]>
Commit | Line | Data |
---|---|---|
19c402af SG |
1 | /* |
2 | * Copyright (c) 2013, Google Inc. | |
3 | * | |
4 | * (C) Copyright 2008 Semihalf | |
5 | * | |
6 | * (C) Copyright 2000-2006 | |
7 | * Wolfgang Denk, DENX Software Engineering, wd@denx.de. | |
8 | * | |
1a459660 | 9 | * SPDX-License-Identifier: GPL-2.0+ |
19c402af SG |
10 | */ |
11 | ||
12 | #ifndef _RSA_H | |
13 | #define _RSA_H | |
14 | ||
15 | #include <errno.h> | |
16 | #include <image.h> | |
17 | ||
18 | #if IMAGE_ENABLE_SIGN | |
19 | /** | |
20 | * sign() - calculate and return signature for given input data | |
21 | * | |
22 | * @info: Specifies key and FIT information | |
23 | * @data: Pointer to the input data | |
24 | * @data_len: Data length | |
25 | * @sigp: Set to an allocated buffer holding the signature | |
26 | * @sig_len: Set to length of the calculated hash | |
27 | * | |
28 | * This computes input data signature according to selected algorithm. | |
29 | * Resulting signature value is placed in an allocated buffer, the | |
30 | * pointer is returned as *sigp. The length of the calculated | |
31 | * signature is returned via the sig_len pointer argument. The caller | |
32 | * should free *sigp. | |
33 | * | |
34 | * @return: 0, on success, -ve on error | |
35 | */ | |
36 | int rsa_sign(struct image_sign_info *info, | |
37 | const struct image_region region[], | |
38 | int region_count, uint8_t **sigp, uint *sig_len); | |
39 | ||
40 | /** | |
41 | * add_verify_data() - Add verification information to FDT | |
42 | * | |
43 | * Add public key information to the FDT node, suitable for | |
44 | * verification at run-time. The information added depends on the | |
45 | * algorithm being used. | |
46 | * | |
47 | * @info: Specifies key and FIT information | |
48 | * @keydest: Destination FDT blob for public key data | |
49 | * @return: 0, on success, -ve on error | |
50 | */ | |
51 | int rsa_add_verify_data(struct image_sign_info *info, void *keydest); | |
52 | #else | |
53 | static inline int rsa_sign(struct image_sign_info *info, | |
54 | const struct image_region region[], int region_count, | |
55 | uint8_t **sigp, uint *sig_len) | |
56 | { | |
57 | return -ENXIO; | |
58 | } | |
59 | ||
60 | static inline int rsa_add_verify_data(struct image_sign_info *info, | |
61 | void *keydest) | |
62 | { | |
63 | return -ENXIO; | |
64 | } | |
65 | #endif | |
66 | ||
67 | #if IMAGE_ENABLE_VERIFY | |
68 | /** | |
69 | * rsa_verify() - Verify a signature against some data | |
70 | * | |
71 | * Verify a RSA PKCS1.5 signature against an expected hash. | |
72 | * | |
73 | * @info: Specifies key and FIT information | |
74 | * @data: Pointer to the input data | |
75 | * @data_len: Data length | |
76 | * @sig: Signature | |
77 | * @sig_len: Number of bytes in signature | |
78 | * @return 0 if verified, -ve on error | |
79 | */ | |
80 | int rsa_verify(struct image_sign_info *info, | |
81 | const struct image_region region[], int region_count, | |
82 | uint8_t *sig, uint sig_len); | |
83 | #else | |
84 | static inline int rsa_verify(struct image_sign_info *info, | |
85 | const struct image_region region[], int region_count, | |
86 | uint8_t *sig, uint sig_len) | |
87 | { | |
88 | return -ENXIO; | |
89 | } | |
90 | #endif | |
91 | ||
92 | #endif |