Merge branch '2021-07-16-cleanup-image-support'

- A large rework of the logic around supporting various image
  types/formats and sharing between the host and target.

common/Kconfig.boot

@@ -35,7 +35,7 @@ config FIT_EXTERNAL_OFFSET
 	  could be put in the hole between data payload and fit image
 	  header, such as CSF data on i.MX platform.
 
-config FIT_ENABLE_SHA256_SUPPORT
+config FIT_SHA256
 	bool "Support SHA256 checksum of FIT image contents"
 	default y
 	select SHA256
@@ -44,7 +44,7 @@ config FIT_ENABLE_SHA256_SUPPORT
 	  SHA256 checksum is a 256-bit (32-byte) hash value used to check that
 	  the image contents have not been corrupted.
 
-config FIT_ENABLE_SHA384_SUPPORT
+config FIT_SHA384
 	bool "Support SHA384 checksum of FIT image contents"
 	default n
 	select SHA384
@@ -54,7 +54,7 @@ config FIT_ENABLE_SHA384_SUPPORT
 	  the image contents have not been corrupted. Use this for the highest
 	  security.
 
-config FIT_ENABLE_SHA512_SUPPORT
+config FIT_SHA512
 	bool "Support SHA512 checksum of FIT image contents"
 	default n
 	select SHA512
@@ -103,7 +103,7 @@ config FIT_SIGNATURE_MAX_SIZE
 	  device memory. Assure this size does not extend past expected storage
 	  space.
 
-config FIT_ENABLE_RSASSA_PSS_SUPPORT
+config FIT_RSASSA_PSS
 	bool "Support rsassa-pss signature scheme of FIT image contents"
 	depends on FIT_SIGNATURE
 	default n

common/image-fit.c

@@ -1219,19 +1219,19 @@ int calculate_hash(const void *data, int data_len, const char *algo,
 							CHUNKSZ_CRC32);
 		*((uint32_t *)value) = cpu_to_uimage(*((uint32_t *)value));
 		*value_len = 4;
-	} else if (IMAGE_ENABLE_SHA1 && strcmp(algo, "sha1") == 0) {
+	} else if (CONFIG_IS_ENABLED(SHA1) && strcmp(algo, "sha1") == 0) {
 		sha1_csum_wd((unsigned char *)data, data_len,
 			     (unsigned char *)value, CHUNKSZ_SHA1);
 		*value_len = 20;
-	} else if (IMAGE_ENABLE_SHA256 && strcmp(algo, "sha256") == 0) {
+	} else if (CONFIG_IS_ENABLED(SHA256) && strcmp(algo, "sha256") == 0) {
 		sha256_csum_wd((unsigned char *)data, data_len,
 			       (unsigned char *)value, CHUNKSZ_SHA256);
 		*value_len = SHA256_SUM_LEN;
-	} else if (IMAGE_ENABLE_SHA384 && strcmp(algo, "sha384") == 0) {
+	} else if (CONFIG_IS_ENABLED(SHA384) && strcmp(algo, "sha384") == 0) {
 		sha384_csum_wd((unsigned char *)data, data_len,
 			       (unsigned char *)value, CHUNKSZ_SHA384);
 		*value_len = SHA384_SUM_LEN;
-	} else if (IMAGE_ENABLE_SHA512 && strcmp(algo, "sha512") == 0) {
+	} else if (CONFIG_IS_ENABLED(SHA512) && strcmp(algo, "sha512") == 0) {
 		sha512_csum_wd((unsigned char *)data, data_len,
 			       (unsigned char *)value, CHUNKSZ_SHA512);
 		*value_len = SHA512_SUM_LEN;
@@ -2027,7 +2027,7 @@ int fit_image_load(bootm_headers_t *images, ulong addr,
 		 * fit_conf_get_node() will try to find default config node
 		 */
 		bootstage_mark(bootstage_id + BOOTSTAGE_SUB_NO_UNIT_NAME);
-		if (IMAGE_ENABLE_BEST_MATCH && !fit_uname_config) {
+		if (IS_ENABLED(CONFIG_FIT_BEST_MATCH) && !fit_uname_config) {
 			cfg_noffset = fit_conf_find_compat(fit, gd_fdt_blob());
 		} else {
 			cfg_noffset = fit_conf_get_node(fit,

