Merge patch series "Add preload_check_sign tool"

Paul HENRYS <[email protected]> says: This serie of patches adds a new tool to authenticate files signed with a preload header. This tool is also used in the tests to actually verify the authenticity of the file signed with such a preload header. Link: https://lore.kernel.org/r/[email protected]
author: Tom Rini <[email protected]> 2025-02-21 08:34:34 -0600
committer: Tom Rini <[email protected]> 2025-02-21 11:37:27 -0600
commit: c8750efe02c20725388dd4279896aaf306acfad4 (patch)
tree: 54c9405d7019e51e7654d4ef4c4c1026fba8f02a /include
parent: 8c6cf8aeea7e57ca686de8b765e4baf3a7ef1fa7 (diff)
parent: a9842ac6347e2e0e7f6f8b66b5fe254739cdd298 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/include/image.h b/include/image.h
index 8a9f779d3ff..54b1557d6c6 100644
--- a/include/image.h
+++ b/include/image.h
@@ -1687,6 +1687,24 @@ struct sig_header_s {
  */
 int image_pre_load(ulong addr);
 
+#if defined(USE_HOSTCC)
+/**
+ * rsa_verify_openssl() - Verify a signature against some data with openssl API
+ *
+ * Verify a RSA PKCS1.5/PSS signature against an expected hash.
+ *
+ * @info:		Specifies the key and algorithms
+ * @region:		Pointer to the input data
+ * @region_count:	Number of region
+ * @sig:		Signature
+ * @sig_len:		Number of bytes in the signature
+ * Return: 0 if verified, -ve on error
+ */
+int rsa_verify_openssl(struct image_sign_info *info,
+		       const struct image_region region[], int region_count,
+		       uint8_t *sig, uint sig_len);
+#endif
+
 /**
  * fit_image_verify_required_sigs() - Verify signatures marked as 'required'
  *
author	Tom Rini <[email protected]>	2025-02-21 08:34:34 -0600
committer	Tom Rini <[email protected]>	2025-02-21 11:37:27 -0600
commit	c8750efe02c20725388dd4279896aaf306acfad4 (patch)
tree	54c9405d7019e51e7654d4ef4c4c1026fba8f02a /include
parent	8c6cf8aeea7e57ca686de8b765e4baf3a7ef1fa7 (diff)
parent	a9842ac6347e2e0e7f6f8b66b5fe254739cdd298 (diff)