mirror of
https://github.com/Telecominfraproject/OpenCellular.git
synced 2025-11-23 17:55:01 +00:00
e166d04e79
This is the first of several CLs adding a more memory- and code-efficient firmware verification library. This CL adds the crypto library (modified from firmware/lib/cryptolib) and unit tests for it. BUG=chromium:370082 BRANCH=none TEST=make clean && VBOOT2=1 COV=1 make Change-Id: I4240eab227bb197cacc6c8e7a6397127d74414a2 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/199578 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
83 lines
2.2 KiB
C
83 lines
2.2 KiB
C
/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
|
|
* Use of this source code is governed by a BSD-style license that can be
|
|
* found in the LICENSE file.
|
|
*/
|
|
|
|
#ifndef VBOOT_REFERENCE_2RSA_H_
|
|
#define VBOOT_REFERENCE_2RSA_H_
|
|
|
|
struct vb2_workbuf;
|
|
|
|
/* Algorithms for crypto lib */
|
|
enum vb2_crypto_algorithm {
|
|
VB2_ALG_RSA1024_SHA1 = 0,
|
|
VB2_ALG_RSA1024_SHA256,
|
|
VB2_ALG_RSA1024_SHA512,
|
|
VB2_ALG_RSA2048_SHA1,
|
|
VB2_ALG_RSA2048_SHA256,
|
|
VB2_ALG_RSA2048_SHA512,
|
|
VB2_ALG_RSA4096_SHA1,
|
|
VB2_ALG_RSA4096_SHA256,
|
|
VB2_ALG_RSA4096_SHA512,
|
|
VB2_ALG_RSA8192_SHA1,
|
|
VB2_ALG_RSA8192_SHA256,
|
|
VB2_ALG_RSA8192_SHA512,
|
|
// TODO: add algorithms for bare SHA with no RSA?
|
|
|
|
/* Number of algorithms */
|
|
VB2_ALG_COUNT
|
|
};
|
|
|
|
/* Public key structure in RAM */
|
|
struct vb2_public_key {
|
|
uint32_t arrsize; /* Length of n[] and rr[] in number of uint32_t */
|
|
uint32_t n0inv; /* -1 / n[0] mod 2^32 */
|
|
const uint32_t *n; /* Modulus as little endian array */
|
|
const uint32_t *rr; /* R^2 as little endian array */
|
|
uint32_t algorithm; /* Algorithm to use when verifying with the key */
|
|
};
|
|
|
|
/**
|
|
* Return the size of a RSA signature
|
|
*
|
|
* @param algorithm Key algorithm
|
|
* @return The size of the signature, or 0 if error.
|
|
*/
|
|
uint32_t vb2_rsa_sig_size(uint32_t algorithm);
|
|
|
|
/**
|
|
* Return the size of a pre-processed RSA public key.
|
|
*
|
|
* @param algorithm Key algorithm
|
|
* @return The size of the preprocessed key, or 0 if error.
|
|
*/
|
|
uint32_t vb2_packed_key_size(uint32_t algorithm);
|
|
|
|
/**
|
|
* Check pkcs 1.5 padding bytes
|
|
*
|
|
* @param sig Signature to verify
|
|
* @param algorithm Key algorithm
|
|
* @return VB2_SUCCESS, or non-zero if error.
|
|
*/
|
|
int vb2_check_padding(uint8_t *sig, int algorithm);
|
|
|
|
/* Size of work buffer sufficient for vb2_verify_digest() worst case */
|
|
#define VB2_VERIFY_DIGEST_WORKBUF_BYTES (3 * 1024)
|
|
|
|
/**
|
|
* Verify a RSA PKCS1.5 signature against an expected hash digest.
|
|
*
|
|
* @param key Key to use in signature verification
|
|
* @param sig Signature to verify (destroyed in process)
|
|
* @param digest Digest of signed data
|
|
* @param wb Work buffer
|
|
* @return VB2_SUCCESS, or non-zero if error.
|
|
*/
|
|
int vb2_verify_digest(const struct vb2_public_key *key,
|
|
uint8_t *sig,
|
|
const uint8_t *digest,
|
|
struct vb2_workbuf *wb);
|
|
|
|
#endif /* VBOOT_REFERENCE_2RSA_H_ */
|