From: Jan Kiszka <jan.kiszka@siemens.com>
Date: Fri, 31 Oct 2025 09:35:16 +0000 (+0100)
Subject: tools: key2dtsi: Write out modulus and r-squared with the correct length
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=77905c333e4fa1093154984cc65575b5cb7cc97d;p=thirdparty%2Fu-boot.git

tools: key2dtsi: Write out modulus and r-squared with the correct length

Align the implementation to rsa_add_verify_data() by writing the modulus
and r-squared properties with the same length as the key itself. This
fixes signature verification issues when one of the parameters has
leading zeros.

Reported-by: Hans Gfirtner (Nokia) <hans.gfirtner@nokia.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---

diff --git a/tools/key2dtsi.py b/tools/key2dtsi.py
index 1dbb2cc94bf..320ea930a97 100755
--- a/tools/key2dtsi.py
+++ b/tools/key2dtsi.py
@@ -11,10 +11,8 @@ from os.path import basename, splitext
 from Cryptodome.PublicKey import RSA
 from Cryptodome.Util.number import inverse
 
-def int_to_bytestr(n, length=None):
-    if not length:
-        length = (n.bit_length() + 7) // 8
-    byte_array = n.to_bytes(length, 'big')
+def int_to_bytestr(n, bits):
+    byte_array = n.to_bytes(bits // 8, 'big')
     return ' '.join(['{:02x}'.format(byte) for byte in byte_array])
 
 ap = ArgumentParser(description='Public key to dtsi converter')
@@ -39,7 +37,8 @@ key_name, _ = splitext(basename(args.key_file.name))
 key_data = args.key_file.read()
 key = RSA.importKey(key_data)
 
-r_squared = (2**key.size_in_bits())**2 % key.n
+key_bits = key.size_in_bits()
+r_squared = (2**key_bits)**2 % key.n
 n0_inverse = 2**32 - inverse(key.n, 2**32)
 
 out = args.dtsi_file
@@ -47,11 +46,13 @@ out.write('/ {\n')
 out.write('\tsignature {\n')
 out.write('\t\tkey-{} {{\n'.format(key_name))
 out.write('\t\t\tkey-name-hint = "{}";\n'.format(key_name))
-out.write('\t\t\talgo = "{},rsa{}";\n'.format(args.hash, key.size_in_bits()))
-out.write('\t\t\trsa,num-bits = <{}>;\n'.format(key.size_in_bits()))
-out.write('\t\t\trsa,modulus = [{}];\n'.format(int_to_bytestr(key.n)))
-out.write('\t\t\trsa,exponent = [{}];\n'.format(int_to_bytestr(key.e, 8)))
-out.write('\t\t\trsa,r-squared = [{}];\n'.format(int_to_bytestr(r_squared)))
+out.write('\t\t\talgo = "{},rsa{}";\n'.format(args.hash, key_bits))
+out.write('\t\t\trsa,num-bits = <{}>;\n'.format(key_bits))
+out.write('\t\t\trsa,modulus = [{}];\n'.format(int_to_bytestr(key.n,
+                                                              key_bits)))
+out.write('\t\t\trsa,exponent = [{}];\n'.format(int_to_bytestr(key.e, 64)))
+out.write('\t\t\trsa,r-squared = [{}];\n'.format(int_to_bytestr(r_squared,
+                                                                key_bits)))
 out.write('\t\t\trsa,n0-inverse = <0x{:x}>;\n'.format(n0_inverse))
 if args.required_conf:
     out.write('\t\t\trequired = "conf";\n')