u-boot.git/lib/rsa/rsa-verify.c, branch master Unnamed repository; edit this file 'description' to name the repository. lib: rsa: use FIT_ALGO_PROP constant instead of "algo" in FIT 2025-12-16T17:39:38+00:00 Quentin Schulz quentin.schulz@cherry.de 2025-12-03T16:19:33+00:00 883359e152d5000943411ef7d2daaec6c137f47d Some FIT image properties have their string represented in include/image.h via constants. FIT_ALGO_PROP does exist and would fit the bill so let's use it instead of using a hardcoded string. Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de> 
Some FIT image properties have their string represented in
include/image.h via constants. FIT_ALGO_PROP does exist and would fit the
bill so let's use it instead of using a hardcoded string.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
rsa: update doxygen doc for RSA signature verification to mention PSS 2025-11-11T20:53:25+00:00 Quentin Schulz quentin.schulz@cherry.de 2025-10-31T17:08:24+00:00 c50f6b11b3242adba0c8a3a6a50082a2eca01772 While the verification step originally only supported PKCS1.5 as padding algorithm for the signature, it was later extended to add support for PSS but the doxygen doc wasn't updated to reflect that so let's fix that oversight. Fixes: 061daa0b61f0 ("rsa: add support of padding pss") Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de> 
While the verification step originally only supported PKCS1.5 as padding
algorithm for the signature, it was later extended to add support for
PSS but the doxygen doc wasn't updated to reflect that so let's fix
that oversight.

Fixes: 061daa0b61f0 ("rsa: add support of padding pss")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
rsa: rename FIT_RSASSA_PSS to RSASSA_PSS and move symbols under lib/rsa 2025-11-11T20:53:25+00:00 Quentin Schulz quentin.schulz@cherry.de 2025-10-31T17:08:23+00:00 360dd89b361dde2a0bbad65763538e1eea7d3c94 This renames FIT_RSASSA_PSS symbols to drop the FIT_ prefix to avoid potential confusion since there's nothing FIT specific to those symbols. It also isn't really related to booting, so boot/Kconfig is an odd place for them to live. Since they make sense only in relation with RSA, simply move them to lib/rsa where it makes more sense for them to reside. Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de> 
This renames FIT_RSASSA_PSS symbols to drop the FIT_ prefix to avoid
potential confusion since there's nothing FIT specific to those symbols.

It also isn't really related to booting, so boot/Kconfig is an odd place
for them to live. Since they make sense only in relation with RSA,
simply move them to lib/rsa where it makes more sense for them to
reside.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
lib: rsa: fix compilation error without openssl 2025-06-22T16:16:39+00:00 Shiji Yang yangshiji66@outlook.com 2025-06-19T16:38:17+00:00 961e260cdcd01d68c8dae87eef67e116f1a67aed The symbol TOOLS_IMAGE_PRE_LOAD doesn't depend on TOOLS_LIBCRYPTO. If we choose to build tools without openssl, rsa_verify_openssl() will attempt to call the unavailable openssl library functions. Fixes: 942c8c8e6697 ("rsa: Add rsa_verify_openssl() to use openssl for host builds") Signed-off-by: Shiji Yang <yangshiji66@outlook.com> 
The symbol TOOLS_IMAGE_PRE_LOAD doesn't depend on TOOLS_LIBCRYPTO.
If we choose to build tools without openssl, rsa_verify_openssl()
will attempt to call the unavailable openssl library functions.

Fixes: 942c8c8e6697 ("rsa: Add rsa_verify_openssl() to use openssl for host builds")
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
lib: rsa: add NULL check for 'algo' in 2025-03-13T20:23:09+00:00 Anton Moryakov ant.v.moryakov@gmail.com 2025-02-25T13:53:27+00:00 babc6eef2f48970f394816c955a4a7481ce8df80 - Check return value of fdt_getprop for NULL. - Return -EFAULT if 'algo' property is missing. - Prevent NULL pointer dereference in strcmp." Triggers found by static analyzer Svace. Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com> 
- Check return value of fdt_getprop for NULL.
- Return -EFAULT if 'algo' property is missing.
- Prevent NULL pointer dereference in strcmp."

Triggers found by static analyzer Svace.

Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
rsa: Add rsa_verify_openssl() to use openssl for host builds 2025-02-28T22:51:01+00:00 Paul HENRYS paul.henrys_ext@softathome.com 2025-02-24T21:20:50+00:00 942c8c8e669739d2e8dec67a7ed90158defc93ed rsa_verify_openssl() is used in lib/rsa/rsa-verify.c to authenticate data when building host tools. Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com> 
rsa_verify_openssl() is used in lib/rsa/rsa-verify.c to authenticate data
when building host tools.

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
lib: add missing line breaks in debug messages 2024-04-10T15:34:53+00:00 Maxim Moskalets maximmosk4@gmail.com 2024-03-30T11:11:21+00:00 0ceb1f4cb7e4cab060da29215773d12dca1332ec Add missing line breaks to improve debug log readability. Signed-off-by: Maxim Moskalets <maximmosk4@gmail.com> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Add missing line breaks to improve debug log readability.

Signed-off-by: Maxim Moskalets <maximmosk4@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
lib: Remove <common.h> inclusion from these files 2023-12-21T13:54:37+00:00 Tom Rini trini@konsulko.com 2023-12-14T18:16:58+00:00 467382ca03758e4f3f13107e3a83669e93a7461e After some header file cleanups to add missing include files, remove common.h from all files in the lib directory. This primarily means just dropping the line but in a few cases we need to add in other header files now. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com> 
After some header file cleanups to add missing include files, remove
common.h from all files in the lib directory. This primarily means just
dropping the line but in a few cases we need to add in other header
files now.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
global: Restrict use of '#include <linux/kconfig.h>' 2023-12-21T13:54:05+00:00 Tom Rini trini@konsulko.com 2023-12-14T12:16:54+00:00 b106961c2e4e7f339485a401ebb06c936fc432ee In general terms, we -include include/linux/kconfig.h and so normal U-Boot code does not need to also #include it. However, for code which is shared with userspace we may need to add it so that either our full config is available or so that macros such as CONFIG_IS_ENABLED() can be evaluated. In this case make sure that we guard these includes with a test for USE_HOSTCC so that it clear as to why we're doing this. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com> 
In general terms, we -include include/linux/kconfig.h and so normal
U-Boot code does not need to also #include it. However, for code which
is shared with userspace we may need to add it so that either our full
config is available or so that macros such as CONFIG_IS_ENABLED() can be
evaluated. In this case make sure that we guard these includes with a
test for USE_HOSTCC so that it clear as to why we're doing this.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
rsa-verify: Rework host check for CONFIG_RSA_VERIFY_WITH_PKEY 2022-12-23T15:07:03+00:00 Tom Rini trini@konsulko.com 2022-12-06T18:51:21+00:00 137de2cf0dc62d574de7363dd4ac7cc1f4848fcf While we do not want to use CONFIG_RSA_VERIFY_WITH_PKEY on the host, we cannot undef the symbol in this manner. As this ends up being a test within another function we can use !tools_build() as a test here. Cc: AKASHI Takahiro <takahiro.akashi@linaro.org> Cc: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
While we do not want to use CONFIG_RSA_VERIFY_WITH_PKEY on the host, we
cannot undef the symbol in this manner. As this ends up being a test
within another function we can use !tools_build() as a test here.

Cc: AKASHI Takahiro <takahiro.akashi@linaro.org>
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>