#
b340199f |
|
10-Jun-2022 |
Tom Rini <trini@konsulko.com> |
spl: Ensure all SPL symbols in Kconfig have some SPL dependency Tighten up symbol dependencies in a number of places. Ensure that a SPL specific option has at least a direct dependency on SPL. In places where it's clear that we depend on something more specific, use that dependency instead. This means in a very small number of places we can drop redundant dependencies. Reported-by: Pali Rohár <pali@kernel.org> Signed-off-by: Tom Rini <trini@konsulko.com> |
#
f6bacf1d |
|
28-Mar-2022 |
Philippe Reynes <philippe.reynes@softathome.com> |
lib: rsa: allow rsa verify with pkey in SPL This commit adds the option SPL_RSA_VERIFY_WITH_PKEY. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> |
#
89c36cca |
|
27-Oct-2021 |
Chia-Wei Wang <chiawei_wang@aspeedtech.com> |
crypto: aspeed: Add AST2600 ACRY support ACRY is designed to accelerate ECC/RSA digital signature generation and verification. Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com> |
#
7ce83854 |
|
28-Aug-2021 |
Ricardo Salveti <ricardo@foundries.io> |
Kconfig: Don't use RSA_FREESCALE_EXP on MX7ULP The CAAM on IMX7ULP doesn't support public key hardware acceleration (PKHA), as in other NXP parts. Disable RSA_FREESCALE_EXP for IMX7ULP too. Fixed: f4e9ff7135 ("Kconfig: Don't use RSA_FREESCALE_EXP on IMX") Signed-off-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
#
d4f05b31 |
|
16-Sep-2021 |
Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
lib: rsa: fix dependency for SPL_RSA_VERIFY SPL_RSA_VERIFY requires SPL_RSA to be enabled. Add correct dependency. Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> |
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
39883af3 |
|
21-Apr-2018 |
Eugeniu Rosca <roscaeugeniu@gmail.com> |
lib/rsa: Kconfig: Remove superfluous 'depends on RSA' RSA_SOFTWARE_EXP and RSA_FREESCALE_EXP are wrapped inside: if RSA ... endif So, remove the redundant "depends on RSA" from their depends expression. In addition, move SPL_RSA into the same "if RSA ... endif" block, since its only direct dependeny is CONFIG_RSA. This tidies up and simplifies reading of lib/rsa/Kconfig. No functional change intended. Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
f4e9ff71 |
|
16-Mar-2017 |
George McCollister <george.mccollister@gmail.com> |
Kconfig: Don't use RSA_FREESCALE_EXP on IMX The CAAM in IMX parts doesn't support public key hardware acceleration (PKHA), so don't use RSA_FREESCALE_EXP. If you try to use it on IMX (assuming you have the clocks enabled first) you will get back an "Invalid KEY Command" error since PKHA isn't a valid key destination for these parts. Signed-off-by: George McCollister <george.mccollister@gmail.com> Reviewed-by: Tom Rini <trini@konsulko.com> |
#
51c14cd1 |
|
09-Jun-2016 |
Teddy Reed <teddy.reed@gmail.com> |
verified-boot: Minimal support for booting U-Boot proper from SPL This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation. The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Acked-by: Simon Glass <sjg@chromium.org> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Acked-by: Sumit Garg <sumit.garg@nxp.com> |
#
73223f0e |
|
22-Feb-2016 |
Simon Glass <sjg@chromium.org> |
Kconfig: Move CONFIG_FIT and related options to Kconfig There are already two FIT options in Kconfig but the CONFIG options are still in the header files. We need to do a proper move to fix this. Move these options to Kconfig and tidy up board configuration: CONFIG_FIT CONFIG_OF_BOARD_SETUP CONFIG_OF_SYSTEM_SETUP CONFIG_FIT_SIGNATURE CONFIG_FIT_BEST_MATCH CONFIG_FIT_VERBOSE CONFIG_OF_STDOUT_VIA_ALIAS CONFIG_RSA Unfortunately the first one is a little complicated. We need to make sure this option is not enabled in SPL by this change. Also this option is enabled automatically in the host builds by defining CONFIG_FIT in the image.h file. To solve this, add a new IMAGE_USE_FIT #define which can be used in files that are built on the host but must also build for U-Boot and SPL. Note: Masahiro's moveconfig.py script is amazing. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Add microblaze change, various configs/ re-applies] Signed-off-by: Tom Rini <trini@konsulko.com> |