common/image-sig.c

@@ -3,18 +3,11 @@
  * Copyright (c) 2013, Google Inc.
  */
 
-#ifdef USE_HOSTCC
-#include "mkimage.h"
-#include <fdt_support.h>
-#include <time.h>
-#include <linux/libfdt.h>
-#else
 #include <common.h>
 #include <log.h>
 #include <malloc.h>
 #include <asm/global_data.h>
 DECLARE_GLOBAL_DATA_PTR;
-#endif /* !USE_HOSTCC*/
 #include <image.h>
 #include <u-boot/ecdsa.h>
 #include <u-boot/rsa.h>
@@ -28,9 +21,6 @@ struct checksum_algo checksum_algos[] = {
 		.checksum_len = SHA1_SUM_LEN,
 		.der_len = SHA1_DER_LEN,
 		.der_prefix = sha1_der_prefix,
-#if IMAGE_ENABLE_SIGN
-		.calculate_sign = EVP_sha1,
-#endif
 		.calculate = hash_calculate,
 	},
 	{
@@ -38,9 +28,6 @@ struct checksum_algo checksum_algos[] = {
 		.checksum_len = SHA256_SUM_LEN,
 		.der_len = SHA256_DER_LEN,
 		.der_prefix = sha256_der_prefix,
-#if IMAGE_ENABLE_SIGN
-		.calculate_sign = EVP_sha256,
-#endif
 		.calculate = hash_calculate,
 	},
 #ifdef CONFIG_SHA384
@@ -49,9 +36,6 @@ struct checksum_algo checksum_algos[] = {
 		.checksum_len = SHA384_SUM_LEN,
 		.der_len = SHA384_DER_LEN,
 		.der_prefix = sha384_der_prefix,
-#if IMAGE_ENABLE_SIGN
-		.calculate_sign = EVP_sha384,
-#endif
 		.calculate = hash_calculate,
 	},
 #endif
@@ -61,50 +45,23 @@ struct checksum_algo checksum_algos[] = {
 		.checksum_len = SHA512_SUM_LEN,
 		.der_len = SHA512_DER_LEN,
 		.der_prefix = sha512_der_prefix,
-#if IMAGE_ENABLE_SIGN
-		.calculate_sign = EVP_sha512,
-#endif
 		.calculate = hash_calculate,
 	},
 #endif
 
 };
 
-struct crypto_algo crypto_algos[] = {
-	{
-		.name = "rsa2048",
-		.key_len = RSA2048_BYTES,
-		.sign = rsa_sign,
-		.add_verify_data = rsa_add_verify_data,
-		.verify = rsa_verify,
-	},
-	{
-		.name = "rsa4096",
-		.key_len = RSA4096_BYTES,
-		.sign = rsa_sign,
-		.add_verify_data = rsa_add_verify_data,
-		.verify = rsa_verify,
-	},
-	{
-		.name = "ecdsa256",
-		.key_len = ECDSA256_BYTES,
-		.sign = ecdsa_sign,
-		.add_verify_data = ecdsa_add_verify_data,
-		.verify = ecdsa_verify,
-	},
-};
-
 struct padding_algo padding_algos[] = {
 	{
 		.name = "pkcs-1.5",
 		.verify = padding_pkcs_15_verify,
 	},
-#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
+#ifdef CONFIG_FIT_RSASSA_PSS
 	{
 		.name = "pss",
 		.verify = padding_pss_verify,
 	}
-#endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */
+#endif /* CONFIG_FIT_RSASSA_PSS */
 };
 
 struct checksum_algo *image_get_checksum_algo(const char *full_name)
@@ -112,16 +69,13 @@ struct checksum_algo *image_get_checksum_algo(const char *full_name)
 	int i;
 	const char *name;
 
-#if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
+#if defined(CONFIG_NEEDS_MANUAL_RELOC)
 	static bool done;
 
 	if (!done) {
 		done = true;
 		for (i = 0; i < ARRAY_SIZE(checksum_algos); i++) {
 			checksum_algos[i].name += gd->reloc_off;
-#if IMAGE_ENABLE_SIGN
-			checksum_algos[i].calculate_sign += gd->reloc_off;
-#endif
 			checksum_algos[i].calculate += gd->reloc_off;
 		}
 	}
@@ -140,19 +94,18 @@ struct checksum_algo *image_get_checksum_algo(const char *full_name)
 
 struct crypto_algo *image_get_crypto_algo(const char *full_name)
 {
-	int i;
+	struct crypto_algo *crypto, *end;
 	const char *name;
 
