diff options
| author | Heiko Stuebner <heiko.stuebner@theobroma-systems.com> | 2020-06-18 17:23:26 +0300 |
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2020-07-09 00:21:46 +0300 |
| commit | 1a62c23ecf1f38d999f7d94d8d27fbc97483b35d (patch) | |
| tree | bf50166ccca9a33ab3849a3b2a0306aeef1796a5 /lib/rsa | |
| parent | eda753be8a33d9cadf2c41ea614069a31e314ba3 (diff) | |
| download | u-boot-1a62c23ecf1f38d999f7d94d8d27fbc97483b35d.tar.xz | |
lib: rsa: add documentation to padding_pss_verify to document limitations
padding_pss_verify only works with the default pss salt setting of -2
(length to be automatically determined based on the PSS block structure)
not -1 (salt length set to the maximum permissible value), which makes
verifications of signatures with that saltlen fail.
Until this gets implemented at least document this behaviour.
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'lib/rsa')
| -rw-r--r-- | lib/rsa/rsa-verify.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 048f1ab789..61d98e6e2d 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -194,6 +194,19 @@ out: return ret; } +/* + * padding_pss_verify() - verify the pss padding of a signature + * + * Only works with a rsa_pss_saltlen:-2 (default value) right now + * saltlen:-1 "set the salt length to the digest length" is currently + * not supported. + * + * @info: Specifies key and FIT information + * @msg: byte array of message, len equal to msg_len + * @msg_len: Message length + * @hash: Pointer to the expected hash + * @hash_len: Length of the hash + */ int padding_pss_verify(struct image_sign_info *info, uint8_t *msg, int msg_len, const uint8_t *hash, int hash_len) |