random-mirrors/smaeul-u-boot
1
0
Fork 0
mirror of https://github.com/smaeul/u-boot.git synced 2025-11-04 05:50:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
smaeul-u-boot/include/u-boot/rsa-mod-exp.h
AKASHI Takahiro e0d310b098 lib: rsa: generate additional parameters for public key 
In the current implementation of FIT_SIGNATURE, five parameters for
a RSA public key are required while only two of them are essential.
(See rsa-mod-exp.h and uImage.FIT/signature.txt)
This is a result of considering relatively limited computer power
and resources on embedded systems, while such a assumption may not
be quite practical for other use cases.

In this patch, added is a function, rsa_gen_key_prop(), which will
generate additional parameters for other uses, in particular
UEFI secure boot, on the fly.

Note: the current code uses some "big number" routines from BearSSL
for the calculation.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-03-12 08:20:39 -04:00

102 lines
3.0 KiB
C
Raw Blame History

/* SPDX-License-Identifier: GPL-2.0+ */
/*
* Copyright 2014 Freescale Semiconductor, Inc.
*/
#ifndef _RSA_MOD_EXP_H
#define _RSA_MOD_EXP_H
#include <errno.h>
#include <image.h>
/**
* struct key_prop - holder for a public key properties
*
* The struct has pointers to modulus (Typically called N),
* The inverse, R^2, exponent. These can be typecasted and
* used as byte arrays or converted to the required format
* as per requirement of RSA implementation.
*/
struct key_prop {
const void *rr; /* R^2 can be treated as byte array */
const void *modulus; /* modulus as byte array */
const void *public_exponent; /* public exponent as byte array */
uint32_t n0inv; /* -1 / modulus[0] mod 2^32 */
int num_bits; /* Key length in bits */
uint32_t exp_len; /* Exponent length in number of uint8_t */
};
/**
* rsa_gen_key_prop() - Generate key properties of RSA public key
* @key: Specifies key data in DER format
* @keylen: Length of @key
* @prop: Generated key property
*
* This function takes a blob of encoded RSA public key data in DER
* format, parse it and generate all the relevant properties
* in key_prop structure.
* Return a pointer to struct key_prop in @prop on success.
*
* Return: 0 on success, negative on error
*/
int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **proc);
/**
* rsa_free_key_prop() - Free key properties
* @prop: Pointer to struct key_prop
*
* This function frees all the memories allocated by rsa_gen_key_prop().
*/
void rsa_free_key_prop(struct key_prop *prop);
/**
* rsa_mod_exp_sw() - Perform RSA Modular Exponentiation in sw
*
* Operation: out[] = sig ^ exponent % modulus
*
* @sig: RSA PKCS1.5 signature
* @sig_len: Length of signature in number of bytes
* @node: Node with RSA key elements like modulus, exponent, R^2, n0inv
* @out: Result in form of byte array of len equal to sig_len
*/
int rsa_mod_exp_sw(const uint8_t *sig, uint32_t sig_len,
struct key_prop *node, uint8_t *out);
int rsa_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
struct key_prop *node, uint8_t *out);
#if defined(CONFIG_CMD_ZYNQ_RSA)
int zynq_pow_mod(u32 *keyptr, u32 *inout);
#endif
/**
* struct struct mod_exp_ops - Driver model for RSA Modular Exponentiation
* operations
*
* The uclass interface is implemented by all crypto devices which use
* driver model.
*/
struct mod_exp_ops {
/**
* Perform Modular Exponentiation
*
* Operation: out[] = sig ^ exponent % modulus
*
* @dev: RSA Device
* @sig: RSA PKCS1.5 signature
* @sig_len: Length of signature in number of bytes
* @node: Node with RSA key elements like modulus, exponent,
* R^2, n0inv
* @out: Result in form of byte array of len equal to sig_len
*
* This function computes exponentiation over the signature.
* Returns: 0 if exponentiation is successful, or a negative value
* if it wasn't.
*/
int (*mod_exp)(struct udevice *dev, const uint8_t *sig,
uint32_t sig_len, struct key_prop *node,
uint8_t *outp);
};
#endif
Reference in New Issue View Git Blame Copy Permalink