* [U-Boot] [PATCH 1/4] rsa: cosmetic: rename pad_len to key_len
@ 2016-11-08 18:53 aduda
2016-11-11 16:17 ` Simon Glass
2016-11-22 2:54 ` [U-Boot] [U-Boot,1/4] " Tom Rini
0 siblings, 2 replies; 5+ messages in thread
From: aduda @ 2016-11-08 18:53 UTC (permalink / raw)
To: u-boot
From: Andrew Duda <aduda@meraki.com>
checksum_algo's pad_len field isn't actually used to store the length of
the padding but the total length of the RSA key (msg_len + pad_len)
Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
---
include/image.h | 2 +-
lib/rsa/rsa-verify.c | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/include/image.h b/include/image.h
index 2b1296c..bfe10a0 100644
--- a/include/image.h
+++ b/include/image.h
@@ -1070,7 +1070,7 @@ struct image_region {
struct checksum_algo {
const char *name;
const int checksum_len;
- const int pad_len;
+ const int key_len;
#if IMAGE_ENABLE_SIGN
const EVP_MD *(*calculate_sign)(void);
#endif
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 442b769..5418f59 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -84,7 +84,7 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
}
padding = algo->rsa_padding;
- pad_len = algo->pad_len - algo->checksum_len;
+ pad_len = algo->key_len - algo->checksum_len;
/* Check pkcs1.5 padding bytes. */
if (memcmp(buf, padding, pad_len)) {
@@ -160,7 +160,7 @@ int rsa_verify(struct image_sign_info *info,
{
const void *blob = info->fdt_blob;
/* Reserve memory for maximum checksum-length */
- uint8_t hash[info->algo->checksum->pad_len];
+ uint8_t hash[info->algo->checksum->key_len];
int ndepth, noffset;
int sig_node, node;
char name[100];
@@ -171,7 +171,7 @@ int rsa_verify(struct image_sign_info *info,
* rsa-signature-length
*/
if (info->algo->checksum->checksum_len >
- info->algo->checksum->pad_len) {
+ info->algo->checksum->key_len) {
debug("%s: invlaid checksum-algorithm %s for %s\n",
__func__, info->algo->checksum->name, info->algo->name);
return -EINVAL;
--
2.10.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [U-Boot] [PATCH 1/4] rsa: cosmetic: rename pad_len to key_len
2016-11-08 18:53 [U-Boot] [PATCH 1/4] rsa: cosmetic: rename pad_len to key_len aduda
@ 2016-11-11 16:17 ` Simon Glass
2016-11-11 21:16 ` Andrew Duda
2016-11-22 2:54 ` [U-Boot] [U-Boot,1/4] " Tom Rini
1 sibling, 1 reply; 5+ messages in thread
From: Simon Glass @ 2016-11-11 16:17 UTC (permalink / raw)
To: u-boot
Hi,
On 8 November 2016 at 11:53, aduda <aduda@meraki.com> wrote:
> From: Andrew Duda <aduda@meraki.com>
>
> checksum_algo's pad_len field isn't actually used to store the length of
> the padding but the total length of the RSA key (msg_len + pad_len)
Perhaps it should be padded_key_len or padded_len?
>
> Signed-off-by: Andrew Duda <aduda@meraki.com>
> Signed-off-by: aduda <aduda@meraki.com>
> ---
>
> include/image.h | 2 +-
> lib/rsa/rsa-verify.c | 6 +++---
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/include/image.h b/include/image.h
> index 2b1296c..bfe10a0 100644
> --- a/include/image.h
> +++ b/include/image.h
> @@ -1070,7 +1070,7 @@ struct image_region {
> struct checksum_algo {
> const char *name;
> const int checksum_len;
> - const int pad_len;
> + const int key_len;
> #if IMAGE_ENABLE_SIGN
> const EVP_MD *(*calculate_sign)(void);
> #endif
> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
> index 442b769..5418f59 100644
> --- a/lib/rsa/rsa-verify.c
> +++ b/lib/rsa/rsa-verify.c
> @@ -84,7 +84,7 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
> }
>
> padding = algo->rsa_padding;
> - pad_len = algo->pad_len - algo->checksum_len;
> + pad_len = algo->key_len - algo->checksum_len;
>
> /* Check pkcs1.5 padding bytes. */
> if (memcmp(buf, padding, pad_len)) {
> @@ -160,7 +160,7 @@ int rsa_verify(struct image_sign_info *info,
> {
> const void *blob = info->fdt_blob;
> /* Reserve memory for maximum checksum-length */
> - uint8_t hash[info->algo->checksum->pad_len];
> + uint8_t hash[info->algo->checksum->key_len];
> int ndepth, noffset;
> int sig_node, node;
> char name[100];
> @@ -171,7 +171,7 @@ int rsa_verify(struct image_sign_info *info,
> * rsa-signature-length
> */
> if (info->algo->checksum->checksum_len >
> - info->algo->checksum->pad_len) {
> + info->algo->checksum->key_len) {
> debug("%s: invlaid checksum-algorithm %s for %s\n",
> __func__, info->algo->checksum->name, info->algo->name);
> return -EINVAL;
> --
> 2.10.2
>
Regards,
Simon
^ permalink raw reply [flat|nested] 5+ messages in thread
* [U-Boot] [PATCH 1/4] rsa: cosmetic: rename pad_len to key_len
2016-11-11 16:17 ` Simon Glass
@ 2016-11-11 21:16 ` Andrew Duda
2016-11-14 19:04 ` Simon Glass
0 siblings, 1 reply; 5+ messages in thread
From: Andrew Duda @ 2016-11-11 21:16 UTC (permalink / raw)
To: u-boot
Simon,
padded_len could work. I decided to go with key_len to be more
RSA-independent since I have been dealing with ECDSA primarily. More
specifically, ECDSA has no notion of padding or padded_len, but it
does have a notion of key_len. And in RSA, I believe the padded_len is
the same as the key_len. So the name key_len name would be applicable
to both RSA and ECDSA. Granted, only RSA is currently supported in
u-boot so I wouldn't have much of a problem updating this to
padded_len.
