u-boot.git/include/u-boot, branch v2021.01 Unnamed repository; edit this file 'description' to name the repository. xilinx: zynq: Change types from u32 to uint32_t 2020-10-27T07:13:33+00:00 Michal Simek michal.simek@xilinx.com 2020-10-22T08:59:08+00:00 c2a2c83278666cacb85761b8db55a3de8031c459 Change parameter type to avoid compilation error: In file included from ./tools/../lib/rsa/rsa-verify.c:23:0, from tools/lib/rsa/rsa-verify.c:1: include/u-boot/rsa-mod-exp.h:69:18: error: unknown type name ‘u32’; did you mean ‘__u32’? int zynq_pow_mod(u32 *keyptr, u32 *inout); ^~~ __u32 include/u-boot/rsa-mod-exp.h:69:31: error: unknown type name ‘u32’; did you mean ‘__u32’? int zynq_pow_mod(u32 *keyptr, u32 *inout); ^~~ __u32 Fixes: 37e3a36a5475 ("xilinx: zynq: Add support to secure images") Signed-off-by: Michal Simek <michal.simek@xilinx.com> 
Change parameter type to avoid compilation error:
In file included from ./tools/../lib/rsa/rsa-verify.c:23:0,
                 from tools/lib/rsa/rsa-verify.c:1:
include/u-boot/rsa-mod-exp.h:69:18: error: unknown type name ‘u32’; did you mean ‘__u32’?
 int zynq_pow_mod(u32 *keyptr, u32 *inout);
                  ^~~
                  __u32
include/u-boot/rsa-mod-exp.h:69:31: error: unknown type name ‘u32’; did you mean ‘__u32’?
 int zynq_pow_mod(u32 *keyptr, u32 *inout);
                               ^~~
                               __u32

Fixes: 37e3a36a5475 ("xilinx: zynq: Add support to secure images")
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
fit: cipher: aes: allow to store the IV in the FIT image 2020-10-13T01:30:37+00:00 Philippe Reynes philippe.reynes@softathome.com 2020-09-17T13:01:46+00:00 a6982a6f768bdcf4bd0848ff4dbe68c2fd6599fb Binaries may be encrypted in a FIT image with AES. This algo needs a key and an IV (Initialization Vector). The IV is provided in a file (pointer by iv-name-hint in the ITS file) when building the ITB file. This commits adds provide an alternative way to manage the IV. If the property iv-name-hint is not provided in the ITS file, the tool mkimage will generate an random IV and store it in the FIT image. Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> 
Binaries may be encrypted in a FIT image with AES. This
algo needs a key and an IV (Initialization Vector). The
IV is provided in a file (pointer by iv-name-hint in the
ITS file) when building the ITB file.

This commits adds provide an alternative way to manage
the IV. If the property iv-name-hint is not provided in
the ITS file, the tool mkimage will generate an random
IV and store it in the FIT image.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
include/u-boot, lib/zlib: add sources for zlib decompression 2020-08-08T02:31:32+00:00 Joao Marcos Costa joaomarcos.costa@bootlin.com 2020-07-30T13:33:49+00:00 81014f73f0906a70bd710ed8d7e8559e1fd8f400 Add zlib (v1.2.11) uncompr() function to U-Boot. SquashFS depends on this function to decompress data from a raw disk image. The actual support for zlib into SquashFS sources will be added in a follow-up commit. Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com> 
Add zlib (v1.2.11) uncompr() function to U-Boot. SquashFS depends on
this function to decompress data from a raw disk image. The actual
support for zlib into SquashFS sources will be added in a follow-up
commit.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
lib: rsa: export rsa_verify_with_pkey() 2020-07-11T21:14:16+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2020-06-16T05:26:48+00:00 491bfe86062464b892386e8c8dfe0069975ecedc This function will be used to implement public_key_verify_signature() in a later patch. rsa_verify() is not suitable here because calculation of message digest is not necessary. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
This function will be used to implement public_key_verify_signature()
in a later patch. rsa_verify() is not suitable here because calculation
of message digest is not necessary.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
lib: rsa: function to verify a signature against a hash 2020-07-08T21:21:46+00:00 Heiko Stuebner heiko.stuebner@theobroma-systems.com 2020-05-22T14:20:33+00:00 c89b41b4db4a746647c4f0e6d33c6f4edfe96e38 rsa_verify() expects a memory region and wants to do the hashing itself, but there may be cases where the hashing is done via other means, like hashing a squashfs rootfs. So add rsa_verify_hash() to allow verifiying a signature against an existing hash. As this entails the same verification routines we can just move the relevant code over from rsa_verify() and also call rsa_verify_hash() from there. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> 
rsa_verify() expects a memory region and wants to do the hashing itself,
but there may be cases where the hashing is done via other means,
like hashing a squashfs rootfs.

So add rsa_verify_hash() to allow verifiying a signature against
an existing hash. As this entails the same verification routines
we can just move the relevant code over from rsa_verify() and also
call rsa_verify_hash() from there.

Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Add support for SHA384 and SHA512 2020-06-12T17:14:07+00:00 Reuben Dowle reubendowle0@gmail.com 2020-04-16T05:36:52+00:00 d16b38f42704fe3cc94fbee1601be96045013151 The current recommendation for best security practice from the US government is to use SHA384 for TOP SECRET [1]. This patch adds support for SHA384 and SHA512 in the hash command, and also allows FIT images to be hashed with these algorithms, and signed with sha384,rsaXXXX and sha512,rsaXXXX The SHA implementation is adapted from the linux kernel implementation. [1] Commercial National Security Algorithm Suite http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com> 
The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].

This patch adds support for SHA384 and SHA512 in the hash command, and also
allows FIT images to be hashed with these algorithms, and signed with
sha384,rsaXXXX and sha512,rsaXXXX

The SHA implementation is adapted from the linux kernel implementation.

[1] Commercial National Security Algorithm Suite
http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm

Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
lib: rsa: generate additional parameters for public key 2020-03-12T12:20:39+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2020-02-21T06:12:58+00:00 e0d310b098b1e3dd2ad4e0e4efbbb81b90ae4bc7 In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> 
In the current implementation of FIT_SIGNATURE, five parameters for
a RSA public key are required while only two of them are essential.
(See rsa-mod-exp.h and uImage.FIT/signature.txt)
This is a result of considering relatively limited computer power
and resources on embedded systems, while such a assumption may not
be quite practical for other use cases.

In this patch, added is a function, rsa_gen_key_prop(), which will
generate additional parameters for other uses, in particular
UEFI secure boot, on the fly.

Note: the current code uses some "big number" routines from BearSSL
for the calculation.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
u-boot: fit: add support to decrypt fit with aes 2020-01-17T15:16:29+00:00 Philippe Reynes philippe.reynes@softathome.com 2019-12-18T17:25:42+00:00 4df3578119b043d76b86b50077b06898fc2a4f62 This commit add to u-boot the support to decrypt fit image encrypted with aes. The FIT image contains the key name and the IV name. Then u-boot look for the key and IV in his device tree and decrypt images before moving to the next stage. Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> 
This commit add to u-boot the support to decrypt
fit image encrypted with aes. The FIT image contains
the key name and the IV name. Then u-boot look for
the key and IV in his device tree and decrypt images
before moving to the next stage.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
mkimage: fit: add support to encrypt image with aes 2020-01-17T15:15:49+00:00 Philippe Reynes philippe.reynes@softathome.com 2019-12-18T17:25:41+00:00 7298e422504ef4455160216b9b7a1baa1169283f This commit add the support of encrypting image with aes in mkimage. To enable the ciphering, a node cipher with a reference to a key and IV (Initialization Vector) must be added to the its file. Then mkimage add the encrypted image to the FIT and add the key and IV to the u-boot device tree. Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> 
This commit add the support of encrypting image with aes
in mkimage. To enable the ciphering, a node cipher with
a reference to a key and IV (Initialization Vector) must
be added to the its file. Then mkimage add the encrypted
image to the FIT and add the key and IV to the u-boot
device tree.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
include/u-boot/crc.h: pull 'uint' definition on musl targets 2020-01-03T14:47:10+00:00 Sergei Trofimovich slyfox@gentoo.org 2019-12-30T15:53:42+00:00 c6ad93612ac90e99ae19103146d1128fef4030ea The build failure was originally reported on arm64-musl target at https://bugs.gentoo.org/703132. Here is the amd64-musl variant: ``` $ LANG=C make CROSS_COMPILE=x86_64-gentoo-linux-musl- tools-only_defconfig -j$(nproc) $ LANG=C make CROSS_COMPILE=x86_64-gentoo-linux-musl- tools-all -j$(nproc) ... include/u-boot/crc.h:37:44: error: unknown type name 'uint'; did you mean 'int'? 37 | void crc16_ccitt_wd_buf(const uint8_t *in, uint len, | ^~~~ | int ``` Note: 'uint' is not defined there. On glibc 'uint' comes from <sys/types.h> and happens to work on most .c files. The change imports 'uint' declaration from '<compiler.h>'. Bug: https://bugs.gentoo.org/703132 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> 
The build failure was originally reported on arm64-musl
target at https://bugs.gentoo.org/703132. Here is the amd64-musl
variant:

```
$ LANG=C make CROSS_COMPILE=x86_64-gentoo-linux-musl- tools-only_defconfig -j$(nproc)
$ LANG=C make CROSS_COMPILE=x86_64-gentoo-linux-musl- tools-all            -j$(nproc)
...
include/u-boot/crc.h:37:44: error: unknown type name 'uint'; did you mean 'int'?
   37 | void crc16_ccitt_wd_buf(const uint8_t *in, uint len,
      |                                            ^~~~
      |                                            int
```

Note: 'uint' is not defined there.

On glibc 'uint' comes from <sys/types.h> and happens to work on most .c files.

The change imports 'uint' declaration from '<compiler.h>'.

Bug: https://bugs.gentoo.org/703132
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>