From: Andrew Duda <[email protected]> checksum_algo's pad_len field isn't actually used to store the length of the padding but the total length of the RSA key (msg_len + pad_len)
Signed-off-by: Andrew Duda <[email protected]> Signed-off-by: aduda <[email protected]> --- include/image.h | 2 +- lib/rsa/rsa-verify.c | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/image.h b/include/image.h index 2b1296c..bfe10a0 100644 --- a/include/image.h +++ b/include/image.h @@ -1070,7 +1070,7 @@ struct image_region { struct checksum_algo { const char *name; const int checksum_len; - const int pad_len; + const int key_len; #if IMAGE_ENABLE_SIGN const EVP_MD *(*calculate_sign)(void); #endif diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 442b769..5418f59 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -84,7 +84,7 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig, } padding = algo->rsa_padding; - pad_len = algo->pad_len - algo->checksum_len; + pad_len = algo->key_len - algo->checksum_len; /* Check pkcs1.5 padding bytes. */ if (memcmp(buf, padding, pad_len)) { @@ -160,7 +160,7 @@ int rsa_verify(struct image_sign_info *info, { const void *blob = info->fdt_blob; /* Reserve memory for maximum checksum-length */ - uint8_t hash[info->algo->checksum->pad_len]; + uint8_t hash[info->algo->checksum->key_len]; int ndepth, noffset; int sig_node, node; char name[100]; @@ -171,7 +171,7 @@ int rsa_verify(struct image_sign_info *info, * rsa-signature-length */ if (info->algo->checksum->checksum_len > - info->algo->checksum->pad_len) { + info->algo->checksum->key_len) { debug("%s: invlaid checksum-algorithm %s for %s\n", __func__, info->algo->checksum->name, info->algo->name); return -EINVAL; -- 2.10.2 _______________________________________________ U-Boot mailing list [email protected] http://lists.denx.de/mailman/listinfo/u-boot