-#if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
+#if defined(CONFIG_NEEDS_MANUAL_RELOC)
 	static bool done;
 
 	if (!done) {
-		done = true;
-		for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
-			crypto_algos[i].name += gd->reloc_off;
-			crypto_algos[i].sign += gd->reloc_off;
-			crypto_algos[i].add_verify_data += gd->reloc_off;
-			crypto_algos[i].verify += gd->reloc_off;
+		crypto = ll_entry_start(struct crypto_algo, cryptos);
+		end = ll_entry_end(struct crypto_algo, cryptos);
+		for (; crypto < end; crypto++) {
+			crypto->name += gd->reloc_off;
+			crypto->verify += gd->reloc_off;
 		}
 	}
 #endif
@@ -163,11 +116,14 @@ struct crypto_algo *image_get_crypto_algo(const char *full_name)
 		return NULL;
 	name += 1;
 
-	for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
-		if (!strcmp(crypto_algos[i].name, name))
-			return &crypto_algos[i];
+	crypto = ll_entry_start(struct crypto_algo, cryptos);
+	end = ll_entry_end(struct crypto_algo, cryptos);
+	for (; crypto < end; crypto++) {
+		if (!strcmp(crypto->name, name))
+			return crypto;
 	}
 
+	/* Not found */
 	return NULL;
 }
 

common/spl/Kconfig

@@ -204,7 +204,7 @@ config SPL_LEGACY_IMAGE_SUPPORT
 config SPL_LEGACY_IMAGE_CRC_CHECK
 	bool "Check CRC of Legacy images"
 	depends on SPL_LEGACY_IMAGE_SUPPORT
-	select SPL_CRC32_SUPPORT
+	select SPL_CRC32
 	help
 	  Enable this to check the CRC of Legacy images. While this increases
 	  reliability, it affects both code size and boot duration.
@@ -407,7 +407,7 @@ config SYS_MMCSD_RAW_MODE_EMMC_BOOT_PARTITION
 	  the eMMC EXT_CSC_PART_CONFIG selection should be overridden in SPL
 	  by user defined partition number.
 
-config SPL_CRC32_SUPPORT
+config SPL_CRC32
 	bool "Support CRC32"
 	default y if SPL_LEGACY_IMAGE_SUPPORT
 	help
@@ -417,7 +417,7 @@ config SPL_CRC32_SUPPORT
 	  for detected accidental image corruption. For secure applications you
 	  should consider SHA1 or SHA256.
 
-config SPL_MD5_SUPPORT
+config SPL_MD5
 	bool "Support MD5"
 	depends on SPL_FIT
 	help
@@ -429,7 +429,7 @@ config SPL_MD5_SUPPORT
 	  applications where images may be changed maliciously, you should
 	  consider SHA256 or SHA384.
 
-config SPL_SHA1_SUPPORT
+config SPL_FIT_SHA1
 	bool "Support SHA1"
 	depends on SPL_FIT
 	select SHA1
@@ -441,7 +441,7 @@ config SPL_SHA1_SUPPORT
 	  due to the expanding computing power available to brute-force
 	  attacks. For more security, consider SHA256 or SHA384.
 
-config SPL_SHA256_SUPPORT
+config SPL_FIT_SHA256
 	bool "Support SHA256"
 	depends on SPL_FIT
 	select SHA256
@@ -450,7 +450,7 @@ config SPL_SHA256_SUPPORT
 	  checksum is a 256-bit (32-byte) hash value used to check that the
 	  image contents have not been corrupted.
 
-config SPL_SHA384_SUPPORT
+config SPL_FIT_SHA384
 	bool "Support SHA384"
 	depends on SPL_FIT
 	select SHA384
@@ -461,7 +461,7 @@ config SPL_SHA384_SUPPORT
 	  image contents have not been corrupted. Use this for the highest
 	  security.
 
