Merge patch series "rsa: Add rsa_verify_openssl() to use openssl for host builds"

Paul HENRYS <[email protected]> says: This serie of patches adds a new tool to authenticate files signed with a preload header. This tool is also used in the tests to actually verify the authenticity of the file signed with such a preload header. Link: https://lore.kernel.org/r/[email protected]
author: Tom Rini <[email protected]> 2025-02-28 16:51:10 -0600
committer: Tom Rini <[email protected]> 2025-02-28 16:51:10 -0600
commit: 5bc4240eb65c378eeca3f45069eeb125cd01ceed (patch)
tree: 9ed59cbf2b17e758d08bb1839ef81772db41a41a /include
parent: 962217d218cfb4e9584e2669f091eaba60654dd8 (diff)
parent: b9b87d01efc496d18bbc17c58c552d54a06ef6ba (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/include/image.h b/include/image.h
index 07912606f33..c1db8383459 100644
--- a/include/image.h
+++ b/include/image.h
@@ -1688,6 +1688,24 @@ struct sig_header_s {
  */
 int image_pre_load(ulong addr);
 
+#if defined(USE_HOSTCC)
+/**
+ * rsa_verify_openssl() - Verify a signature against some data with openssl API
+ *
+ * Verify a RSA PKCS1.5/PSS signature against an expected hash.
+ *
+ * @info:		Specifies the key and algorithms
+ * @region:		Pointer to the input data
+ * @region_count:	Number of region
+ * @sig:		Signature
+ * @sig_len:		Number of bytes in the signature
+ * Return: 0 if verified, -ve on error
+ */
+int rsa_verify_openssl(struct image_sign_info *info,
+		       const struct image_region region[], int region_count,
+		       uint8_t *sig, uint sig_len);
+#endif
+
 /**
  * fit_image_verify_required_sigs() - Verify signatures marked as 'required'
  *
author	Tom Rini <[email protected]>	2025-02-28 16:51:10 -0600
committer	Tom Rini <[email protected]>	2025-02-28 16:51:10 -0600
commit	5bc4240eb65c378eeca3f45069eeb125cd01ceed (patch)
tree	9ed59cbf2b17e758d08bb1839ef81772db41a41a /include
parent	962217d218cfb4e9584e2669f091eaba60654dd8 (diff)
parent	b9b87d01efc496d18bbc17c58c552d54a06ef6ba (diff)