u-boot.git/lib/rsa, branch v2022.04 Unnamed repository; edit this file 'description' to name the repository. lib: rsa: use actual OpenSSL 1.1.0 EVP MD API 2022-03-04T20:20:07+00:00 Yann Droneaud ydroneaud@opteya.com 2022-03-01T15:12:34+00:00 9b5ad4f5da756939eac4123fc347af533eeb339e Since OpenSSL 1.1.0, EVP_MD_CTX_create() is EVP_MD_CTX_new() EVP_MD_CTX_destroy() is EVP_MD_CTX_free() EVP_MD_CTX_init() is EVP_MD_CTX_reset() As there's no need to reset a newly created EVP_MD_CTX, moreover EVP_DigestSignInit() does the reset, thus call to EVP_MD_CTX_init() can be dropped. As there's no need to reset an EVP_MD_CTX before it's destroyed, as it will be reset by EVP_MD_CTX_free(), call to EVP_MD_CTX_reset() is not needed and can be dropped. Signed-off-by: Yann Droneaud <ydroneaud@opteya.com> 
Since OpenSSL 1.1.0, EVP_MD_CTX_create() is EVP_MD_CTX_new()
                     EVP_MD_CTX_destroy() is EVP_MD_CTX_free()
                     EVP_MD_CTX_init() is EVP_MD_CTX_reset()

As there's no need to reset a newly created EVP_MD_CTX, moreover
EVP_DigestSignInit() does the reset, thus call to EVP_MD_CTX_init()
can be dropped.
As there's no need to reset an EVP_MD_CTX before it's destroyed,
as it will be reset by EVP_MD_CTX_free(), call to EVP_MD_CTX_reset()
is not needed and can be dropped.

Signed-off-by: Yann Droneaud <ydroneaud@opteya.com>
rsa: adds rsa3072 algorithm 2022-01-28T22:58:41+00:00 Jamin Lin jamin_lin@aspeedtech.com 2022-01-19T08:23:21+00:00 2a4b0d5890deb0c973f8db7bb03adad96aff1050 Add to support rsa 3072 bits algorithm in tools for image sign at host side and adds rsa 3072 bits verification in the image binary. Add test case in vboot for sha384 with rsa3072 algorithm testing. Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
Add to support rsa 3072 bits algorithm in tools
for image sign at host side and adds rsa 3072 bits
verification in the image binary.

Add test case in vboot for sha384 with rsa3072 algorithm testing.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
image: Return destination node for add_verify_data() method 2022-01-26T15:50:44+00:00 Simon Glass sjg@chromium.org 2021-11-12T19:28:11+00:00 c033dc8c0c4b744e028e124f88be4829309c75d1 It is useful to know where the verification data was written. Update the API to return this. Signed-off-by: Simon Glass <sjg@chromium.org> 
It is useful to know where the verification data was written. Update the
API to return this.

Signed-off-by: Simon Glass <sjg@chromium.org>
rsa: Add debugging for failure cases 2022-01-26T15:50:37+00:00 Simon Glass sjg@chromium.org 2021-11-12T19:28:02+00:00 c3675583e93b0529a024bf63020e5f518f988a6a Add some more debugging to make it easier to see what is being tried and what fails. Fix a few comment styles while here. Signed-off-by: Simon Glass <sjg@chromium.org> 
Add some more debugging to make it easier to see what is being tried and
what fails. Fix a few comment styles while here.

Signed-off-by: Simon Glass <sjg@chromium.org>
doc: replace @return by Return: 2022-01-19T17:11:34+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2022-01-19T17:05:50+00:00 185f812c419f1b4f0d10d9787d59cf9f11a2a600 Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Sphinx expects Return: and not @return to indicate a return value.

find . -name '*.c' -exec \
sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \;

find . -name '*.h' -exec \
sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \;

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Merge branch 'next' 2022-01-10T19:01:57+00:00 Tom Rini trini@konsulko.com 2022-01-10T19:01:57+00:00 fe04d885fb540b614a2f989e16e808b300ccb52e Signed-off-by: Tom Rini <trini@konsulko.com> 
Signed-off-by: Tom Rini <trini@konsulko.com>
lib/rsa: avoid -Wdiscarded-qualifiers 2022-01-10T13:13:24+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2022-01-09T14:39:40+00:00 675c3ccc5c7842966eb536202bfe0a398d7d04cb The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *. Our code drops the const qualifier leading to In file included from tools/lib/rsa/rsa-sign.c:1: ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’: ./tools/../lib/rsa/rsa-sign.c:631:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 631 | rsa = EVP_PKEY_get0_RSA(pkey); | ^ Add a type conversion. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
Our code drops the const qualifier leading to

In file included from tools/lib/rsa/rsa-sign.c:1:
./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
./tools/../lib/rsa/rsa-sign.c:631:13: warning:
assignment discards ‘const’ qualifier from pointer target type
[-Wdiscarded-qualifiers]
  631 |         rsa = EVP_PKEY_get0_RSA(pkey);
      |             ^

Add a type conversion.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Merge tag 'u-boot-amlogic-20220107' of https://source.denx.de/u-boot/custodians/u-boot-amlogic into next 2022-01-09T12:56:31+00:00 Tom Rini trini@konsulko.com 2022-01-09T12:56:31+00:00 0dadad6d7c5769d6258baeaf1b8db843b0dfa01f - disable CONFIG_NET_RANDOM_ETHADDR when unnecessary on amlogic based configs - meson64_android: add board specific env settings, in order to support VIM3/L for android - add changes to support VIM3/L android boot by using meson64_android.h config 
- disable CONFIG_NET_RANDOM_ETHADDR when unnecessary on amlogic based configs
- meson64_android: add board specific env settings, in order to support VIM3/L for android
- add changes to support VIM3/L android boot by using meson64_android.h config
tools: avoid OpenSSL deprecation warnings 2021-12-26T05:57:20+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2021-12-18T10:25:12+00:00 3a8b919932fdf07b6fefc1e76abb086984909be9 Our Gitlab CI buildsystem is set up to treat warnings as errors. With OpenSSL 3.0 a lot of deprecation warnings occur. With the patch compatibility with OpenSSL 1.1.1 is declared. In the long run we should upgrade our code to use the current API. A -Wdiscarded-qualifiers warning is muted by casting. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Our Gitlab CI buildsystem is set up to treat warnings as errors.
With OpenSSL 3.0 a lot of deprecation warnings occur.

With the patch compatibility with OpenSSL 1.1.1 is declared.
In the long run we should upgrade our code to use the current API.

A -Wdiscarded-qualifiers warning is muted by casting.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
crypto: aspeed: Add AST2600 ACRY support 2021-11-17T22:05:00+00:00 Chia-Wei Wang chiawei_wang@aspeedtech.com 2021-10-27T06:17:30+00:00 89c36cca0b697d80a6ed063b945d66cc59a761a8 ACRY is designed to accelerate ECC/RSA digital signature generation and verification. Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com> 
ACRY is designed to accelerate ECC/RSA digital signature
generation and verification.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>