#
d9f23c7f |
|
23-Jan-2015 |
Ruchika Gupta <ruchika.gupta@nxp.com> |
lib/rsa: Add Kconfig for devices supporting RSA Modular Exponentiation Kconfig option added for devices which support RSA Verification. 1. RSA_SOFTWARE_EXP Enables driver for supporting RSA Modular Exponentiation in Software 2. RSA_FREESCALE_EXP Enables driver for supporting RSA Modular Exponentiation using Freescale specific driver The above drivers use RSA uclass Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> Signed-off-by: Simon Glass <sjg@chromium.org> (Removed duplicate line in Kconfig comment) Change-Id: I7663c4d5350e2bfc3dfa2696f70ef777d6ccc6f6 |
#
f6bacf1d |
|
28-Mar-2022 |
Philippe Reynes <philippe.reynes@softathome.com> |
lib: rsa: allow rsa verify with pkey in SPL This commit adds the option SPL_RSA_VERIFY_WITH_PKEY. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> |
#
89c36cca |
|
27-Oct-2021 |
Chia-Wei Wang <chiawei_wang@aspeedtech.com> |
crypto: aspeed: Add AST2600 ACRY support ACRY is designed to accelerate ECC/RSA digital signature generation and verification. Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com> |
#
7ce83854 |
|
28-Aug-2021 |
Ricardo Salveti <ricardo@foundries.io> |
Kconfig: Don't use RSA_FREESCALE_EXP on MX7ULP The CAAM on IMX7ULP doesn't support public key hardware acceleration (PKHA), as in other NXP parts. Disable RSA_FREESCALE_EXP for IMX7ULP too. Fixed: f4e9ff7135 ("Kconfig: Don't use RSA_FREESCALE_EXP on IMX") Signed-off-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
#
d4f05b31 |
|
16-Sep-2021 |
Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
lib: rsa: fix dependency for SPL_RSA_VERIFY SPL_RSA_VERIFY requires SPL_RSA to be enabled. Add correct dependency. Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> |
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
39883af3 |
|
21-Apr-2018 |
Eugeniu Rosca <roscaeugeniu@gmail.com> |
lib/rsa: Kconfig: Remove superfluous 'depends on RSA' RSA_SOFTWARE_EXP and RSA_FREESCALE_EXP are wrapped inside: if RSA ... endif So, remove the redundant "depends on RSA" from their depends expression. In addition, move SPL_RSA into the same "if RSA ... endif" block, since its only direct dependeny is CONFIG_RSA. This tidies up and simplifies reading of lib/rsa/Kconfig. No functional change intended. Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
f4e9ff71 |
|
16-Mar-2017 |
George McCollister <george.mccollister@gmail.com> |
Kconfig: Don't use RSA_FREESCALE_EXP on IMX The CAAM in IMX parts doesn't support public key hardware acceleration (PKHA), so don't use RSA_FREESCALE_EXP. If you try to use it on IMX (assuming you have the clocks enabled first) you will get back an "Invalid KEY Command" error since PKHA isn't a valid key destination for these parts. Signed-off-by: George McCollister <george.mccollister@gmail.com> Reviewed-by: Tom Rini <trini@konsulko.com> |
#
51c14cd1 |
|
09-Jun-2016 |
Teddy Reed <teddy.reed@gmail.com> |
verified-boot: Minimal support for booting U-Boot proper from SPL This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation. The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Acked-by: Simon Glass <sjg@chromium.org> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Acked-by: Sumit Garg <sumit.garg@nxp.com> |
#
73223f0e |
|
22-Feb-2016 |
Simon Glass <sjg@chromium.org> |
