@ -72,32 +72,36 @@ struct crypto_algo crypto_algos[] = {
} ;
struct image_sig_algo image_sig_algos [ ] = {
{
" sha1,rsa2048 " ,
& crypto_algos [ 0 ] ,
& checksum_algos [ 0 ] ,
} ,
{
" sha256,rsa2048 " ,
& crypto_algos [ 0 ] ,
& checksum_algos [ 1 ] ,
} ,
{
" sha256,rsa4096 " ,
& crypto_algos [ 1 ] ,
& checksum_algos [ 1 ] ,
struct checksum_algo * image_get_checksum_algo ( const char * full_name )
{
int i ;
const char * name ;
for ( i = 0 ; i < ARRAY_SIZE ( checksum_algos ) ; i + + ) {
name = checksum_algos [ i ] . name ;
/* Make sure names match and next char is a comma */
if ( ! strncmp ( name , full_name , strlen ( name ) ) & &
full_name [ strlen ( name ) ] = = ' , ' )
return & checksum_algos [ i ] ;
}
} ;
return NULL ;
}
struct image_sig_algo * image_get_sig _algo( const char * name )
struct crypto_algo * image_get_crypto _algo( const char * full_ name)
{
int i ;
const char * name ;
/* Move name to after the comma */
name = strchr ( full_name , ' , ' ) ;
if ( ! name )
return NULL ;
name + = 1 ;
for ( i = 0 ; i < ARRAY_SIZE ( image_sig_algos ) ; i + + ) {
if ( ! strcmp ( image_sig_algos [ i ] . name , name ) )
return & image_sig_algos [ i ] ;
for ( i = 0 ; i < ARRAY_SIZE ( crypto _algos) ; i + + ) {
if ( ! strcmp ( crypto _algos[ i ] . name , name ) )
return & crypto _algos[ i ] ;
}
return NULL ;
@ -161,12 +165,14 @@ static int fit_image_setup_verify(struct image_sign_info *info,
info - > keyname = fdt_getprop ( fit , noffset , " key-name-hint " , NULL ) ;
info - > fit = ( void * ) fit ;
info - > node_offset = noffset ;
info - > algo = image_get_sig_algo ( algo_name ) ;
info - > name = algo_name ;
info - > checksum = image_get_checksum_algo ( algo_name ) ;
info - > crypto = image_get_crypto_algo ( algo_name ) ;
info - > fdt_blob = gd_fdt_blob ( ) ;
info - > required_keynode = required_keynode ;
printf ( " %s:%s " , algo_name , info - > keyname ) ;
if ( ! info - > alg o) {
if ( ! info - > checksum | | ! info - > crypt o) {
* err_msgp = " Unknown signature algorithm " ;
return - 1 ;
}
@ -196,8 +202,7 @@ int fit_image_check_sig(const void *fit, int noffset, const void *data,
region . data = data ;
region . size = size ;
if ( info . algo - > crypto - > verify ( & info , & region , 1 , fit_value ,
fit_value_len ) ) {
if ( info . crypto - > verify ( & info , & region , 1 , fit_value , fit_value_len ) ) {
* err_msgp = " Verification failed " ;
return - 1 ;
}
@ -378,8 +383,8 @@ int fit_config_check_sig(const void *fit, int noffset, int required_keynode,
struct image_region region [ count ] ;
fit_region_make_list ( fit , fdt_regions , count , region ) ;
if ( info . algo - > crypto - > verify ( & info , region , count , fit_value ,
fit_value_len ) ) {
if ( info . crypto - > verify ( & info , region , count , fit_value ,
fit_value_len ) ) {
* err_msgp = " Verification failed " ;
return - 1 ;
}