mirror of
https://github.com/u-boot/u-boot.git
synced 2025-04-28 08:35:38 +00:00

The current recommendation for best security practice from the US government is to use SHA384 for TOP SECRET [1]. This patch adds support for SHA384 and SHA512 in the hash command, and also allows FIT images to be hashed with these algorithms, and signed with sha384,rsaXXXX and sha512,rsaXXXX The SHA implementation is adapted from the linux kernel implementation. [1] Commercial National Security Algorithm Suite http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
29 lines
727 B
C
29 lines
727 B
C
/* SPDX-License-Identifier: GPL-2.0+ */
|
|
/*
|
|
* Copyright (c) 2013, Andreas Oetken.
|
|
*/
|
|
|
|
#ifndef _RSA_CHECKSUM_H
|
|
#define _RSA_CHECKSUM_H
|
|
|
|
#include <errno.h>
|
|
#include <image.h>
|
|
#include <u-boot/sha1.h>
|
|
#include <u-boot/sha256.h>
|
|
#include <u-boot/sha512.h>
|
|
|
|
/**
|
|
* hash_calculate() - Calculate hash over the data
|
|
*
|
|
* @name: Name of algorithm to be used for hash calculation
|
|
* @region: Array having info of regions over which hash needs to be calculated
|
|
* @region_count: Number of regions in the region array
|
|
* @checksum: Buffer contanining the output hash
|
|
*
|
|
* @return 0 if OK, < 0 if error
|
|
*/
|
|
int hash_calculate(const char *name,
|
|
const struct image_region region[], int region_count,
|
|
uint8_t *checksum);
|
|
|
|
#endif
|