aboutsummaryrefslogtreecommitdiff
path: root/tools/sunxi_toc0.c
AgeCommit message (Collapse)Author
2023-04-13tools: imagetool: Extend print_header() by params argumentPali Rohár
This allows image type print_header() callback to access struct image_tool_params *params. Signed-off-by: Pali Rohár <pali@kernel.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-31tools: mkimage: fix build with recent LibreSSLMark Kettenis
LibreSSL 3.5.0 and later (also shipped as part of OpenBSD 7.1 and and later) have an opaque RSA object and do provide the RSA_get0_* functions that OpenSSL provides. Fixes: 2ecc354b8e46 ("tools: mkimage: fix build with LibreSSL") Signed-off-by: Mark Kettenis <kettenis@openbsd.org> Reviewed-by: Jonathan Gray <jsg@jsg.id.au>
2022-08-04tools: mkimage: fix build with LibreSSLMichal Vasilek
RSA_get0_* functions are not available in LibreSSL Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz> Reviewed-by: Simon Glass <sjg@chromium.org>
2022-05-07tools: mkimage: set OPENSSL_API_COMPATHeinrich Schuchardt
Building with OpenSSL 3.0 produces warnings like: ../tools/sunxi_toc0.c:846:17: warning: ‘RSA_get0_d’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 846 | if (root_key && RSA_get0_d(root_key)) { | ^~ As OpenSSL 3.0 is not available in elder Linux distributions just silence the warning. Add missing #include <openssl/bn.h>. Fixes: e9e87ec47c75 ("tools: mkimage: Add Allwinner TOC0 support") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Tested-by: Andre Przywara <andre.przywara@arm.com>
2022-04-04tools: mkimage: Add Allwinner TOC0 supportSamuel Holland
Most Allwinner sunxi SoCs have separate boot ROMs in non-secure and secure mode. The "non-secure" or "normal" boot ROM (NBROM) uses the existing sunxi_egon image type. The secure boot ROM (SBROM) uses a completely different image type, known as TOC0. A TOC0 image is composed of a header and two or more items. One item is the firmware binary. The others form a chain linking the firmware signature to the root-of-trust public key (ROTPK), which has its hash burned in the SoC's eFuses. Signatures are made using RSA-2048 + SHA256. The pseudo-ASN.1 structure is manually assembled; this is done to work around bugs/quirks in the boot ROM, which vary between SoCs. This TOC0 implementation has been verified to work with the A50, A64, H5, H6, and H616 SBROMs, and it may work with other SoCs. Signed-off-by: Samuel Holland <samuel@sholland.org> Acked-by: Andre Przywara <andre.przywara@arm.com> Signed-off-by: Andre Przywara <andre.przywara@arm.com>