u-boot.git/lib/rsa, branch v2016.09 Unnamed repository; edit this file 'description' to name the repository. tools, rsa: Further minor cleanups on top of c236ebd and 2b9ec7 2016-07-25T16:01:36+00:00 mario.six@gdsys.cc mario.six@gdsys.cc 2016-07-22T06:58:40+00:00 713fb2dcb24537073171fc84528044a3ba081817 [NOTE: I took v1 of these patches in, and then v2 came out, this commit is squashing the minor deltas from v1 -> v2 of updates to c236ebd and 2b9ec76 into this commit - trini] - Added an additional NULL check, as suggested by Simon Glass to fit_image_process_sig - Re-formatted the comment blocks Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org> [For merging the chnages from v2 back onto v1] Signed-off-by: Tom Rini <trini@konsulko.com> 
[NOTE: I took v1 of these patches in, and then v2 came out, this commit
is squashing the minor deltas from v1 -> v2 of updates to c236ebd and
2b9ec76 into this commit - trini]

- Added an additional NULL check, as suggested by Simon Glass to
  fit_image_process_sig
- Re-formatted the comment blocks

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
[For merging the chnages from v2 back onto v1]
Signed-off-by: Tom Rini <trini@konsulko.com>
rsa: Fix return value and masked error 2016-07-22T18:46:24+00:00 mario.six@gdsys.cc mario.six@gdsys.cc 2016-07-19T09:07:07+00:00 2b9ec762c4fb5c0f933f5b3380ef9f5c353d0eef When signing images, we repeatedly call fit_add_file_data() with successively increasing size values to include the keys in the DTB. Unfortunately, if large keys are used (such as 4096 bit RSA keys), this process fails sometimes, and mkimage needs to be called repeatedly to integrate the keys into the DTB. This is because fit_add_file_data actually returns the wrong error code, and the loop terminates prematurely, instead of trying again with a larger size value. This patch corrects the return value by fixing the return value of fdt_add_bignum, fixes a case where an error is masked by a unconditional setting of a return value variable, and also removes a error message, which is misleading, since we actually allow the function to fail. A (hopefully helpful) comment is also added to explain the lack of error message. This is probably related to 1152a05 ("tools: Correct error handling in fit_image_process_hash()") and the corresponding error reported here: https://www.mail-archive.com/u-boot@lists.denx.de/msg217417.html Signed-off-by: Mario Six <mario.six@gdsys.cc> 
When signing images, we repeatedly call fit_add_file_data() with
successively increasing size values to include the keys in the DTB.

Unfortunately, if large keys are used (such as 4096 bit RSA keys), this
process fails sometimes, and mkimage needs to be called repeatedly to
integrate the keys into the DTB.

This is because fit_add_file_data actually returns the wrong error
code, and the loop terminates prematurely, instead of trying again with
a larger size value.

This patch corrects the return value by fixing the return value of
fdt_add_bignum, fixes a case where an error is masked by a unconditional
setting of a return value variable, and also removes a error message,
which is misleading, since we actually allow the function to fail. A
(hopefully helpful) comment is also added to explain the lack of error
message.

This is probably related to 1152a05 ("tools: Correct error handling in
fit_image_process_hash()") and the corresponding error reported here:

https://www.mail-archive.com/u-boot@lists.denx.de/msg217417.html

Signed-off-by: Mario Six <mario.six@gdsys.cc>
verified-boot: Minimal support for booting U-Boot proper from SPL 2016-06-12T17:14:58+00:00 Teddy Reed teddy.reed@gmail.com 2016-06-10T02:18:44+00:00 51c14cd128f4355514397dc3c8647fb14f7d8ff4 This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation. The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Acked-by: Simon Glass <sjg@chromium.org> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Acked-by: Sumit Garg <sumit.garg@nxp.com> 
This allows a board to configure verified boot within the SPL using
a FIT or FIT with external data. It also allows the SPL to perform
signature verification without needing relocation.

The board configuration will need to add the following feature defines:
CONFIG_SPL_CRYPTO_SUPPORT
CONFIG_SPL_HASH_SUPPORT
CONFIG_SPL_SHA256

In this example, SHA256 is the only selected hashing algorithm.

