From e0d310b098b1e3dd2ad4e0e4efbbb81b90ae4bc7 Mon Sep 17 00:00:00 2001 From: AKASHI Takahiro Date: Fri, 21 Feb 2020 15:12:58 +0900 Subject: lib: rsa: generate additional parameters for public key In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro --- include/u-boot/rsa-mod-exp.h | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'include') diff --git a/include/u-boot/rsa-mod-exp.h b/include/u-boot/rsa-mod-exp.h index 8a428c4b6a..1da8af1bb8 100644 --- a/include/u-boot/rsa-mod-exp.h +++ b/include/u-boot/rsa-mod-exp.h @@ -26,6 +26,29 @@ struct key_prop { uint32_t exp_len; /* Exponent length in number of uint8_t */ }; +/** + * rsa_gen_key_prop() - Generate key properties of RSA public key + * @key: Specifies key data in DER format + * @keylen: Length of @key + * @prop: Generated key property + * + * This function takes a blob of encoded RSA public key data in DER + * format, parse it and generate all the relevant properties + * in key_prop structure. + * Return a pointer to struct key_prop in @prop on success. + * + * Return: 0 on success, negative on error + */ +int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **proc); + +/** + * rsa_free_key_prop() - Free key properties + * @prop: Pointer to struct key_prop + * + * This function frees all the memories allocated by rsa_gen_key_prop(). + */ +void rsa_free_key_prop(struct key_prop *prop); + /** * rsa_mod_exp_sw() - Perform RSA Modular Exponentiation in sw * -- cgit