diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/rsa/rsa-verify.c | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index ee8988d646..61dc4c2e70 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -68,14 +68,14 @@ static int rsa_verify_padding(const uint8_t *msg, const int pad_len, * @sig: Signature * @sig_len: Number of bytes in signature * @hash: Pointer to the expected hash - * @algo: Checksum algo structure having information on RSA padding etc. + * @key_len: Number of bytes in rsa key + * @algo: Checksum algo structure having information on DER encoding etc. * @return 0 if verified, -ve on error */ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig, const uint32_t sig_len, const uint8_t *hash, - struct checksum_algo *algo) + const uint32_t key_len, struct checksum_algo *algo) { - const uint8_t *padding; int pad_len; int ret; #if !defined(USE_HOSTCC) @@ -117,7 +117,7 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig, return ret; } - pad_len = algo->key_len - algo->checksum_len; + pad_len = key_len - algo->checksum_len; /* Check pkcs1.5 padding bytes. */ ret = rsa_verify_padding(buf, pad_len, algo); @@ -183,7 +183,9 @@ static int rsa_verify_with_keynode(struct image_sign_info *info, return -EFAULT; } - ret = rsa_verify_key(&prop, sig, sig_len, hash, info->algo->checksum); + ret = rsa_verify_key(&prop, sig, sig_len, hash, + info->algo->crypto->key_len, + info->algo->checksum); return ret; } @@ -194,7 +196,7 @@ int rsa_verify(struct image_sign_info *info, { const void *blob = info->fdt_blob; /* Reserve memory for maximum checksum-length */ - uint8_t hash[info->algo->checksum->key_len]; + uint8_t hash[info->algo->crypto->key_len]; int ndepth, noffset; int sig_node, node; char name[100]; @@ -205,9 +207,10 @@ int rsa_verify(struct image_sign_info *info, * rsa-signature-length */ if (info->algo->checksum->checksum_len > - info->algo->checksum->key_len) { + info->algo->crypto->key_len) { debug("%s: invlaid checksum-algorithm %s for %s\n", - __func__, info->algo->checksum->name, info->algo->name); + __func__, info->algo->checksum->name, + info->algo->crypto->name); return -EINVAL; } |