And the following booleans:
CONFIG_SPL=y
CONFIG_SPL_DM=y
CONFIG_SPL_LOAD_FIT=y
CONFIG_SPL_FIT=y
CONFIG_SPL_OF_CONTROL=y
CONFIG_SPL_OF_LIBFDT=y
CONFIG_SPL_FIT_SIGNATURE=y

Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
Acked-by: Andreas Dannenberg <dannenberg@ti.com>
Acked-by: Sumit Garg <sumit.garg@nxp.com>
Kconfig: Move CONFIG_FIT and related options to Kconfig 2016-03-14T23:18:07+00:00 Simon Glass sjg@chromium.org 2016-02-23T05:55:43+00:00 73223f0e1bd0e37925ae1b7f21b51733145571dc There are already two FIT options in Kconfig but the CONFIG options are still in the header files. We need to do a proper move to fix this. Move these options to Kconfig and tidy up board configuration: CONFIG_FIT CONFIG_OF_BOARD_SETUP CONFIG_OF_SYSTEM_SETUP CONFIG_FIT_SIGNATURE CONFIG_FIT_BEST_MATCH CONFIG_FIT_VERBOSE CONFIG_OF_STDOUT_VIA_ALIAS CONFIG_RSA Unfortunately the first one is a little complicated. We need to make sure this option is not enabled in SPL by this change. Also this option is enabled automatically in the host builds by defining CONFIG_FIT in the image.h file. To solve this, add a new IMAGE_USE_FIT #define which can be used in files that are built on the host but must also build for U-Boot and SPL. Note: Masahiro's moveconfig.py script is amazing. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Add microblaze change, various configs/ re-applies] Signed-off-by: Tom Rini <trini@konsulko.com> 
There are already two FIT options in Kconfig but the CONFIG options are
still in the header files. We need to do a proper move to fix this.

Move these options to Kconfig and tidy up board configuration:

   CONFIG_FIT
   CONFIG_OF_BOARD_SETUP
   CONFIG_OF_SYSTEM_SETUP
   CONFIG_FIT_SIGNATURE
   CONFIG_FIT_BEST_MATCH
   CONFIG_FIT_VERBOSE
   CONFIG_OF_STDOUT_VIA_ALIAS
   CONFIG_RSA

Unfortunately the first one is a little complicated. We need to make sure
this option is not enabled in SPL by this change. Also this option is
enabled automatically in the host builds by defining CONFIG_FIT in the
image.h file. To solve this, add a new IMAGE_USE_FIT #define which can
be used in files that are built on the host but must also build for U-Boot
and SPL.

Note: Masahiro's moveconfig.py script is amazing.

Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Add microblaze change, various configs/ re-applies]
Signed-off-by: Tom Rini <trini@konsulko.com>
rsa : Compile Modular Exponentiation files based on CONFIG_RSA_SOFTWARE_EXP 2015-03-05T20:04:59+00:00 gaurav rana gaurav.rana@freescale.com 2015-02-27T03:40:06+00:00 ccf288612f9c66d592df241ba3c05ead92a45972 Remove dependency of rsa_mod_exp from CONFIG_FIT_SIGNATURE. As rsa modular exponentiation is an independent module and can be invoked independently. Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com> Acked-by: Simon Glass <sjg@chromium.org> Reviewed-by: York Sun <yorksun@freescale.com> 
Remove dependency of rsa_mod_exp from CONFIG_FIT_SIGNATURE.
As rsa modular exponentiation is an independent module
and can be invoked independently.

Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Acked-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <yorksun@freescale.com>
rsa: Use checksum algorithms from struct hash_algo 2015-01-30T00:09:59+00:00 Ruchika Gupta ruchika.gupta@freescale.com 2015-01-23T10:31:59+00:00 b37b46f042ccfcfb97a9ef8b8a568812640a2a70 Currently the hash functions used in RSA are called directly from the sha1 and sha256 libraries. Change the RSA checksum library to use the progressive hash API's registered with struct hash_algo. This will allow the checksum library to use the hardware accelerated progressive hash API's once available. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> Signed-off-by: Simon Glass <sjg@chromium.org> (Fixed build error in am335x_boneblack_vboot due to duplicate CONFIG_DM) Change-Id: Ic44279432f88d4e8594c6e94feb1cfcae2443a54 
Currently the hash functions used in RSA are called directly from the sha1
and sha256 libraries. Change the RSA checksum library to use the progressive
hash API's registered with struct hash_algo. This will allow the checksum
library to use the hardware accelerated progressive hash API's once available.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
(Fixed build error in am335x_boneblack_vboot due to duplicate CONFIG_DM)

