checksum_algo's pad_len field isn't actually used to store the length of
the padding but the total length of the RSA key (msg_len + pad_len)
Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
struct checksum_algo {
const char *name;
const int checksum_len;
struct checksum_algo {
const char *name;
const int checksum_len;
#if IMAGE_ENABLE_SIGN
const EVP_MD *(*calculate_sign)(void);
#endif
#if IMAGE_ENABLE_SIGN
const EVP_MD *(*calculate_sign)(void);
#endif
}
padding = algo->rsa_padding;
}
padding = algo->rsa_padding;
- pad_len = algo->pad_len - algo->checksum_len;
+ pad_len = algo->key_len - algo->checksum_len;
/* Check pkcs1.5 padding bytes. */
if (memcmp(buf, padding, pad_len)) {
/* Check pkcs1.5 padding bytes. */
if (memcmp(buf, padding, pad_len)) {
{
const void *blob = info->fdt_blob;
/* Reserve memory for maximum checksum-length */
{
const void *blob = info->fdt_blob;
/* Reserve memory for maximum checksum-length */
- uint8_t hash[info->algo->checksum->pad_len];
+ uint8_t hash[info->algo->checksum->key_len];
int ndepth, noffset;
int sig_node, node;
char name[100];
int ndepth, noffset;
int sig_node, node;
char name[100];
* rsa-signature-length
*/
if (info->algo->checksum->checksum_len >
* rsa-signature-length
*/
if (info->algo->checksum->checksum_len >
- info->algo->checksum->pad_len) {
+ info->algo->checksum->key_len) {
debug("%s: invlaid checksum-algorithm %s for %s\n",
__func__, info->algo->checksum->name, info->algo->name);
return -EINVAL;
debug("%s: invlaid checksum-algorithm %s for %s\n",
__func__, info->algo->checksum->name, info->algo->name);
return -EINVAL;