diff options
| author | Reuben Dowle <reubendowle0@gmail.com> | 2020-04-16 08:36:52 +0300 |
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2020-06-12 20:14:07 +0300 |
| commit | d16b38f42704fe3cc94fbee1601be96045013151 (patch) | |
| tree | abd95e88387701d92c5319565ed4a6aaf9c02a1b /tools | |
| parent | f191f3a1027ede56e2501920e3e8a8acd7033e77 (diff) | |
| download | u-boot-d16b38f42704fe3cc94fbee1601be96045013151.tar.xz | |
Add support for SHA384 and SHA512
The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].
This patch adds support for SHA384 and SHA512 in the hash command, and also
allows FIT images to be hashed with these algorithms, and signed with
sha384,rsaXXXX and sha512,rsaXXXX
The SHA implementation is adapted from the linux kernel implementation.
[1] Commercial National Security Algorithm Suite
http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm
Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/Makefile | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/tools/Makefile b/tools/Makefile index 879c3fd4a7..51123fd929 100644 --- a/tools/Makefile +++ b/tools/Makefile @@ -107,6 +107,7 @@ dumpimage-mkimage-objs := aisimage.o \ lib/crc16.o \ lib/sha1.o \ lib/sha256.o \ + lib/sha512.o \ common/hash.o \ ublimage.o \ zynqimage.o \ @@ -225,6 +226,7 @@ HOSTCFLAGS_crc8.o := -pedantic HOSTCFLAGS_md5.o := -pedantic HOSTCFLAGS_sha1.o := -pedantic HOSTCFLAGS_sha256.o := -pedantic +HOSTCFLAGS_sha512.o := -pedantic -DCONFIG_SHA512 -DCONFIG_SHA384 quiet_cmd_wrap = WRAP $@ cmd_wrap = echo "\#include <../$(patsubst $(obj)/%,%,$@)>" >$@ |