diff options
author | Simon Glass <sjg@chromium.org> | 2021-09-25 19:43:23 -0600 |
---|---|---|
committer | Tom Rini <trini@konsulko.com> | 2021-10-08 15:53:26 -0400 |
commit | 2bbed3ff8c7fa0c0fa3fd28a9497bf7a99e3388b (patch) | |
tree | fc0702f72792fb3114c8cc4fd2262f8f2ad115fd /lib/rsa/rsa-verify.c | |
parent | e059157f0d5737b63fe2f1fec145509d82508109 (diff) | |
download | u-boot-2bbed3ff8c7fa0c0fa3fd28a9497bf7a99e3388b.zip u-boot-2bbed3ff8c7fa0c0fa3fd28a9497bf7a99e3388b.tar.gz u-boot-2bbed3ff8c7fa0c0fa3fd28a9497bf7a99e3388b.tar.bz2 |
image: Use Kconfig to enable FIT_RSASSA_PSS on host
Add a host Kconfig for FIT_RSASSA_PSS. With this we can use
CONFIG_IS_ENABLED(FIT_RSASSA_PSS) directly in the host build, so drop the
forcing of this in the image.h header.
Drop the #ifdef around padding_pss_verify() too since it is not needed.
Use the compiler to check the config where possible, instead of the
preprocessor.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Diffstat (limited to 'lib/rsa/rsa-verify.c')
-rw-r--r-- | lib/rsa/rsa-verify.c | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index ad6d33d..600c93a 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -102,7 +102,7 @@ U_BOOT_PADDING_ALGO(pkcs_15) = { }; #endif -#ifdef CONFIG_FIT_RSASSA_PSS +#if CONFIG_IS_ENABLED(FIT_RSASSA_PSS) static void u32_i2osp(uint32_t val, uint8_t *buf) { buf[0] = (uint8_t)((val >> 24) & 0xff); @@ -313,7 +313,6 @@ U_BOOT_PADDING_ALGO(pss) = { #endif -#if CONFIG_IS_ENABLED(FIT_SIGNATURE) || CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) /** * rsa_verify_key() - Verify a signature against some data using RSA Key * @@ -385,9 +384,7 @@ static int rsa_verify_key(struct image_sign_info *info, return 0; } -#endif -#if CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) /** * rsa_verify_with_pkey() - Verify a signature against some data using * only modulus and exponent as RSA key properties. @@ -408,6 +405,9 @@ int rsa_verify_with_pkey(struct image_sign_info *info, struct key_prop *prop; int ret; + if (!CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY)) + return -EACCES; + /* Public key is self-described to fill key_prop */ ret = rsa_gen_key_prop(info->key, info->keylen, &prop); if (ret) { @@ -422,13 +422,6 @@ int rsa_verify_with_pkey(struct image_sign_info *info, return ret; } -#else -int rsa_verify_with_pkey(struct image_sign_info *info, - const void *hash, uint8_t *sig, uint sig_len) -{ - return -EACCES; -} -#endif #if CONFIG_IS_ENABLED(FIT_SIGNATURE) /** |