[U-Boot] [PATCH 1/4] rsa: cosmetic: rename pad_len to key_len
Simon Glass
sjg at chromium.org
Mon Nov 14 20:04:38 CET 2016
On 11 November 2016 at 14:16, Andrew Duda <andrew.duda at meraki.net> wrote:
>
> Simon,
>
> padded_len could work. I decided to go with key_len to be more
> RSA-independent since I have been dealing with ECDSA primarily. More
> specifically, ECDSA has no notion of padding or padded_len, but it
> does have a notion of key_len. And in RSA, I believe the padded_len is
> the same as the key_len. So the name key_len name would be applicable
> to both RSA and ECDSA. Granted, only RSA is currently supported in
> u-boot so I wouldn't have much of a problem updating this to
> padded_len.
>
> (sorry for the duplicate Simon)
OK I see.
Reviewed-by: Simon Glass <sjg at chromium.org>
>
> Thanks,
> Andrew
>
> On Fri, Nov 11, 2016 at 8:17 AM, Simon Glass <sjg at chromium.org> wrote:
> > Hi,
> >
> > On 8 November 2016 at 11:53, aduda <aduda at meraki.com> wrote:
> >> From: Andrew Duda <aduda at meraki.com>
> >>
> >> checksum_algo's pad_len field isn't actually used to store the length of
> >> the padding but the total length of the RSA key (msg_len + pad_len)
> >
> > Perhaps it should be padded_key_len or padded_len?
> >
> >>
> >> Signed-off-by: Andrew Duda <aduda at meraki.com>
> >> Signed-off-by: aduda <aduda at meraki.com>
> >> ---
> >>
> >> include/image.h | 2 +-
> >> lib/rsa/rsa-verify.c | 6 +++---
> >> 2 files changed, 4 insertions(+), 4 deletions(-)
> >>
> >> diff --git a/include/image.h b/include/image.h
> >> index 2b1296c..bfe10a0 100644
> >> --- a/include/image.h
> >> +++ b/include/image.h
> >> @@ -1070,7 +1070,7 @@ struct image_region {
> >> struct checksum_algo {
> >> const char *name;
> >> const int checksum_len;
> >> - const int pad_len;
> >> + const int key_len;
> >> #if IMAGE_ENABLE_SIGN
> >> const EVP_MD *(*calculate_sign)(void);
> >> #endif
> >> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
> >> index 442b769..5418f59 100644
> >> --- a/lib/rsa/rsa-verify.c
> >> +++ b/lib/rsa/rsa-verify.c
> >> @@ -84,7 +84,7 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig,
> >> }
> >>
> >> padding = algo->rsa_padding;
> >> - pad_len = algo->pad_len - algo->checksum_len;
> >> + pad_len = algo->key_len - algo->checksum_len;
> >>
> >> /* Check pkcs1.5 padding bytes. */
> >> if (memcmp(buf, padding, pad_len)) {
> >> @@ -160,7 +160,7 @@ int rsa_verify(struct image_sign_info *info,
> >> {
> >> const void *blob = info->fdt_blob;
> >> /* Reserve memory for maximum checksum-length */
> >> - uint8_t hash[info->algo->checksum->pad_len];
> >> + uint8_t hash[info->algo->checksum->key_len];
> >> int ndepth, noffset;
> >> int sig_node, node;
> >> char name[100];
> >> @@ -171,7 +171,7 @@ int rsa_verify(struct image_sign_info *info,
> >> * rsa-signature-length
> >> */
> >> if (info->algo->checksum->checksum_len >
> >> - info->algo->checksum->pad_len) {
> >> + info->algo->checksum->key_len) {
> >> debug("%s: invlaid checksum-algorithm %s for %s\n",
> >> __func__, info->algo->checksum->name, info->algo->name);
> >> return -EINVAL;
> >> --
> >> 2.10.2
> >>
> >
> > Regards,
> > Simon
More information about the U-Boot
mailing list