-config SPL_SHA512_SUPPORT
+config SPL_FIT_SHA512
 	bool "Support SHA512"
 	depends on SPL_FIT
 	select SHA512

configs/axm_defconfig

@@ -32,7 +32,7 @@ CONFIG_BOOTCOMMAND="run flash_self"
 CONFIG_BOARD_EARLY_INIT_F=y
 # CONFIG_SPL_LEGACY_IMAGE_SUPPORT is not set
 CONFIG_SPL_SYS_MALLOC_SIMPLE=y
-CONFIG_SPL_CRC32_SUPPORT=y
+CONFIG_SPL_CRC32=y
 CONFIG_SPL_NAND_SUPPORT=y
 CONFIG_SPL_NAND_DRIVERS=y
 CONFIG_SPL_NAND_ECC=y

configs/bcm963158_ram_defconfig

@@ -11,7 +11,7 @@ CONFIG_TARGET_BCM963158=y
 CONFIG_ENV_VARS_UBOOT_CONFIG=y
 CONFIG_FIT=y
 CONFIG_FIT_SIGNATURE=y
-CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT=y
+CONFIG_FIT_RSASSA_PSS=y
 CONFIG_FIT_VERBOSE=y
 CONFIG_LEGACY_IMAGE_FORMAT=y
 CONFIG_SUPPORT_RAW_INITRD=y

configs/chromebit_mickey_defconfig

@@ -25,7 +25,7 @@ CONFIG_BOARD_EARLY_INIT_R=y
 CONFIG_SPL_STACK_R=y
 CONFIG_SPL_STACK_R_MALLOC_SIMPLE_LEN=0x2000
 # CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR is not set
-# CONFIG_SPL_CRC32_SUPPORT is not set
+# CONFIG_SPL_CRC32 is not set
 CONFIG_SPL_SPI_LOAD=y
 CONFIG_CMD_GPIO=y
 CONFIG_CMD_GPT=y

configs/chromebook_jerry_defconfig

@@ -26,7 +26,7 @@ CONFIG_BOARD_EARLY_INIT_R=y
 CONFIG_SPL_STACK_R=y
 CONFIG_SPL_STACK_R_MALLOC_SIMPLE_LEN=0x2000
 # CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR is not set
-# CONFIG_SPL_CRC32_SUPPORT is not set
+# CONFIG_SPL_CRC32 is not set
 CONFIG_SPL_SPI_LOAD=y
 CONFIG_CMD_GPIO=y
 CONFIG_CMD_GPT=y

configs/chromebook_minnie_defconfig

@@ -26,7 +26,7 @@ CONFIG_BOARD_EARLY_INIT_R=y
 CONFIG_SPL_STACK_R=y
 CONFIG_SPL_STACK_R_MALLOC_SIMPLE_LEN=0x2000
 # CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR is not set
-# CONFIG_SPL_CRC32_SUPPORT is not set
+# CONFIG_SPL_CRC32 is not set
 CONFIG_SPL_SPI_LOAD=y
 CONFIG_CMD_GPIO=y
 CONFIG_CMD_GPT=y

configs/chromebook_speedy_defconfig

@@ -26,7 +26,7 @@ CONFIG_BOARD_EARLY_INIT_R=y
 CONFIG_SPL_STACK_R=y
 CONFIG_SPL_STACK_R_MALLOC_SIMPLE_LEN=0x2000
 # CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR is not set
-# CONFIG_SPL_CRC32_SUPPORT is not set
+# CONFIG_SPL_CRC32 is not set
 CONFIG_SPL_SPI_LOAD=y
 CONFIG_CMD_GPIO=y
 CONFIG_CMD_GPT=y

configs/evb-px30_defconfig

@@ -29,7 +29,7 @@ CONFIG_SPL_BOOTROM_SUPPORT=y
 # CONFIG_SPL_RAW_IMAGE_SUPPORT is not set
 CONFIG_SPL_STACK_R=y
 # CONFIG_TPL_BANNER_PRINT is not set
-CONFIG_SPL_CRC32_SUPPORT=y
+CONFIG_SPL_CRC32=y
 CONFIG_SPL_ATF=y
 # CONFIG_TPL_FRAMEWORK is not set
 # CONFIG_CMD_BOOTD is not set

configs/firefly-px30_defconfig

@@ -30,7 +30,7 @@ CONFIG_SPL_BOOTROM_SUPPORT=y
 # CONFIG_SPL_RAW_IMAGE_SUPPORT is not set
 CONFIG_SPL_STACK_R=y
 # CONFIG_TPL_BANNER_PRINT is not set
-CONFIG_SPL_CRC32_SUPPORT=y
+CONFIG_SPL_CRC32=y
 CONFIG_SPL_ATF=y
 # CONFIG_TPL_FRAMEWORK is not set
 # CONFIG_CMD_BOOTD is not set

