common/image-sig.c

   1 // SPDX-License-Identifier: GPL-2.0+
   2 /*
   3  * Copyright (c) 2013, Google Inc.
   4  */
   5
   6 #ifdef USE_HOSTCC
   7 #include "mkimage.h"
   8 #include <fdt_support.h>
   9 #include <time.h>
  10 #include <linux/libfdt.h>
  11 #else
  12 #include <common.h>
  13 #include <log.h>
  14 #include <malloc.h>
  15 DECLARE_GLOBAL_DATA_PTR;
  16 #endif /* !USE_HOSTCC*/
  17 #include <image.h>
  18 #include <u-boot/rsa.h>
  19 #include <u-boot/rsa-checksum.h>
  20
  21 #define IMAGE_MAX_HASHED_NODES          100
  22
  23 struct checksum_algo checksum_algos[] = {
  24         {
  25                 .name = "sha1",
  26                 .checksum_len = SHA1_SUM_LEN,
  27                 .der_len = SHA1_DER_LEN,
  28                 .der_prefix = sha1_der_prefix,
  29 #if IMAGE_ENABLE_SIGN
  30                 .calculate_sign = EVP_sha1,
  31 #endif
  32                 .calculate = hash_calculate,
  33         },
  34         {
  35                 .name = "sha256",
  36                 .checksum_len = SHA256_SUM_LEN,
  37                 .der_len = SHA256_DER_LEN,
  38                 .der_prefix = sha256_der_prefix,
  39 #if IMAGE_ENABLE_SIGN
  40                 .calculate_sign = EVP_sha256,
  41 #endif
  42                 .calculate = hash_calculate,
  43         }
  44
  45 };
  46
  47 struct crypto_algo crypto_algos[] = {
  48         {
  49                 .name = "rsa2048",
  50                 .key_len = RSA2048_BYTES,
  51                 .sign = rsa_sign,
  52                 .add_verify_data = rsa_add_verify_data,
  53                 .verify = rsa_verify,
  54         },
  55         {
  56                 .name = "rsa4096",
  57                 .key_len = RSA4096_BYTES,
  58                 .sign = rsa_sign,
  59                 .add_verify_data = rsa_add_verify_data,
  60                 .verify = rsa_verify,
  61         }
  62
  63 };
  64
  65 struct padding_algo padding_algos[] = {
  66         {
  67                 .name = "pkcs-1.5",
  68                 .verify = padding_pkcs_15_verify,
  69         },
  70 #ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
  71         {
  72                 .name = "pss",
  73                 .verify = padding_pss_verify,
  74         }
  75 #endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */
  76 };
  77
  78 struct checksum_algo *image_get_checksum_algo(const char *full_name)
  79 {
  80         int i;
  81         const char *name;
  82
  83 #if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
  84         static bool done;
  85
  86         if (!done) {
  87                 done = true;
  88                 for (i = 0; i < ARRAY_SIZE(checksum_algos); i++) {
  89                         checksum_algos[i].name += gd->reloc_off;
  90 #if IMAGE_ENABLE_SIGN
  91                         checksum_algos[i].calculate_sign += gd->reloc_off;
  92 #endif
  93                         checksum_algos[i].calculate += gd->reloc_off;
  94                 }
  95         }
  96 #endif
  97
  98         for (i = 0; i < ARRAY_SIZE(checksum_algos); i++) {
  99                 name = checksum_algos[i].name;
 100                 /* Make sure names match and next char is a comma */
 101                 if (!strncmp(name, full_name, strlen(name)) &&
 102                     full_name[strlen(name)] == ',')
 103                         return &checksum_algos[i];
 104         }
 105
 106         return NULL;
 107 }
 108
 109 struct crypto_algo *image_get_crypto_algo(const char *full_name)
 110 {
 111         int i;
 112         const char *name;
 113
 114 #if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
 115         static bool done;
 116
 117         if (!done) {
 118                 done = true;
 119                 for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
 120                         crypto_algos[i].name += gd->reloc_off;
 121                         crypto_algos[i].sign += gd->reloc_off;
 122                         crypto_algos[i].add_verify_data += gd->reloc_off;
 123                         crypto_algos[i].verify += gd->reloc_off;
 124                 }
 125         }
 126 #endif
 127
 128         /* Move name to after the comma */
 129         name = strchr(full_name, ',');
 130         if (!name)
 131                 return NULL;
 132         name += 1;
 133
 134         for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
 135                 if (!strcmp(crypto_algos[i].name, name))
 136                         return &crypto_algos[i];
 137         }
 138
 139         return NULL;
 140 }
 141
 142 struct padding_algo *image_get_padding_algo(const char *name)
 143 {
 144         int i;
 145
 146         if (!name)
 147                 return NULL;
 148
 149         for (i = 0; i < ARRAY_SIZE(padding_algos); i++) {
 150                 if (!strcmp(padding_algos[i].name, name))
 151                         return &padding_algos[i];
 152         }
 153
 154         return NULL;
 155 }