common/image-sig.c

   1 // SPDX-License-Identifier: GPL-2.0+
   2 /*
   3  * Copyright (c) 2013, Google Inc.
   4  */
   5
   6 #ifdef USE_HOSTCC
   7 #include "mkimage.h"
   8 #include <time.h>
   9 #else
  10 #include <common.h>
  11 #include <malloc.h>
  12 DECLARE_GLOBAL_DATA_PTR;
  13 #endif /* !USE_HOSTCC*/
  14 #include <image.h>
  15 #include <u-boot/rsa.h>
  16 #include <u-boot/rsa-checksum.h>
  17
  18 #define IMAGE_MAX_HASHED_NODES          100
  19
  20 struct checksum_algo checksum_algos[] = {
  21         {
  22                 .name = "sha1",
  23                 .checksum_len = SHA1_SUM_LEN,
  24                 .der_len = SHA1_DER_LEN,
  25                 .der_prefix = sha1_der_prefix,
  26 #if IMAGE_ENABLE_SIGN
  27                 .calculate_sign = EVP_sha1,
  28 #endif
  29                 .calculate = hash_calculate,
  30         },
  31         {
  32                 .name = "sha256",
  33                 .checksum_len = SHA256_SUM_LEN,
  34                 .der_len = SHA256_DER_LEN,
  35                 .der_prefix = sha256_der_prefix,
  36 #if IMAGE_ENABLE_SIGN
  37                 .calculate_sign = EVP_sha256,
  38 #endif
  39                 .calculate = hash_calculate,
  40         }
  41
  42 };
  43
  44 struct crypto_algo crypto_algos[] = {
  45         {
  46                 .name = "rsa2048",
  47                 .key_len = RSA2048_BYTES,
  48                 .sign = rsa_sign,
  49                 .add_verify_data = rsa_add_verify_data,
  50                 .verify = rsa_verify,
  51         },
  52         {
  53                 .name = "rsa4096",
  54                 .key_len = RSA4096_BYTES,
  55                 .sign = rsa_sign,
  56                 .add_verify_data = rsa_add_verify_data,
  57                 .verify = rsa_verify,
  58         }
  59
  60 };
  61
  62 struct padding_algo padding_algos[] = {
  63         {
  64                 .name = "pkcs-1.5",
  65                 .verify = padding_pkcs_15_verify,
  66         },
  67 #ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
  68         {
  69                 .name = "pss",
  70                 .verify = padding_pss_verify,
  71         }
  72 #endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */
  73 };
  74
  75 struct checksum_algo *image_get_checksum_algo(const char *full_name)
  76 {
  77         int i;
  78         const char *name;
  79
  80 #if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
  81         static bool done;
  82
  83         if (!done) {
  84                 done = true;
  85                 for (i = 0; i < ARRAY_SIZE(checksum_algos); i++) {
  86                         checksum_algos[i].name += gd->reloc_off;
  87 #if IMAGE_ENABLE_SIGN
  88                         checksum_algos[i].calculate_sign += gd->reloc_off;
  89 #endif
  90                         checksum_algos[i].calculate += gd->reloc_off;
  91                 }
  92         }
  93 #endif
  94
  95         for (i = 0; i < ARRAY_SIZE(checksum_algos); i++) {
  96                 name = checksum_algos[i].name;
  97                 /* Make sure names match and next char is a comma */
  98                 if (!strncmp(name, full_name, strlen(name)) &&
  99                     full_name[strlen(name)] == ',')
 100                         return &checksum_algos[i];
 101         }
 102
 103         return NULL;
 104 }
 105
 106 struct crypto_algo *image_get_crypto_algo(const char *full_name)
 107 {
 108         int i;
 109         const char *name;
 110
 111 #if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
 112         static bool done;
 113
 114         if (!done) {
 115                 done = true;
 116                 for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
 117                         crypto_algos[i].name += gd->reloc_off;
 118                         crypto_algos[i].sign += gd->reloc_off;
 119                         crypto_algos[i].add_verify_data += gd->reloc_off;
 120                         crypto_algos[i].verify += gd->reloc_off;
 121                 }
 122         }
 123 #endif
 124
 125         /* Move name to after the comma */
 126         name = strchr(full_name, ',');
 127         if (!name)
 128                 return NULL;
 129         name += 1;
 130
 131         for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
 132                 if (!strcmp(crypto_algos[i].name, name))
 133                         return &crypto_algos[i];
 134         }
 135
 136         return NULL;
 137 }
 138
 139 struct padding_algo *image_get_padding_algo(const char *name)
 140 {
 141         int i;
 142
 143         if (!name)
 144                 return NULL;
 145
 146         for (i = 0; i < ARRAY_SIZE(padding_algos); i++) {
 147                 if (!strcmp(padding_algos[i].name, name))
 148                         return &padding_algos[i];
 149         }
 150
 151         return NULL;
 152 }