Kconfig: Move CONFIG_FIT and related options to Kconfig There are already two FIT options in Kconfig but the CONFIG options are still in the header files. We need to do a proper move to fix this. Move these options to Kconfig and tidy up board configuration: CONFIG_FIT CONFIG_OF_BOARD_SETUP CONFIG_OF_SYSTEM_SETUP CONFIG_FIT_SIGNATURE CONFIG_FIT_BEST_MATCH CONFIG_FIT_VERBOSE CONFIG_OF_STDOUT_VIA_ALIAS CONFIG_RSA Unfortunately the first one is a little complicated. We need to make sure this option is not enabled in SPL by this change. Also this option is enabled automatically in the host builds by defining CONFIG_FIT in the image.h file. To solve this, add a new IMAGE_USE_FIT #define which can be used in files that are built on the host but must also build for U-Boot and SPL. Note: Masahiro's moveconfig.py script is amazing. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Add microblaze change, various configs/ re-applies] Signed-off-by: Tom Rini <trini@konsulko.com> |
#
d9f23c7f |
|
23-Jan-2015 |
Ruchika Gupta <ruchika.gupta@nxp.com> |
lib/rsa: Add Kconfig for devices supporting RSA Modular Exponentiation Kconfig option added for devices which support RSA Verification. 1. RSA_SOFTWARE_EXP Enables driver for supporting RSA Modular Exponentiation in Software 2. RSA_FREESCALE_EXP Enables driver for supporting RSA Modular Exponentiation using Freescale specific driver The above drivers use RSA uclass Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> Signed-off-by: Simon Glass <sjg@chromium.org> (Removed duplicate line in Kconfig comment) Change-Id: I7663c4d5350e2bfc3dfa2696f70ef777d6ccc6f6 |
#
89c36cca |
|
27-Oct-2021 |
Chia-Wei Wang <chiawei_wang@aspeedtech.com> |
crypto: aspeed: Add AST2600 ACRY support ACRY is designed to accelerate ECC/RSA digital signature generation and verification. Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com> |
#
7ce83854 |
|
28-Aug-2021 |
Ricardo Salveti <ricardo@foundries.io> |
Kconfig: Don't use RSA_FREESCALE_EXP on MX7ULP The CAAM on IMX7ULP doesn't support public key hardware acceleration (PKHA), as in other NXP parts. Disable RSA_FREESCALE_EXP for IMX7ULP too. Fixed: f4e9ff7135 ("Kconfig: Don't use RSA_FREESCALE_EXP on IMX") Signed-off-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
#
d4f05b31 |
|
16-Sep-2021 |
Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
lib: rsa: fix dependency for SPL_RSA_VERIFY SPL_RSA_VERIFY requires SPL_RSA to be enabled. Add correct dependency. Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> |
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
39883af3 |
|
21-Apr-2018 |
Eugeniu Rosca <roscaeugeniu@gmail.com> |
lib/rsa: Kconfig: Remove superfluous 'depends on RSA' RSA_SOFTWARE_EXP and RSA_FREESCALE_EXP are wrapped inside: if RSA ... endif So, remove the redundant "depends on RSA" from their depends expression. In addition, move SPL_RSA into the same "if RSA ... endif" block, since its only direct dependeny is CONFIG_RSA. This tidies up and simplifies reading of lib/rsa/Kconfig. No functional change intended. Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
f4e9ff71 |
|
16-Mar-2017 |
George McCollister <george.mccollister@gmail.com> |
Kconfig: Don't use RSA_FREESCALE_EXP on IMX The CAAM in IMX parts doesn't support public key hardware acceleration (PKHA), so don't use RSA_FREESCALE_EXP. If you try to use it on IMX (assuming you have the clocks enabled first) you will get back an "Invalid KEY Command" error since PKHA isn't a valid key destination for these parts. Signed-off-by: George McCollister <george.mccollister@gmail.com> Reviewed-by: Tom Rini <trini@konsulko.com> |
#
51c14cd1 |
|
09-Jun-2016 |
Teddy Reed <teddy.reed@gmail.com> |
verified-boot: Minimal support for booting U-Boot proper from SPL This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation. The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Acked-by: Simon Glass <sjg@chromium.org> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Acked-by: Sumit Garg <sumit.garg@nxp.com> |
#
73223f0e |
|
22-Feb-2016 |
Simon Glass <sjg@chromium.org> |