configs/imxrt1020-evk_defconfig

@@ -24,7 +24,7 @@ CONFIG_SPL_BOARD_INIT=y
 CONFIG_SPL_SYS_MALLOC_SIMPLE=y
 CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
 CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x100
-# CONFIG_SPL_CRC32_SUPPORT is not set
+# CONFIG_SPL_CRC32 is not set
 # CONFIG_BOOTM_NETBSD is not set
 # CONFIG_BOOTM_PLAN9 is not set
 # CONFIG_BOOTM_RTEMS is not set

configs/imxrt1050-evk_defconfig

@@ -27,7 +27,7 @@ CONFIG_SPL_BOARD_INIT=y
 CONFIG_SPL_SYS_MALLOC_SIMPLE=y
 CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
 CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x100
-# CONFIG_SPL_CRC32_SUPPORT is not set
+# CONFIG_SPL_CRC32 is not set
 # CONFIG_BOOTM_NETBSD is not set
 # CONFIG_BOOTM_PLAN9 is not set
 # CONFIG_BOOTM_RTEMS is not set

configs/mt8516_pumpkin_defconfig

@@ -13,7 +13,7 @@ CONFIG_DEBUG_UART_CLOCK=26000000
 # CONFIG_PSCI_RESET is not set
 CONFIG_DEBUG_UART=y
 CONFIG_FIT=y
-# CONFIG_FIT_ENABLE_SHA256_SUPPORT is not set
+# CONFIG_FIT_SHA256 is not set
 # CONFIG_ARCH_FIXUP_FDT_MEMORY is not set
 CONFIG_DEFAULT_FDT_FILE="mt8516-pumpkin"
 # CONFIG_DISPLAY_BOARDINFO is not set

configs/odroid-go2_defconfig

@@ -33,7 +33,7 @@ CONFIG_SPL_BOOTROM_SUPPORT=y
 # CONFIG_SPL_RAW_IMAGE_SUPPORT is not set
 CONFIG_SPL_STACK_R=y
 # CONFIG_TPL_BANNER_PRINT is not set
-CONFIG_SPL_CRC32_SUPPORT=y
+CONFIG_SPL_CRC32=y
 CONFIG_SPL_I2C_SUPPORT=y
 CONFIG_SPL_POWER_SUPPORT=y
 CONFIG_SPL_ATF=y

configs/px30-core-ctouch2-px30_defconfig

@@ -30,7 +30,7 @@ CONFIG_SPL_BOOTROM_SUPPORT=y
 # CONFIG_SPL_RAW_IMAGE_SUPPORT is not set
 CONFIG_SPL_STACK_R=y
 # CONFIG_TPL_BANNER_PRINT is not set
-CONFIG_SPL_CRC32_SUPPORT=y
+CONFIG_SPL_CRC32=y
 CONFIG_SPL_ATF=y
 # CONFIG_TPL_FRAMEWORK is not set
 # CONFIG_CMD_BOOTD is not set

configs/px30-core-edimm2.2-px30_defconfig

@@ -30,7 +30,7 @@ CONFIG_SPL_BOOTROM_SUPPORT=y
 # CONFIG_SPL_RAW_IMAGE_SUPPORT is not set
 CONFIG_SPL_STACK_R=y
 # CONFIG_TPL_BANNER_PRINT is not set
-CONFIG_SPL_CRC32_SUPPORT=y
+CONFIG_SPL_CRC32=y
 CONFIG_SPL_ATF=y
 # CONFIG_TPL_FRAMEWORK is not set
 # CONFIG_CMD_BOOTD is not set

configs/sandbox_defconfig

@@ -10,7 +10,7 @@ CONFIG_DEBUG_UART=y
 CONFIG_DISTRO_DEFAULTS=y
 CONFIG_FIT=y
 CONFIG_FIT_SIGNATURE=y
-CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT=y
+CONFIG_FIT_RSASSA_PSS=y
 CONFIG_FIT_CIPHER=y
 CONFIG_FIT_VERBOSE=y
 CONFIG_BOOTSTAGE=y

configs/socfpga_agilex_atf_defconfig

@@ -23,7 +23,7 @@ CONFIG_USE_BOOTARGS=y
 CONFIG_BOOTARGS="earlycon"
 CONFIG_USE_BOOTCOMMAND=y
 CONFIG_BOOTCOMMAND="run fatscript; run mmcfitload; run linux_qspi_enable; run mmcfitboot"
-CONFIG_SPL_CRC32_SUPPORT=y
+CONFIG_SPL_CRC32=y
 CONFIG_SPL_CACHE=y
 CONFIG_SPL_SPI_LOAD=y
 CONFIG_SPL_ATF=y

