1
2
3
4
5
6
7
8
9
10
11#ifndef _RSA_H
12#define _RSA_H
13
14#include <errno.h>
15#include <image.h>
16
17
18
19
20
21
22
23
24struct rsa_public_key {
25 uint len;
26 uint32_t n0inv;
27 uint32_t *modulus;
28 uint32_t *rr;
29 uint64_t exponent;
30};
31
32struct image_sign_info;
33
34#if IMAGE_ENABLE_SIGN
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52int rsa_sign(struct image_sign_info *info,
53 const struct image_region region[],
54 int region_count, uint8_t **sigp, uint *sig_len);
55
56
57
58
59
60
61
62
63
64
65
66
67
68int rsa_add_verify_data(struct image_sign_info *info, void *keydest);
69#else
70static inline int rsa_sign(struct image_sign_info *info,
71 const struct image_region region[], int region_count,
72 uint8_t **sigp, uint *sig_len)
73{
74 return -ENXIO;
75}
76
77static inline int rsa_add_verify_data(struct image_sign_info *info,
78 void *keydest)
79{
80 return -ENXIO;
81}
82#endif
83
84#if IMAGE_ENABLE_VERIFY
85
86
87
88
89
90
91
92
93
94
95
96
97int rsa_verify(struct image_sign_info *info,
98 const struct image_region region[], int region_count,
99 uint8_t *sig, uint sig_len);
100
101int padding_pkcs_15_verify(struct image_sign_info *info,
102 uint8_t *msg, int msg_len,
103 const uint8_t *hash, int hash_len);
104
105#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
106int padding_pss_verify(struct image_sign_info *info,
107 uint8_t *msg, int msg_len,
108 const uint8_t *hash, int hash_len);
109#endif
110#else
111static inline int rsa_verify(struct image_sign_info *info,
112 const struct image_region region[], int region_count,
113 uint8_t *sig, uint sig_len)
114{
115 return -ENXIO;
116}
117
118static inline int padding_pkcs_15_verify(struct image_sign_info *info,
119 uint8_t *msg, int msg_len,
120 const uint8_t *hash, int hash_len)
121{
122 return -ENXIO;
123}
124
125#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
126static inline int padding_pss_verify(struct image_sign_info *info,
127 uint8_t *msg, int msg_len,
128 const uint8_t *hash, int hash_len)
129{
130 return -ENXIO;
131}
132#endif
133#endif
134
135#define RSA_DEFAULT_PADDING_NAME "pkcs-1.5"
136
137#define RSA2048_BYTES (2048 / 8)
138#define RSA4096_BYTES (4096 / 8)
139
140
141#define RSA_MIN_KEY_BITS 2048
142#define RSA_MAX_KEY_BITS 4096
143
144
145#define RSA_MAX_SIG_BITS 4096
146
147#endif
148