rsa: Verify RSA padding programatically
authorAndrew Duda <aduda@meraki.com>
Tue, 8 Nov 2016 18:53:40 +0000 (18:53 +0000)
committerTom Rini <trini@konsulko.com>
Mon, 21 Nov 2016 19:07:30 +0000 (14:07 -0500)
commitda29f2991d75fc8aa3289407a0e686a4a22f8c9e
tree3c972878a859196e72be31fe6da6d0ae5047d38b
parent5300a4f9336291fb713fcfaf9ea6e51b71824800
rsa: Verify RSA padding programatically

Padding verification was done against static SHA/RSA pair arrays which
take up a lot of static memory, are mostly 0xff, and cannot be reused
for additional SHA/RSA pairings. The padding can be easily computed
according to PKCS#1v2.1 as:

  EM = 0x00 || 0x01 || PS || 0x00 || T

where PS is (emLen - tLen - 3) octets of 0xff and T is DER encoding
of the hash.

Store DER prefix in checksum_algo and create rsa_verify_padding
function to handle verification of a message for any SHA/RSA pairing.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
common/image-sig.c
include/image.h
include/u-boot/rsa-checksum.h
include/u-boot/sha1.h
include/u-boot/sha256.h
lib/rsa/rsa-checksum.c
lib/rsa/rsa-verify.c
lib/sha1.c
lib/sha256.c