Lines Matching +full:step +full:- +full:size
1 // SPDX-License-Identifier: GPL-2.0+
20 #include <u-boot/rsa-mod-exp.h>
21 #include <u-boot/rsa.h>
27 * rsa_verify_padding() - Verify RSA message padding is valid
48 ff_len = pad_len - algo->der_len - 3; in rsa_verify_padding()
50 ret |= memcmp(msg, msg+1, ff_len-1); in rsa_verify_padding()
55 ret |= memcmp(msg, algo->der_prefix, algo->der_len); in rsa_verify_padding()
64 struct checksum_algo *checksum = info->checksum; in padding_pkcs_15_verify()
65 int ret, pad_len = msg_len - checksum->checksum_len; in padding_pkcs_15_verify()
71 return -EINVAL; in padding_pkcs_15_verify()
75 if (memcmp((uint8_t *)msg + pad_len, hash, msg_len - pad_len)) { in padding_pkcs_15_verify()
77 return -EACCES; in padding_pkcs_15_verify()
93 * mask_generation_function1() - generate an octet string
100 * @seed_len: Size of the input octet string
102 * @output_len: Size of the output octet string
113 int hash_len = checksum->checksum_len; in mask_generation_function1()
118 region[0].size = seed_len; in mask_generation_function1()
120 region[1].size = 4; in mask_generation_function1()
125 ret = -ENOMEM; in mask_generation_function1()
132 ret = checksum->calculate(checksum->name, in mask_generation_function1()
166 region[0].size = pad_len; in compute_hash_prime()
168 region[1].size = hash_len; in compute_hash_prime()
170 region[2].size = salt_len; in compute_hash_prime()
172 ret = checksum->calculate(checksum->name, region, region_count, hprime); in compute_hash_prime()
187 int masked_db_len = msg_len - hash_len - 1; in padding_pss_verify()
193 int db_len = masked_db_len, salt_len = msg_len - hash_len - 2; in padding_pss_verify()
197 struct checksum_algo *checksum = info->checksum; in padding_pss_verify()
208 ret = -ENOMEM; in padding_pss_verify()
212 /* step 4: check if the last byte is 0xbc */ in padding_pss_verify()
213 if (msg[msg_len - 1] != 0xbc) { in padding_pss_verify()
215 ret = -EINVAL; in padding_pss_verify()
219 /* step 5 */ in padding_pss_verify()
223 /* step 6 */ in padding_pss_verify()
224 leftmost_mask = (0xff >> (8 - leftmost_bits)) << (8 - leftmost_bits); in padding_pss_verify()
228 ret = -EINVAL; in padding_pss_verify()
232 /* step 7 */ in padding_pss_verify()
235 /* step 8 */ in padding_pss_verify()
239 /* step 9 */ in padding_pss_verify()
242 /* step 10 */ in padding_pss_verify()
250 /* step 11 */ in padding_pss_verify()
253 /* step 12 & 13 */ in padding_pss_verify()
258 /* step 14 */ in padding_pss_verify()
274 * rsa_verify_key() - Verify a signature against some data using RSA Key
285 * @return 0 if verified, -ve on error
296 struct checksum_algo *checksum = info->checksum; in rsa_verify_key()
297 struct padding_algo *padding = info->padding; in rsa_verify_key()
301 return -EIO; in rsa_verify_key()
303 if (sig_len != (prop->num_bits / 8)) { in rsa_verify_key()
305 return -EINVAL; in rsa_verify_key()
308 debug("Checksum algorithm: %s", checksum->name); in rsa_verify_key()
310 /* Sanity check for stack size */ in rsa_verify_key()
314 return -EINVAL; in rsa_verify_key()
318 hash_len = checksum->checksum_len; in rsa_verify_key()
324 return -EINVAL; in rsa_verify_key()
336 ret = padding->verify(info, buf, key_len, hash, hash_len); in rsa_verify_key()
346 * rsa_verify_with_keynode() - Verify a signature against some data using
349 * Parse sign-node and fill a key_prop structure with properties of the
358 * @return 0 if verified, -ve on error
364 const void *blob = info->fdt_blob; in rsa_verify_with_keynode()
371 return -EBADF; in rsa_verify_with_keynode()
374 prop.num_bits = fdtdec_get_int(blob, node, "rsa,num-bits", 0); in rsa_verify_with_keynode()
376 prop.n0inv = fdtdec_get_int(blob, node, "rsa,n0-inverse", 0); in rsa_verify_with_keynode()
386 prop.rr = fdt_getprop(blob, node, "rsa,r-squared", NULL); in rsa_verify_with_keynode()
390 return -EFAULT; in rsa_verify_with_keynode()
394 info->crypto->key_len); in rsa_verify_with_keynode()
403 const void *blob = info->fdt_blob; in rsa_verify()
404 /* Reserve memory for maximum checksum-length */ in rsa_verify()
405 uint8_t hash[info->crypto->key_len]; in rsa_verify()
412 * Verify that the checksum-length does not exceed the in rsa_verify()
413 * rsa-signature-length in rsa_verify()
415 if (info->checksum->checksum_len > in rsa_verify()
416 info->crypto->key_len) { in rsa_verify()
417 debug("%s: invlaid checksum-algorithm %s for %s\n", in rsa_verify()
418 __func__, info->checksum->name, info->crypto->name); in rsa_verify()
419 return -EINVAL; in rsa_verify()
425 return -ENOENT; in rsa_verify()
428 /* Calculate checksum with checksum-algorithm */ in rsa_verify()
429 ret = info->checksum->calculate(info->checksum->name, in rsa_verify()
433 return -EINVAL; in rsa_verify()
437 if (info->required_keynode != -1) { in rsa_verify()
439 info->required_keynode); in rsa_verify()
445 snprintf(name, sizeof(name), "key-%s", info->keyname); in rsa_verify()
452 for (ndepth = 0, noffset = fdt_next_node(info->fit, sig_node, &ndepth); in rsa_verify()
454 noffset = fdt_next_node(info->fit, noffset, &ndepth)) { in rsa_verify()