[PATCH] tools: key2dtsi: Write out modulus and r-squared with the correct length

Jan Kiszka jan.kiszka at siemens.com
Fri Oct 31 10:35:16 CET 2025 

From: Jan Kiszka <jan.kiszka at siemens.com>

Align the implementation to rsa_add_verify_data() by writing the modulus
and r-squared properties with the same length as the key itself. This
fixes signature verification issues when one of the parameters has
leading zeros.

Reported-by: Hans Gfirtner (Nokia) <hans.gfirtner at nokia.com>
Signed-off-by: Jan Kiszka <jan.kiszka at siemens.com>
---

Hans, please validate. I only had a dry run with your test key.

 tools/key2dtsi.py | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/tools/key2dtsi.py b/tools/key2dtsi.py
index 1dbb2cc94bf..320ea930a97 100755
--- a/tools/key2dtsi.py
+++ b/tools/key2dtsi.py
@@ -11,10 +11,8 @@ from os.path import basename, splitext
 from Cryptodome.PublicKey import RSA
 from Cryptodome.Util.number import inverse
 
-def int_to_bytestr(n, length=None):
-    if not length:
-        length = (n.bit_length() + 7) // 8
-    byte_array = n.to_bytes(length, 'big')
+def int_to_bytestr(n, bits):
+    byte_array = n.to_bytes(bits // 8, 'big')
     return ' '.join(['{:02x}'.format(byte) for byte in byte_array])
 
 ap = ArgumentParser(description='Public key to dtsi converter')
@@ -39,7 +37,8 @@ key_name, _ = splitext(basename(args.key_file.name))
 key_data = args.key_file.read()
 key = RSA.importKey(key_data)
 
-r_squared = (2**key.size_in_bits())**2 % key.n
+key_bits = key.size_in_bits()
+r_squared = (2**key_bits)**2 % key.n
 n0_inverse = 2**32 - inverse(key.n, 2**32)
 
 out = args.dtsi_file
@@ -47,11 +46,13 @@ out.write('/ {\n')
 out.write('\tsignature {\n')
 out.write('\t\tkey-{} {{\n'.format(key_name))
 out.write('\t\t\tkey-name-hint = "{}";\n'.format(key_name))
-out.write('\t\t\talgo = "{},rsa{}";\n'.format(args.hash, key.size_in_bits()))
-out.write('\t\t\trsa,num-bits = <{}>;\n'.format(key.size_in_bits()))
-out.write('\t\t\trsa,modulus = [{}];\n'.format(int_to_bytestr(key.n)))
-out.write('\t\t\trsa,exponent = [{}];\n'.format(int_to_bytestr(key.e, 8)))
-out.write('\t\t\trsa,r-squared = [{}];\n'.format(int_to_bytestr(r_squared)))
+out.write('\t\t\talgo = "{},rsa{}";\n'.format(args.hash, key_bits))
+out.write('\t\t\trsa,num-bits = <{}>;\n'.format(key_bits))
+out.write('\t\t\trsa,modulus = [{}];\n'.format(int_to_bytestr(key.n,
+                                                              key_bits)))
+out.write('\t\t\trsa,exponent = [{}];\n'.format(int_to_bytestr(key.e, 64)))
+out.write('\t\t\trsa,r-squared = [{}];\n'.format(int_to_bytestr(r_squared,
+                                                                key_bits)))
 out.write('\t\t\trsa,n0-inverse = <0x{:x}>;\n'.format(n0_inverse))
 if args.required_conf:
     out.write('\t\t\trequired = "conf";\n')
-- 
2.51.0

More information about the U-Boot mailing list