summaryrefslogtreecommitdiff
path: root/lib/ecdsa/ecdsa-libcrypto.c
AgeCommit message (Collapse)Author
2024-10-07mkimage: ecdsa: add nodes to signature/key nodeMatthias Pritschet
Add the "required", "algo", and "key-name-hint" nodes to the signature/key node if ecdsa256 is used. This change is mainly copy&paste from rsa_add_verify_data which already adds these nodes. Signed-off-by: Matthias Pritschet <matthias.pritschet@itk-engineering.de>
2024-10-07mkimage: ecdsa: add signature/key nodes to dtb if missingMatthias Pritschet
If the signature/key node(s) are not yet present in the U-Boot device tree, ecdsa_add_verify_data simply fails if it can't find the nodes. This behaviour differs from rsa_add_verify_data, wich does add the missing nodes and proceeds in that case. This change is mainly copy&paste from rsa_add_verify_data to add the same behaviour to ecdsa_add_verify_data. Signed-off-by: Matthias Pritschet <matthias.pritschet@itk-engineering.de>
2024-10-02Add mkimage secp521r1 ECDSA curve supportJoakim Tjernlund
Adds support for the secp521r1 ECDSA algorithm to mkimage. Signed-off-by: Joakim Tjernlund <joakim.tjernlund@infinera.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2023-06-20mkimage: ecdsa: password for signing from environmentStefano Babic
Use a variable (MKIMAGE_SIGN_PASSWORD) like already done for RSA to allow the signing process to run in batch. Signed-off-by: Stefano Babic <sbabic@denx.de>
2022-01-26image: Return destination node for add_verify_data() methodSimon Glass
It is useful to know where the verification data was written. Update the API to return this. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-12-26tools: avoid OpenSSL deprecation warningsHeinrich Schuchardt
Our Gitlab CI buildsystem is set up to treat warnings as errors. With OpenSSL 3.0 a lot of deprecation warnings occur. With the patch compatibility with OpenSSL 1.1.1 is declared. In the long run we should upgrade our code to use the current API. A -Wdiscarded-qualifiers warning is muted by casting. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-04-14lib/ecdsa: Use the 'keydir' argument from mkimage if appropriateAlexandru Gagniuc
Keys can be derived from keydir, and the "key-name-hint" property of the FIT. They can also be specified ad-literam via 'keyfile'. Update the ECDSA signing path to use the appropriate one. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14lib: Add support for ECDSA image signingAlexandru Gagniuc
mkimage supports rsa2048, and rsa4096 signatures. With newer silicon now supporting hardware-accelerated ECDSA, it makes sense to expand signing support to elliptic curves. Implement host-side ECDSA signing and verification with libcrypto. Device-side implementation of signature verification is beyond the scope of this patch. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
generated by cgit v1.2.3 (git 2.0.4) at 2025-07-26 00:40:49 +0000