Change-Id: Ic44279432f88d4e8594c6e94feb1cfcae2443a54
lib/rsa: Add Kconfig for devices supporting RSA Modular Exponentiation 2015-01-30T00:09:59+00:00 Ruchika Gupta ruchika.gupta@freescale.com 2015-01-23T10:31:56+00:00 d9f23c7fe20fced0a84713d5084a6d2896463257 Kconfig option added for devices which support RSA Verification. 1. RSA_SOFTWARE_EXP Enables driver for supporting RSA Modular Exponentiation in Software 2. RSA_FREESCALE_EXP Enables driver for supporting RSA Modular Exponentiation using Freescale specific driver The above drivers use RSA uclass Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> Signed-off-by: Simon Glass <sjg@chromium.org> (Removed duplicate line in Kconfig comment) Change-Id: I7663c4d5350e2bfc3dfa2696f70ef777d6ccc6f6 
Kconfig option added for devices which support RSA Verification.
1. RSA_SOFTWARE_EXP
Enables driver for supporting RSA Modular Exponentiation in Software
2. RSA_FREESCALE_EXP
Enables driver for supporting RSA Modular Exponentiation using Freescale specific
driver

The above drivers use RSA uclass

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
(Removed duplicate line in Kconfig comment)

Change-Id: I7663c4d5350e2bfc3dfa2696f70ef777d6ccc6f6
lib/rsa: Modify rsa to use DM driver 2015-01-30T00:09:58+00:00 Ruchika Gupta ruchika.gupta@freescale.com 2015-01-23T10:31:54+00:00 c937ff6dc2ee3fcd8f97087427fe8ba5086852c4 Modify rsa_verify to use the rsa driver of DM library .The tools will continue to use the same RSA sw library. CONFIG_RSA is now dependent on CONFIG_DM. All configurations which enable FIT based signatures have been modified to enable CONFIG_DM by default. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> 
Modify rsa_verify to use the rsa driver of DM library .The tools
will continue to use the same RSA sw library.

CONFIG_RSA is now dependent on CONFIG_DM. All configurations which
enable FIT based signatures have been modified to enable CONFIG_DM
by default.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
rsa: Split the rsa-verify to separate the modular exponentiation 2015-01-30T00:09:58+00:00 Ruchika Gupta ruchika.gupta@freescale.com 2015-01-23T10:31:50+00:00 fc2f4246b4b3b750e8c5aa08440ec5e1c952088e Public exponentiation which is required in rsa verify functionality is tightly integrated with verification code in rsa_verify.c. The patch splits the file into twp separating the modular exponentiation. 1. rsa-verify.c - The file parses device tree keys node to fill a keyprop structure. The keyprop structure can then be converted to implementation specific format. (struct rsa_pub_key for sw implementation) - The parsed device tree node is then passed to a generic rsa_mod_exp function. 2. rsa-mod-exp.c Move the software specific functions related to modular exponentiation from rsa-verify.c to this file. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> 
Public exponentiation which is required in rsa verify functionality is
tightly integrated with verification code in rsa_verify.c. The patch
splits the file into twp separating the modular exponentiation.

1. rsa-verify.c
- The file parses device tree keys node to fill a keyprop structure.
The keyprop structure can then be converted to implementation specific
format.
(struct rsa_pub_key for sw implementation)
- The parsed device tree node is then passed to a generic rsa_mod_exp
function.

2. rsa-mod-exp.c
Move the software specific functions related to modular exponentiation
from rsa-verify.c to this file.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
rsa: Fix two errors in the implementation 2014-08-09T15:17:04+00:00 Simon Glass sjg@chromium.org 2014-07-30T16:00:17+00:00 542671623129f1db947801d2756186b501c98c49 1. Failure to set the return code correctly 2. Failure to detect the loop end condition when the value is equal to the modulus. Reported-by: Jeroen Hofstee <jeroen@myspectrum.nl> Signed-off-by: Simon Glass <sjg@chromium.org> 
1. Failure to set the return code correctly
2. Failure to detect the loop end condition when the value is equal to
the modulus.

Reported-by: Jeroen Hofstee <jeroen@myspectrum.nl>
Signed-off-by: Simon Glass <sjg@chromium.org>