(sorry for the duplicate Simon)
Thanks,
Andrew
On Fri, Nov 11, 2016 at 8:17 AM, Simon Glass <sjg@chromium.org> wrote:
> Hi,
>
> On 8 November 2016 at 11:53, aduda <aduda@meraki.com> wrote:
>> From: Andrew Duda <aduda@meraki.com>
>>
>> checksum_algo's pad_len field isn't actually used to store the length of
>> the padding but the total length of the RSA key (msg_len + pad_len)
>
> Perhaps it should be padded_key_len or padded_len?
>
>>
>> Signed-off-by: Andrew Duda <aduda@meraki.com>
>> Signed-off-by: aduda <aduda@meraki.com>
>> ---
>>
>> include/image.h | 2 +-
>> lib/rsa/rsa-verify.c | 6 +++---
>> 2 files changed, 4 insertions(+), 4 deletions(-)
>>
>> diff --git a/include/image.h b/include/image.h
>> index 2b1296c..bfe10a0 100644
>> --- a/include/image.h
>> +++ b/include/image.h
>> @@ -1070,7 +1070,7 @@ struct image_region {
>> struct checksum_algo {
>> const char *name;
>> const int checksum_len;
>> - const int pad_len;
>> + const int key_len;
>> #if IMAGE_ENABLE_SIGN
>> const EVP_MD *(*calculate_sign)(void);
>> #endif
>> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
>> index 442b769..5418f59 100644
>> --- a/lib/rsa/rsa-verify.c
>> +++ b/lib/rsa/rsa-verify.c
>> @@ -84,7 +84,7 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
>> }
>>
>> padding = algo->rsa_padding;
>> - pad_len = algo->pad_len - algo->checksum_len;
>> + pad_len = algo->key_len - algo->checksum_len;
>>
>> /* Check pkcs1.5 padding bytes. */
>> if (memcmp(buf, padding, pad_len)) {
>> @@ -160,7 +160,7 @@ int rsa_verify(struct image_sign_info *info,
>> {
>> const void *blob = info->fdt_blob;
>> /* Reserve memory for maximum checksum-length */
>> - uint8_t hash[info->algo->checksum->pad_len];
>> + uint8_t hash[info->algo->checksum->key_len];
>> int ndepth, noffset;
>> int sig_node, node;
>> char name[100];
>> @@ -171,7 +171,7 @@ int rsa_verify(struct image_sign_info *info,
>> * rsa-signature-length
>> */
>> if (info->algo->checksum->checksum_len >
>> - info->algo->checksum->pad_len) {
>> + info->algo->checksum->key_len) {
>> debug("%s: invlaid checksum-algorithm %s for %s\n",
>> __func__, info->algo->checksum->name, info->algo->name);
>> return -EINVAL;
>> --
>> 2.10.2
>>
>
> Regards,
> Simon
^ permalink raw reply [flat|nested] 5+ messages in thread
* [U-Boot] [PATCH 1/4] rsa: cosmetic: rename pad_len to key_len
2016-11-11 21:16 ` Andrew Duda
@ 2016-11-14 19:04 ` Simon Glass
0 siblings, 0 replies; 5+ messages in thread
From: Simon Glass @ 2016-11-14 19:04 UTC (permalink / raw)
To: u-boot
On 11 November 2016 at 14:16, Andrew Duda <andrew.duda@meraki.net> wrote:
>
> Simon,
>
> padded_len could work. I decided to go with key_len to be more
> RSA-independent since I have been dealing with ECDSA primarily. More
> specifically, ECDSA has no notion of padding or padded_len, but it
> does have a notion of key_len. And in RSA, I believe the padded_len is
> the same as the key_len. So the name key_len name would be applicable
> to both RSA and ECDSA. Granted, only RSA is currently supported in
> u-boot so I wouldn't have much of a problem updating this to
> padded_len.