Kconfig: Move CONFIG_FIT and related options to Kconfig There are already two FIT options in Kconfig but the CONFIG options are still in the header files. We need to do a proper move to fix this. Move these options to Kconfig and tidy up board configuration: CONFIG_FIT CONFIG_OF_BOARD_SETUP CONFIG_OF_SYSTEM_SETUP CONFIG_FIT_SIGNATURE CONFIG_FIT_BEST_MATCH CONFIG_FIT_VERBOSE CONFIG_OF_STDOUT_VIA_ALIAS CONFIG_RSA Unfortunately the first one is a little complicated. We need to make sure this option is not enabled in SPL by this change. Also this option is enabled automatically in the host builds by defining CONFIG_FIT in the image.h file. To solve this, add a new IMAGE_USE_FIT #define which can be used in files that are built on the host but must also build for U-Boot and SPL. Note: Masahiro's moveconfig.py script is amazing. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Add microblaze change, various configs/ re-applies] Signed-off-by: Tom Rini <trini@konsulko.com> |
#
d9f23c7f |
|
23-Jan-2015 |
Ruchika Gupta <ruchika.gupta@nxp.com> |
lib/rsa: Add Kconfig for devices supporting RSA Modular Exponentiation Kconfig option added for devices which support RSA Verification. 1. RSA_SOFTWARE_EXP Enables driver for supporting RSA Modular Exponentiation in Software 2. RSA_FREESCALE_EXP Enables driver for supporting RSA Modular Exponentiation using Freescale specific driver The above drivers use RSA uclass Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> Signed-off-by: Simon Glass <sjg@chromium.org> (Removed duplicate line in Kconfig comment) Change-Id: I7663c4d5350e2bfc3dfa2696f70ef777d6ccc6f6 |
#
7ce83854 |
|
28-Aug-2021 |
Ricardo Salveti <ricardo@foundries.io> |
Kconfig: Don't use RSA_FREESCALE_EXP on MX7ULP The CAAM on IMX7ULP doesn't support public key hardware acceleration (PKHA), as in other NXP parts. Disable RSA_FREESCALE_EXP for IMX7ULP too. Fixed: f4e9ff7135 ("Kconfig: Don't use RSA_FREESCALE_EXP on IMX") Signed-off-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
#
d4f05b31 |
|
16-Sep-2021 |
Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
lib: rsa: fix dependency for SPL_RSA_VERIFY SPL_RSA_VERIFY requires SPL_RSA to be enabled. Add correct dependency. Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> |
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
39883af3 |
|
21-Apr-2018 |
Eugeniu Rosca <roscaeugeniu@gmail.com> |
lib/rsa: Kconfig: Remove superfluous 'depends on RSA' RSA_SOFTWARE_EXP and RSA_FREESCALE_EXP are wrapped inside: if RSA ... endif So, remove the redundant "depends on RSA" from their depends expression. In addition, move SPL_RSA into the same "if RSA ... endif" block, since its only direct dependeny is CONFIG_RSA. This tidies up and simplifies reading of lib/rsa/Kconfig. No functional change intended. Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
f4e9ff71 |
|
16-Mar-2017 |
George McCollister <george.mccollister@gmail.com> |
Kconfig: Don't use RSA_FREESCALE_EXP on IMX The CAAM in IMX parts doesn't support public key hardware acceleration (PKHA), so don't use RSA_FREESCALE_EXP. If you try to use it on IMX (assuming you have the clocks enabled first) you will get back an "Invalid KEY Command" error since PKHA isn't a valid key destination for these parts. Signed-off-by: George McCollister <george.mccollister@gmail.com> Reviewed-by: Tom Rini <trini@konsulko.com> |
#
51c14cd1 |
|
09-Jun-2016 |
Teddy Reed <teddy.reed@gmail.com> |
verified-boot: Minimal support for booting U-Boot proper from SPL This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation. The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Acked-by: Simon Glass <sjg@chromium.org> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Acked-by: Sumit Garg <sumit.garg@nxp.com> |
#
73223f0e |
|
22-Feb-2016 |
Simon Glass <sjg@chromium.org> |
Kconfig: Move CONFIG_FIT and related options to Kconfig There are already two FIT options in Kconfig but the CONFIG options are still in the header files. We need to do a proper move to fix this. Move these options to Kconfig and tidy up board configuration: CONFIG_FIT CONFIG_OF_BOARD_SETUP CONFIG_OF_SYSTEM_SETUP CONFIG_FIT_SIGNATURE CONFIG_FIT_BEST_MATCH CONFIG_FIT_VERBOSE CONFIG_OF_STDOUT_VIA_ALIAS CONFIG_RSA Unfortunately the first one is a little complicated. We need to make sure this option is not enabled in SPL by this change. Also this option is enabled automatically in the host builds by defining CONFIG_FIT in the image.h file. To solve this, add a new IMAGE_USE_FIT #define which can be used in files that are built on the host but must also build for U-Boot and SPL. Note: Masahiro's moveconfig.py script is amazing. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Add microblaze change, various configs/ re-applies] Signed-off-by: Tom Rini <trini@konsulko.com> |
