@@ -38,7 +38,7 @@ struct checksum_algo checksum_algos[] = {
#if IMAGE_ENABLE_SIGN
EVP_sha1,
#endif
- sha1_calculate,
+ hash_calculate,
padding_sha1_rsa2048,
},
{
@@ -48,7 +48,7 @@ struct checksum_algo checksum_algos[] = {
#if IMAGE_ENABLE_SIGN
EVP_sha256,
#endif
- sha256_calculate,
+ hash_calculate,
padding_sha256_rsa2048,
},
{
@@ -58,7 +58,7 @@ struct checksum_algo checksum_algos[] = {
#if IMAGE_ENABLE_SIGN
EVP_sha256,
#endif
- sha256_calculate,
+ hash_calculate,
padding_sha256_rsa4096,
}
@@ -926,8 +926,9 @@ struct checksum_algo {
#if IMAGE_ENABLE_SIGN
const EVP_MD *(*calculate_sign)(void);
#endif
- void (*calculate)(const struct image_region region[],
- int region_count, uint8_t *checksum);
+ int (*calculate)(const char *name,
+ const struct image_region region[],
+ int region_count, uint8_t *checksum);
const uint8_t *rsa_padding;
};
@@ -16,9 +16,8 @@ extern const uint8_t padding_sha256_rsa4096[];
extern const uint8_t padding_sha256_rsa2048[];
extern const uint8_t padding_sha1_rsa2048[];
-void sha256_calculate(const struct image_region region[], int region_count,
- uint8_t *checksum);
-void sha1_calculate(const struct image_region region[], int region_count,
- uint8_t *checksum);
+int hash_calculate(const char *name,
+ const struct image_region region[], int region_count,
+ uint8_t *checksum);
#endif
@@ -10,12 +10,13 @@
#include <asm/byteorder.h>
#include <asm/errno.h>
#include <asm/unaligned.h>
+#include <hash.h>
#else
#include "fdt_host.h"
-#endif
-#include <u-boot/rsa.h>
#include <u-boot/sha1.h>
#include <u-boot/sha256.h>
+#endif
+#include <u-boot/rsa.h>
/* PKCS 1.5 paddings as described in the RSA PKCS#1 v2.1 standard. */
@@ -136,7 +137,33 @@ const uint8_t padding_sha256_rsa4096[RSA4096_BYTES - SHA256_SUM_LEN] = {
0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20
};
-void sha1_calculate(const struct image_region region[], int region_count,
+#ifndef USE_HOSTCC
+int hash_calculate(const char *name,
+ const struct image_region region[],
+ int region_count, uint8_t *checksum)
+{
+ struct hash_algo *algo;
+ int ret = 0;
+ void *ctx;
+ uint32_t i;
+ i = 0;
+
+ ret = hash_progressive_lookup_algo(name, &algo);
+ if (ret)
+ return ret;
+
+ algo->hash_init(algo, &ctx);
+ for (i = 0; i < region_count - 1; i++)
+ algo->hash_update(algo, ctx, region[i].data, region[i].size, 0);
+
+ algo->hash_update(algo, ctx, region[i].data, region[i].size, 1);
+ algo->hash_finish(algo, ctx, checksum, algo->digest_size);
+
+ return 0;
+}
+
+#else
+int sha1_calculate(const struct image_region region[], int region_count,
uint8_t *checksum)
{
sha1_context ctx;
@@ -147,9 +174,11 @@ void sha1_calculate(const struct image_region region[], int region_count,
for (i = 0; i < region_count; i++)
sha1_update(&ctx, region[i].data, region[i].size);
sha1_finish(&ctx, checksum);
+
+ return 0;
}
-void sha256_calculate(const struct image_region region[], int region_count,
+int sha256_calculate(const struct image_region region[], int region_count,
uint8_t *checksum)
{
sha256_context ctx;
@@ -160,4 +189,20 @@ void sha256_calculate(const struct image_region region[], int region_count,
for (i = 0; i < region_count; i++)
sha256_update(&ctx, region[i].data, region[i].size);
sha256_finish(&ctx, checksum);
+
+ return 0;
}
+
+int hash_calculate(const char *name,
+ const struct image_region region[], int region_count,
+ uint8_t *checksum)
+{
+ if (!strcmp(name, "sha1"))
+ sha1_calculate(region, region_count, checksum);
+
+ if (!strcmp(name, "sha256"))
+ sha256_calculate(region, region_count, checksum);
+
+ return 0;
+}
+#endif
@@ -142,7 +142,8 @@ int rsa_verify(struct image_sign_info *info,
}
/* Calculate checksum with checksum-algorithm */
- info->algo->checksum->calculate(region, region_count, hash);
+ info->algo->checksum->calculate(info->algo->checksum->name,
+ region, region_count, hash);
/* See if we must use a particular key */
if (info->required_keynode != -1) {
Currently the hash functions used in RSA are called directly from the sha1 and sha256 libraries. Change the RSA checksum library to use the progressive hash API's registered with struct hash_algo. This will allow the checksum library to use the support of hardware accelerated progressive hash API's once available. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> CC: Simon Glass <sjg@chromium.org> --- Changes in v2: Added generic function hash_calculate. Pass an additional argument as name of algorithm. common/image-sig.c | 6 ++--- include/image.h | 5 ++-- include/u-boot/rsa-checksum.h | 7 +++--- lib/rsa/rsa-checksum.c | 53 +++++++++++++++++++++++++++++++++++++++---- lib/rsa/rsa-verify.c | 3 ++- 5 files changed, 60 insertions(+), 14 deletions(-)