>
> (sorry for the duplicate Simon)
OK I see.
Reviewed-by: Simon Glass <sjg@chromium.org>
>
> Thanks,
> Andrew
>
> On Fri, Nov 11, 2016 at 8:17 AM, Simon Glass <sjg@chromium.org> wrote:
> > Hi,
> >
> > On 8 November 2016 at 11:53, aduda <aduda@meraki.com> wrote:
> >> From: Andrew Duda <aduda@meraki.com>
> >>
> >> checksum_algo's pad_len field isn't actually used to store the length of
> >> the padding but the total length of the RSA key (msg_len + pad_len)
> >
> > Perhaps it should be padded_key_len or padded_len?
> >
> >>
> >> Signed-off-by: Andrew Duda <aduda@meraki.com>
> >> Signed-off-by: aduda <aduda@meraki.com>
> >> ---
> >>
> >> include/image.h | 2 +-
> >> lib/rsa/rsa-verify.c | 6 +++---
> >> 2 files changed, 4 insertions(+), 4 deletions(-)
> >>
> >> diff --git a/include/image.h b/include/image.h
> >> index 2b1296c..bfe10a0 100644
> >> --- a/include/image.h
> >> +++ b/include/image.h
> >> @@ -1070,7 +1070,7 @@ struct image_region {
> >> struct checksum_algo {
> >> const char *name;
> >> const int checksum_len;
> >> - const int pad_len;
> >> + const int key_len;
> >> #if IMAGE_ENABLE_SIGN
> >> const EVP_MD *(*calculate_sign)(void);
> >> #endif
> >> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
> >> index 442b769..5418f59 100644
> >> --- a/lib/rsa/rsa-verify.c
> >> +++ b/lib/rsa/rsa-verify.c
> >> @@ -84,7 +84,7 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
> >> }
> >>
> >> padding = algo->rsa_padding;
> >> - pad_len = algo->pad_len - algo->checksum_len;
> >> + pad_len = algo->key_len - algo->checksum_len;
> >>
> >> /* Check pkcs1.5 padding bytes. */
> >> if (memcmp(buf, padding, pad_len)) {
> >> @@ -160,7 +160,7 @@ int rsa_verify(struct image_sign_info *info,
> >> {
> >> const void *blob = info->fdt_blob;
> >> /* Reserve memory for maximum checksum-length */
> >> - uint8_t hash[info->algo->checksum->pad_len];
> >> + uint8_t hash[info->algo->checksum->key_len];
> >> int ndepth, noffset;
> >> int sig_node, node;
> >> char name[100];
> >> @@ -171,7 +171,7 @@ int rsa_verify(struct image_sign_info *info,
> >> * rsa-signature-length
> >> */
> >> if (info->algo->checksum->checksum_len >
> >> - info->algo->checksum->pad_len) {
> >> + info->algo->checksum->key_len) {
> >> debug("%s: invlaid checksum-algorithm %s for %s\n",
> >> __func__, info->algo->checksum->name, info->algo->name);
> >> return -EINVAL;
> >> --
> >> 2.10.2
> >>
> >
> > Regards,
> > Simon
^ permalink raw reply [flat|nested] 5+ messages in thread
* [U-Boot] [U-Boot,1/4] rsa: cosmetic: rename pad_len to key_len
2016-11-08 18:53 [U-Boot] [PATCH 1/4] rsa: cosmetic: rename pad_len to key_len aduda
2016-11-11 16:17 ` Simon Glass
@ 2016-11-22 2:54 ` Tom Rini
1 sibling, 0 replies; 5+ messages in thread
From: Tom Rini @ 2016-11-22 2:54 UTC (permalink / raw)
To: u-boot
On Tue, Nov 08, 2016 at 06:53:39PM +0000, aduda wrote:
> From: Andrew Duda <aduda@meraki.com>
>
> checksum_algo's pad_len field isn't actually used to store the length of
> the padding but the total length of the RSA key (msg_len + pad_len)
>
> Signed-off-by: Andrew Duda <aduda@meraki.com>
> Signed-off-by: aduda <aduda@meraki.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20161121/405f38fc/attachment.sig>
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2016-11-22 2:54 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-11-08 18:53 [U-Boot] [PATCH 1/4] rsa: cosmetic: rename pad_len to key_len aduda
2016-11-11 16:17 ` Simon Glass
2016-11-11 21:16 ` Andrew Duda
2016-11-14 19:04 ` Simon Glass
2016-11-22 2:54 ` [U-Boot] [U-Boot,1/4] " Tom Rini
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.