hash_calculate(const char *name,
+ const struct image_region region[],
+ int region_count, uint8_t *checksum)
{
- sha1_context ctx;
+ struct hash_algo *algo;
+ int ret = 0;
+ void *ctx;
uint32_t i;
i = 0;
- sha1_starts(&ctx);
- for (i = 0; i < region_count; i++)
- sha1_update(&ctx, region[i].data, region[i].size);
- sha1_finish(&ctx, checksum);
-}
+ ret = hash_progressive_lookup_algo(name, &algo);
+ if (ret)
+ return ret;
-void sha256_calculate(const struct image_region region[], int region_count,
- uint8_t *checksum)
-{
- sha256_context ctx;
- uint32_t i;
- i = 0;
+ ret = algo->hash_init(algo, &ctx);
+ if (ret)
+ return ret;
+
+ for (i = 0; i < region_count - 1; i++) {
+ ret = algo->hash_update(algo, ctx, region[i].data,
+ region[i].size, 0);
+ if (ret)
+ return ret;
+ }
+
+ ret = algo->hash_update(algo, ctx, region[i].data, region[i].size, 1);
+ if (ret)
+ return ret;
+ ret = algo->hash_finish(algo, ctx, checksum, algo->digest_size);
+ if (ret)
+ return ret;
- sha256_starts(&ctx);
- for (i = 0; i < region_count; i++)
- sha256_update(&ctx, region[i].data, region[i].size);
- sha256_finish(&ctx, checksum);
+ return 0;
}
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index da45daffd3..60126d2288 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -184,7 +184,12 @@ int rsa_verify(struct image_sign_info *info,
}
/* Calculate checksum with checksum-algorithm */
- info->algo->checksum->calculate(region, region_count, hash);
+ ret = info->algo->checksum->calculate(info->algo->checksum->name,
+ region, region_count, hash);
+ if (ret < 0) {
+ debug("%s: Error in checksum calculation\n", __func__);
+ return -EINVAL;
+ }
/* See if we must use a particular key */
if (info->required_keynode != -1) {