rsa: Use checksum algorithms from struct hash_algo

[karo-tx-uboot.git] / lib / rsa / rsa-sign.c

diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 83f5e87838950a7fb63f2de0aac6891cf40e2abd..5d9716f01349f4074653f2735fa3e6204ddba8e7 100644 (file)
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -76,6 +76,7 @@ static int rsa_get_pub_key(const char *keydir, const char *name, RSA **rsap)
        rsa = EVP_PKEY_get1_RSA(key);
        if (!rsa) {
                rsa_err("Couldn't convert to a RSA style key");
+               ret = -EINVAL;
                goto err_rsa;
        }
        fclose(f);
@@ -260,11 +261,58 @@ err_priv:
        return ret;
 }
 
+/*
+ * rsa_get_exponent(): - Get the public exponent from an RSA key
+ */
+static int rsa_get_exponent(RSA *key, uint64_t *e)
+{
+       int ret;
+       BIGNUM *bn_te;
+       uint64_t te;
+
+       ret = -EINVAL;
+       bn_te = NULL;
+
+       if (!e)
+               goto cleanup;
+
+       if (BN_num_bits(key->e) > 64)
+               goto cleanup;
+
+       *e = BN_get_word(key->e);
+
+       if (BN_num_bits(key->e) < 33) {
+               ret = 0;
+               goto cleanup;
+       }
+
+       bn_te = BN_dup(key->e);
+       if (!bn_te)
+               goto cleanup;
+
+       if (!BN_rshift(bn_te, bn_te, 32))
+               goto cleanup;
+
+       if (!BN_mask_bits(bn_te, 32))
+               goto cleanup;
+
+       te = BN_get_word(bn_te);
+       te <<= 32;
+       *e |= te;
+       ret = 0;
+
+cleanup:
+       if (bn_te)
+               BN_free(bn_te);
+
+       return ret;
+}
+
 /*
  * rsa_get_params(): - Get the important parameters of an RSA public key
  */
-int rsa_get_params(RSA *key, uint32_t *n0_invp, BIGNUM **modulusp,
-                  BIGNUM **r_squaredp)
+int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp,
+                  BIGNUM **modulusp, BIGNUM **r_squaredp)
 {
        BIGNUM *big1, *big2, *big32, *big2_32;
        BIGNUM *n, *r, *r_squared, *tmp;
@@ -286,6 +334,9 @@ int rsa_get_params(RSA *key, uint32_t *n0_invp, BIGNUM **modulusp,
                return -ENOMEM;
        }
 
+       if (0 != rsa_get_exponent(key, exponent))
+               ret = -1;
+
        if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) ||
            !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L))
                ret = -1;
@@ -386,6 +437,7 @@ static int fdt_add_bignum(void *blob, int noffset, const char *prop_name,
 int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
 {
        BIGNUM *modulus, *r_squared;
+       uint64_t exponent;
        uint32_t n0_inv;
        int parent, node;
        char name[100];
@@ -397,7 +449,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
        ret = rsa_get_pub_key(info->keydir, info->keyname, &rsa);
        if (ret)
                return ret;
-       ret = rsa_get_params(rsa, &n0_inv, &modulus, &r_squared);
+       ret = rsa_get_params(rsa, &exponent, &n0_inv, &modulus, &r_squared);
        if (ret)
                return ret;
        bits = BN_num_bits(modulus);
@@ -441,6 +493,9 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
                ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits);
        if (!ret)
                ret = fdt_setprop_u32(keydest, node, "rsa,n0-inverse", n0_inv);
+       if (!ret) {
+               ret = fdt_setprop_u64(keydest, node, "rsa,exponent", exponent);
+       }
        if (!ret) {
                ret = fdt_add_bignum(keydest, node, "rsa,modulus", modulus,
                                     bits);