1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright (c) 2013, Google Inc.
4 */
5
6 #ifdef USE_HOSTCC
7 #include "mkimage.h"
8 #include <fdt_support.h>
9 #include <time.h>
10 #include <linux/libfdt.h>
11 #else
12 #include <common.h>
13 #include <log.h>
14 #include <malloc.h>
15 #include <asm/global_data.h>
16 DECLARE_GLOBAL_DATA_PTR;
17 #endif /* !USE_HOSTCC*/
18 #include <image.h>
19 #include <u-boot/ecdsa.h>
20 #include <u-boot/rsa.h>
21 #include <u-boot/hash-checksum.h>
22
23 #define IMAGE_MAX_HASHED_NODES 100
24
25 struct checksum_algo checksum_algos[] = {
26 {
27 .name = "sha1",
28 .checksum_len = SHA1_SUM_LEN,
29 .der_len = SHA1_DER_LEN,
30 .der_prefix = sha1_der_prefix,
31 #if IMAGE_ENABLE_SIGN
32 .calculate_sign = EVP_sha1,
33 #endif
34 .calculate = hash_calculate,
35 },
36 {
37 .name = "sha256",
38 .checksum_len = SHA256_SUM_LEN,
39 .der_len = SHA256_DER_LEN,
40 .der_prefix = sha256_der_prefix,
41 #if IMAGE_ENABLE_SIGN
42 .calculate_sign = EVP_sha256,
43 #endif
44 .calculate = hash_calculate,
45 },
46 #ifdef CONFIG_SHA384
47 {
48 .name = "sha384",
49 .checksum_len = SHA384_SUM_LEN,
50 .der_len = SHA384_DER_LEN,
51 .der_prefix = sha384_der_prefix,
52 #if IMAGE_ENABLE_SIGN
53 .calculate_sign = EVP_sha384,
54 #endif
55 .calculate = hash_calculate,
56 },
57 #endif
58 #ifdef CONFIG_SHA512
59 {
60 .name = "sha512",
61 .checksum_len = SHA512_SUM_LEN,
62 .der_len = SHA512_DER_LEN,
63 .der_prefix = sha512_der_prefix,
64 #if IMAGE_ENABLE_SIGN
65 .calculate_sign = EVP_sha512,
66 #endif
67 .calculate = hash_calculate,
68 },
69 #endif
70
71 };
72
73 struct crypto_algo crypto_algos[] = {
74 {
75 .name = "rsa2048",
76 .key_len = RSA2048_BYTES,
77 .sign = rsa_sign,
78 .add_verify_data = rsa_add_verify_data,
79 .verify = rsa_verify,
80 },
81 {
82 .name = "rsa4096",
83 .key_len = RSA4096_BYTES,
84 .sign = rsa_sign,
85 .add_verify_data = rsa_add_verify_data,
86 .verify = rsa_verify,
87 },
88 {
89 .name = "ecdsa256",
90 .key_len = ECDSA256_BYTES,
91 .sign = ecdsa_sign,
92 .add_verify_data = ecdsa_add_verify_data,
93 .verify = ecdsa_verify,
94 },
95 };
96
97 struct padding_algo padding_algos[] = {
98 {
99 .name = "pkcs-1.5",
100 .verify = padding_pkcs_15_verify,
101 },
102 #ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
103 {
104 .name = "pss",
105 .verify = padding_pss_verify,
106 }
107 #endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */
108 };
109
image_get_checksum_algo(const char * full_name)110 struct checksum_algo *image_get_checksum_algo(const char *full_name)
111 {
112 int i;
113 const char *name;
114
115 #if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
116 static bool done;
117
118 if (!done) {
119 done = true;
120 for (i = 0; i < ARRAY_SIZE(checksum_algos); i++) {
121 checksum_algos[i].name += gd->reloc_off;
122 #if IMAGE_ENABLE_SIGN
123 checksum_algos[i].calculate_sign += gd->reloc_off;
124 #endif
125 checksum_algos[i].calculate += gd->reloc_off;
126 }
127 }
128 #endif
129
130 for (i = 0; i < ARRAY_SIZE(checksum_algos); i++) {
131 name = checksum_algos[i].name;
132 /* Make sure names match and next char is a comma */
133 if (!strncmp(name, full_name, strlen(name)) &&
134 full_name[strlen(name)] == ',')
135 return &checksum_algos[i];
136 }
137
138 return NULL;
139 }
140
image_get_crypto_algo(const char * full_name)141 struct crypto_algo *image_get_crypto_algo(const char *full_name)
142 {
143 int i;
144 const char *name;
145
146 #if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
147 static bool done;
148
149 if (!done) {
150 done = true;
151 for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
152 crypto_algos[i].name += gd->reloc_off;
153 crypto_algos[i].sign += gd->reloc_off;
154 crypto_algos[i].add_verify_data += gd->reloc_off;
155 crypto_algos[i].verify += gd->reloc_off;
156 }
157 }
158 #endif
159
160 /* Move name to after the comma */
161 name = strchr(full_name, ',');
162 if (!name)
163 return NULL;
164 name += 1;
165
166 for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
167 if (!strcmp(crypto_algos[i].name, name))
168 return &crypto_algos[i];
169 }
170
171 return NULL;
172 }
173
image_get_padding_algo(const char * name)174 struct padding_algo *image_get_padding_algo(const char *name)
175 {
176 int i;
177
178 if (!name)
179 return NULL;
180
181 for (i = 0; i < ARRAY_SIZE(padding_algos); i++) {
182 if (!strcmp(padding_algos[i].name, name))
183 return &padding_algos[i];
184 }
185
186 return NULL;
187 }
188