#
d9f23c7f |
|
23-Jan-2015 |
Ruchika Gupta <ruchika.gupta@nxp.com> |
lib/rsa: Add Kconfig for devices supporting RSA Modular Exponentiation Kconfig option added for devices which support RSA Verification. 1. RSA_SOFTWARE_EXP Enables driver for supporting RSA Modular Exponentiation in Software 2. RSA_FREESCALE_EXP Enables driver for supporting RSA Modular Exponentiation using Freescale specific driver The above drivers use RSA uclass Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> Signed-off-by: Simon Glass <sjg@chromium.org> (Removed duplicate line in Kconfig comment) Change-Id: I7663c4d5350e2bfc3dfa2696f70ef777d6ccc6f6 |
#
d4f05b31 |
|
16-Sep-2021 |
Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
lib: rsa: fix dependency for SPL_RSA_VERIFY SPL_RSA_VERIFY requires SPL_RSA to be enabled. Add correct dependency. Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> |
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> |
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
39883af3 |
|
21-Apr-2018 |
Eugeniu Rosca <roscaeugeniu@gmail.com> |
lib/rsa: Kconfig: Remove superfluous 'depends on RSA' RSA_SOFTWARE_EXP and RSA_FREESCALE_EXP are wrapped inside: if RSA ... endif So, remove the redundant "depends on RSA" from their depends expression. In addition, move SPL_RSA into the same "if RSA ... endif" block, since its only direct dependeny is CONFIG_RSA. This tidies up and simplifies reading of lib/rsa/Kconfig. No functional change intended. Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Simon Glass <sjg@chromium.org> |
#
f4e9ff71 |
|
16-Mar-2017 |
George McCollister <george.mccollister@gmail.com> |
Kconfig: Don't use RSA_FREESCALE_EXP on IMX The CAAM in IMX parts doesn't support public key hardware acceleration (PKHA), so don't use RSA_FREESCALE_EXP. If you try to use it on IMX (assuming you have the clocks enabled first) you will get back an "Invalid KEY Command" error since PKHA isn't a valid key destination for these parts. Signed-off-by: George McCollister <george.mccollister@gmail.com> Reviewed-by: Tom Rini <trini@konsulko.com> |
#
51c14cd1 |
|
09-Jun-2016 |
Teddy Reed <teddy.reed@gmail.com> |
verified-boot: Minimal support for booting U-Boot proper from SPL This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation. The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Acked-by: Simon Glass <sjg@chromium.org> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Acked-by: Sumit Garg <sumit.garg@nxp.com> |
#
73223f0e |
|
22-Feb-2016 |
Simon Glass <sjg@chromium.org> |
Kconfig: Move CONFIG_FIT and related options to Kconfig There are already two FIT options in Kconfig but the CONFIG options are still in the header files. We need to do a proper move to fix this. Move these options to Kconfig and tidy up board configuration: CONFIG_FIT CONFIG_OF_BOARD_SETUP CONFIG_OF_SYSTEM_SETUP CONFIG_FIT_SIGNATURE CONFIG_FIT_BEST_MATCH CONFIG_FIT_VERBOSE CONFIG_OF_STDOUT_VIA_ALIAS CONFIG_RSA Unfortunately the first one is a little complicated. We need to make sure this option is not enabled in SPL by this change. Also this option is enabled automatically in the host builds by defining CONFIG_FIT in the image.h file. To solve this, add a new IMAGE_USE_FIT #define which can be used in files that are built on the host but must also build for U-Boot and SPL. Note: Masahiro's moveconfig.py script is amazing. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Add microblaze change, various configs/ re-applies] Signed-off-by: Tom Rini <trini@konsulko.com> |
#
d9f23c7f |
|
23-Jan-2015 |
Ruchika Gupta <ruchika.gupta@nxp.com> |