configs/socfpga_agilex_vab_defconfig

@@ -24,7 +24,7 @@ CONFIG_USE_BOOTARGS=y
 CONFIG_BOOTARGS="earlycon"
 CONFIG_USE_BOOTCOMMAND=y
 CONFIG_BOOTCOMMAND="run fatscript; run mmcfitload; run mmcfitboot"
-CONFIG_SPL_CRC32_SUPPORT=y
+CONFIG_SPL_CRC32=y
 CONFIG_SPL_CACHE=y
 CONFIG_SPL_SPI_LOAD=y
 CONFIG_SPL_ATF=y

configs/socfpga_stratix10_atf_defconfig

@@ -23,7 +23,7 @@ CONFIG_USE_BOOTARGS=y
 CONFIG_BOOTARGS="earlycon"
 CONFIG_USE_BOOTCOMMAND=y
 CONFIG_BOOTCOMMAND="run fatscript; run mmcfitload; run linux_qspi_enable; run mmcfitboot"
-CONFIG_SPL_CRC32_SUPPORT=y
+CONFIG_SPL_CRC32=y
 CONFIG_SPL_SPI_LOAD=y
 CONFIG_SPL_ATF=y
 CONFIG_SPL_ATF_NO_PLATFORM_PARAM=y

configs/taurus_defconfig

@@ -36,7 +36,7 @@ CONFIG_BOOTCOMMAND="nand read 0x22000000 0x200000 0x300000; bootm"
 CONFIG_BOARD_EARLY_INIT_F=y
 # CONFIG_SPL_LEGACY_IMAGE_SUPPORT is not set
 CONFIG_SPL_SYS_MALLOC_SIMPLE=y
-CONFIG_SPL_CRC32_SUPPORT=y
+CONFIG_SPL_CRC32=y
 CONFIG_SPL_NAND_SUPPORT=y
 CONFIG_SPL_NAND_DRIVERS=y
 CONFIG_SPL_NAND_ECC=y

include/image.h

@@ -30,10 +30,10 @@ struct fdt_region;
 #define IMAGE_ENABLE_FIT	1
 #define IMAGE_ENABLE_OF_LIBFDT	1
 #define CONFIG_FIT_VERBOSE	1 /* enable fit_format_{error,warning}() */
-#define CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT 1
-#define CONFIG_FIT_ENABLE_SHA256_SUPPORT
-#define CONFIG_FIT_ENABLE_SHA384_SUPPORT
-#define CONFIG_FIT_ENABLE_SHA512_SUPPORT
+#define CONFIG_FIT_RSASSA_PSS 1
+#define CONFIG_FIT_SHA256
+#define CONFIG_FIT_SHA384
+#define CONFIG_FIT_SHA512
 #define CONFIG_SHA1
 #define CONFIG_SHA256
 #define CONFIG_SHA384
@@ -47,6 +47,7 @@ struct fdt_region;
 #include <lmb.h>
 #include <asm/u-boot.h>
 #include <command.h>
+#include <linker_lists.h>
 
 /* Take notice of the 'ignore' property for hashes */
 #define IMAGE_ENABLE_IGNORE	1
@@ -62,19 +63,15 @@ struct fdt_region;
 #include <linux/libfdt.h>
 #include <fdt_support.h>
 # ifdef CONFIG_SPL_BUILD
-#  ifdef CONFIG_SPL_CRC32_SUPPORT
+#  ifdef CONFIG_SPL_CRC32
 #   define IMAGE_ENABLE_CRC32	1
 #  endif
-#  ifdef CONFIG_SPL_MD5_SUPPORT
+#  ifdef CONFIG_SPL_MD5
 #   define IMAGE_ENABLE_MD5	1
 #  endif
-#  ifdef CONFIG_SPL_SHA1_SUPPORT
-#   define IMAGE_ENABLE_SHA1	1
-#  endif
 # else
 #  define IMAGE_ENABLE_CRC32	1
 #  define IMAGE_ENABLE_MD5	1
-#  define IMAGE_ENABLE_SHA1	1
 # endif
 
