aboutsummaryrefslogtreecommitdiff
path: root/include/crypto
AgeCommit message (Collapse)Author
2023-09-24common: Drop linux/printk.h from common headerSimon Glass
This old patch was marked as deferred. Bring it back to life, to continue towards the removal of common.h Move this out of the common header and include it only where needed. Signed-off-by: Simon Glass <sjg@chromium.org>
2022-07-05lib: crypto: add mscode_parserAKASHI Takahiro
In MS authenticode, pkcs7 should have data in its contentInfo field. This data is tagged with SpcIndirectData type and, for a signed PE image, provides a image's message digest as SpcPeImageData. This parser is used in image authentication to parse the field and retrieve a message digest. Imported from linux v5.19-rc, crypto/asymmetric_keys/mscode*. Checkpatch.pl generates tones of warnings, but those are not fixed for the sake of maintainability (importing from another source). Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2021-08-16dm: crypto: Define UCLASS API for ECDSA signature verificationAlexandru Gagniuc
Define a UCLASS API for verifying ECDSA signatures. Unlike UCLASS_MOD_EXP, which focuses strictly on modular exponentiation, the ECDSA class focuses on verification. This is done so that it better aligns with mach-specific implementations, such as stm32mp. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2020-07-22lib: crypto: export and enhance pkcs7_verify_one()AKASHI Takahiro
The function, pkcs7_verify_one(), will be utilized to rework signature verification logic aiming to support intermediate certificates in "chain of trust." To do that, its function interface is expanded, adding an extra argument which is expected to return the last certificate in trusted chain. Then, this last one must further be verified with signature database, db and/or dbx. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-22lib: crypto: add public_key_verify_signature()AKASHI Takahiro
This function will be called from x509_check_for_self_signed() and pkcs7_verify_one(), which will be imported from linux in a later patch. While it does exist in linux code and has a similar functionality of rsa_verify(), it calls further linux-specific interfaces inside. That could lead to more files being imported from linux. So simply re-implement it here instead of re-using the code. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-11lib/crypto: use qualified path for x509_parser.hHeinrich Schuchardt
Use the path relative to /include for x509_parser.h in pkcs7_parser.h. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-05-04lib/crypto, efi_loader: move some headers to include/cryptoAKASHI Takahiro
Pkcs7_parse.h and x509_parser.h are used in UEFI subsystem, in particular, secure boot. So move them to include/crypto to avoid relative paths. Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Don't include include x509_parser.h twice. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-12-06lib: crypto: add pkcs7 message parserAKASHI Takahiro
Imported from linux kernel v5.3: pkcs7.asn1 without changes pkcs7.h with changes marked as __UBOOT__ pkcs7_parser.h without changes pkcs7_parser.c with changes marked as __UBOOT__ Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2019-12-06lib: crypto: add rsa public key parserAKASHI Takahiro
Imported from linux kernel v5.3: rsapubkey.asn1 without changes rsa.h without changes rsa_helper.c with changes marked as __UBOOT__ Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2019-12-06lib: crypto: add public key utilityAKASHI Takahiro
Imported from linux kernel v5.3: asymmetric-type.h with changes marked as __UBOOT__ asymmetric_type.c with changes marked as __UBOOT__ public_key.h with changes marked as __UBOOT__ public_key.c with changes marked as __UBOOT__ Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>