lib/rsa: Add Kconfig for devices supporting RSA Modular Exponentiation Kconfig option added for devices which support RSA Verification. 1. RSA_SOFTWARE_EXP Enables driver for supporting RSA Modular Exponentiation in Software 2. RSA_FREESCALE_EXP Enables driver for supporting RSA Modular Exponentiation using Freescale specific driver The above drivers use RSA uclass Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> Signed-off-by: Simon Glass <sjg@chromium.org> (Removed duplicate line in Kconfig comment) Change-Id: I7663c4d5350e2bfc3dfa2696f70ef777d6ccc6f6 |
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
e0d310b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
#
dd89f5b0 |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
b983cc2d |
|
20-Feb-2020 |
AKASHI Takahiro <takahiro.akashi@linaro.org> |
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
39883af3 |
|
21-Apr-2018 |
Eugeniu Rosca <roscaeugeniu@gmail.com> |
lib/rsa: Kconfig: Remove superfluous 'depends on RSA' RSA_SOFTWARE_EXP and RSA_FREESCALE_EXP are wrapped inside: if RSA ... endif So, remove the redundant "depends on RSA" from their depends expression. In addition, move SPL_RSA into the same "if RSA ... endif" block, since its only direct dependeny is CONFIG_RSA. This tidies up and simplifies reading of lib/rsa/Kconfig. No functional change intended. Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
f4e9ff71 |
|
16-Mar-2017 |
George McCollister <george.mccollister@gmail.com> |
Kconfig: Don't use RSA_FREESCALE_EXP on IMX The CAAM in IMX parts doesn't support public key hardware acceleration (PKHA), so don't use RSA_FREESCALE_EXP. If you try to use it on IMX (assuming you have the clocks enabled first) you will get back an "Invalid KEY Command" error since PKHA isn't a valid key destination for these parts. Signed-off-by: George McCollister <george.mccollister@gmail.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
51c14cd1 |
|
09-Jun-2016 |
Teddy Reed <teddy.reed@gmail.com> |
verified-boot: Minimal support for booting U-Boot proper from SPL This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation. The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Acked-by: Simon Glass <sjg@chromium.org> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Acked-by: Sumit Garg <sumit.garg@nxp.com>
|
#
73223f0e |
|
22-Feb-2016 |
Simon Glass <sjg@chromium.org> |
Kconfig: Move CONFIG_FIT and related options to Kconfig There are already two FIT options in Kconfig but the CONFIG options are still in the header files. We need to do a proper move to fix this. Move these options to Kconfig and tidy up board configuration: CONFIG_FIT CONFIG_OF_BOARD_SETUP CONFIG_OF_SYSTEM_SETUP CONFIG_FIT_SIGNATURE CONFIG_FIT_BEST_MATCH CONFIG_FIT_VERBOSE CONFIG_OF_STDOUT_VIA_ALIAS CONFIG_RSA Unfortunately the first one is a little complicated. We need to make sure this option is not enabled in SPL by this change. Also this option is enabled automatically in the host builds by defining CONFIG_FIT in the image.h file. To solve this, add a new IMAGE_USE_FIT #define which can be used in files that are built on the host but must also build for U-Boot and SPL. Note: Masahiro's moveconfig.py script is amazing. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Add microblaze change, various configs/ re-applies] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
d9f23c7f |
|
23-Jan-2015 |
Ruchika Gupta <ruchika.gupta@freescale.com> |
lib/rsa: Add Kconfig for devices supporting RSA Modular Exponentiation Kconfig option added for devices which support RSA Verification. 1. RSA_SOFTWARE_EXP Enables driver for supporting RSA Modular Exponentiation in Software 2. RSA_FREESCALE_EXP Enables driver for supporting RSA Modular Exponentiation using Freescale specific driver The above drivers use RSA uclass Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> Signed-off-by: Simon Glass <sjg@chromium.org> (Removed duplicate line in Kconfig comment) Change-Id: I7663c4d5350e2bfc3dfa2696f70ef777d6ccc6f6
|