diff options
Diffstat (limited to 'firmware/2lib/include/2rsa.h')
-rw-r--r-- | firmware/2lib/include/2rsa.h | 31 |
1 files changed, 21 insertions, 10 deletions
diff --git a/firmware/2lib/include/2rsa.h b/firmware/2lib/include/2rsa.h index 5409ce31..8e21cd4d 100644 --- a/firmware/2lib/include/2rsa.h +++ b/firmware/2lib/include/2rsa.h @@ -17,34 +17,45 @@ struct vb2_public_key { uint32_t n0inv; /* -1 / n[0] mod 2^32 */ const uint32_t *n; /* Modulus as little endian array */ const uint32_t *rr; /* R^2 as little endian array */ - uint32_t algorithm; /* Algorithm to use when verifying with the key */ - enum vb2_hash_algorithm hash_alg; /* Hash algorithm */ + enum vb2_signature_algorithm sig_alg; /* Signature algorithm */ + enum vb2_hash_algorithm hash_alg; /* Hash algorithm */ }; /** + * Convert vb2_crypto_algorithm to vb2_signature_algorithm. + * + * @param algorithm Crypto algorithm (vb2_crypto_algorithm) + * + * @return The signature algorithm for that crypto algorithm, or + * VB2_SIG_INVALID if the crypto algorithm or its corresponding signature + * algorithm is invalid or not supported. + */ +enum vb2_signature_algorithm vb2_crypto_to_signature(uint32_t algorithm); + +/** * Return the size of a RSA signature * - * @param algorithm Key algorithm (enum vb2_crypto_algorithm) - * @return The size of the signature, or 0 if error. + * @param sig_alg Signature algorithm + * @return The size of the signature in bytes, or 0 if error. */ -uint32_t vb2_rsa_sig_size(uint32_t algorithm); +uint32_t vb2_rsa_sig_size(enum vb2_signature_algorithm sig_alg); /** * Return the size of a pre-processed RSA public key. * - * @param algorithm Key algorithm (enum vb2_crypto_algorithm) - * @return The size of the preprocessed key, or 0 if error. + * @param sig_alg Signature algorithm + * @return The size of the preprocessed key in bytes, or 0 if error. */ -uint32_t vb2_packed_key_size(uint32_t algorithm); +uint32_t vb2_packed_key_size(enum vb2_signature_algorithm sig_alg); /** * Check pkcs 1.5 padding bytes * * @param sig Signature to verify - * @param algorithm Key algorithm (enum vb2_crypto_algorithm) + * @param key Key to take signature and hash algorithms from * @return VB2_SUCCESS, or non-zero if error. */ -int vb2_check_padding(uint8_t *sig, int algorithm); +int vb2_check_padding(const uint8_t *sig, const struct vb2_public_key *key); /* Size of work buffer sufficient for vb2_rsa_verify_digest() worst case */ #define VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES (3 * 1024) |