From 646257d1f4004855d486024527a4784bf57c4c4d Mon Sep 17 00:00:00 2001
From: Heiko Schocher <hs@denx.de>
Date: Mon, 3 Mar 2014 12:19:26 +0100
Subject: rsa: add sha256-rsa2048 algorithm

based on patch from andreas@oetken.name:

http://patchwork.ozlabs.org/patch/294318/
commit message:
I currently need support for rsa-sha256 signatures in u-boot and found out that
the code for signatures is not very generic. Thus adding of different
hash-algorithms for rsa-signatures is not easy to do without copy-pasting the
rsa-code. I attached a patch for how I think it could be better and included
support for rsa-sha256. This is a fast first shot.

aditionally work:
- removed checkpatch warnings
- removed compiler warnings
- rebased against current head

Signed-off-by: Heiko Schocher <hs@denx.de>
Cc: andreas@oetken.name
Cc: Simon Glass <sjg@chromium.org>
---
 common/image-sig.c | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

(limited to 'common')

diff --git a/common/image-sig.c b/common/image-sig.c
index 973b06d505f..8b6f49bb38e 100644
--- a/common/image-sig.c
+++ b/common/image-sig.c
@@ -14,15 +14,53 @@ DECLARE_GLOBAL_DATA_PTR;
 #endif /* !USE_HOSTCC*/
 #include <image.h>
 #include <rsa.h>
+#include <rsa-checksum.h>
 
 #define IMAGE_MAX_HASHED_NODES		100
 
+#ifdef USE_HOSTCC
+__attribute__((weak)) void *get_blob(void)
+{
+	return NULL;
+}
+#endif
+
+struct checksum_algo checksum_algos[] = {
+	{
+		"sha1",
+		SHA1_SUM_LEN,
+#if IMAGE_ENABLE_SIGN
+		EVP_sha1,
+#else
+		sha1_calculate,
+		padding_sha1_rsa2048,
+#endif
+	},
+	{
+		"sha256",
+		SHA256_SUM_LEN,
+#if IMAGE_ENABLE_SIGN
+		EVP_sha256,
+#else
+		sha256_calculate,
+		padding_sha256_rsa2048,
+#endif
+	}
+};
 struct image_sig_algo image_sig_algos[] = {
 	{
 		"sha1,rsa2048",
 		rsa_sign,
 		rsa_add_verify_data,
 		rsa_verify,
+		&checksum_algos[0],
+	},
+	{
+		"sha256,rsa2048",
+		rsa_sign,
+		rsa_add_verify_data,
+		rsa_verify,
+		&checksum_algos[1],
 	}
 };
 
-- 
cgit v1.2.3