 #ifndef IMAGE_ENABLE_CRC32
@@ -85,31 +82,6 @@ struct fdt_region;
 #define IMAGE_ENABLE_MD5	0
 #endif
 
-#ifndef IMAGE_ENABLE_SHA1
-#define IMAGE_ENABLE_SHA1	0
-#endif
-
-#if defined(CONFIG_FIT_ENABLE_SHA256_SUPPORT) || \
-	defined(CONFIG_SPL_SHA256_SUPPORT)
-#define IMAGE_ENABLE_SHA256	1
-#else
-#define IMAGE_ENABLE_SHA256	0
-#endif
-
-#if defined(CONFIG_FIT_ENABLE_SHA384_SUPPORT) || \
-	defined(CONFIG_SPL_SHA384_SUPPORT)
-#define IMAGE_ENABLE_SHA384	1
-#else
-#define IMAGE_ENABLE_SHA384	0
-#endif
-
-#if defined(CONFIG_FIT_ENABLE_SHA512_SUPPORT) || \
-	defined(CONFIG_SPL_SHA512_SUPPORT)
-#define IMAGE_ENABLE_SHA512	1
-#else
-#define IMAGE_ENABLE_SHA512	0
-#endif
-
 #endif /* IMAGE_ENABLE_FIT */
 
 #ifdef CONFIG_SYS_BOOT_GET_CMDLINE
@@ -1224,20 +1196,14 @@ int calculate_hash(const void *data, int data_len, const char *algo,
 #if defined(USE_HOSTCC)
 # if defined(CONFIG_FIT_SIGNATURE)
 #  define IMAGE_ENABLE_SIGN	1
-#  define IMAGE_ENABLE_VERIFY	1
-#  define IMAGE_ENABLE_VERIFY_ECDSA	1
 #  define FIT_IMAGE_ENABLE_VERIFY	1
 #  include <openssl/evp.h>
 # else
 #  define IMAGE_ENABLE_SIGN	0
-#  define IMAGE_ENABLE_VERIFY	0
-# define IMAGE_ENABLE_VERIFY_ECDSA	0
 #  define FIT_IMAGE_ENABLE_VERIFY	0
 # endif
 #else
 # define IMAGE_ENABLE_SIGN	0
-# define IMAGE_ENABLE_VERIFY		CONFIG_IS_ENABLED(RSA_VERIFY)
-# define IMAGE_ENABLE_VERIFY_ECDSA	0
 # define FIT_IMAGE_ENABLE_VERIFY	CONFIG_IS_ENABLED(FIT_SIGNATURE)
 #endif
 
@@ -1250,11 +1216,6 @@ void image_set_host_blob(void *host_blob);
 # define gd_fdt_blob()		(gd->fdt_blob)
 #endif
 
-#ifdef CONFIG_FIT_BEST_MATCH
-#define IMAGE_ENABLE_BEST_MATCH	1
-#else
-#define IMAGE_ENABLE_BEST_MATCH	0
-#endif
 #endif /* IMAGE_ENABLE_FIT */
 
 /*
@@ -1293,7 +1254,7 @@ struct image_region {
 	int size;
 };
 
-#if IMAGE_ENABLE_VERIFY
+#if FIT_IMAGE_ENABLE_VERIFY
 # include <u-boot/hash-checksum.h>
 #endif
 struct checksum_algo {
@@ -1362,6 +1323,10 @@ struct crypto_algo {
 		      uint8_t *sig, uint sig_len);
 };
 
+/* Declare a new U-Boot crypto algorithm handler */
+#define U_BOOT_CRYPTO_ALGO(__name)						\
+ll_entry_declare(struct crypto_algo, __name, cryptos)
+
 struct padding_algo {
 	const char *name;
 	int (*verify)(struct image_sign_info *info,

include/u-boot/ecdsa.h

@@ -15,7 +15,6 @@
  * @see "struct crypto_algo"
  * @{
  */
-#if IMAGE_ENABLE_SIGN
 /**
  * sign() - calculate and return signature for given input data
  *
@@ -49,22 +48,7 @@ int ecdsa_sign(struct image_sign_info *info, const struct image_region region[],
  * other -ve value on error
  */
 int ecdsa_add_verify_data(struct image_sign_info *info, void *keydest);
-#else
-static inline
-int ecdsa_sign(struct image_sign_info *info, const struct image_region region[],
-	       int region_count, uint8_t **sigp, uint *sig_len)
-{
-	return -ENXIO;
-}
 
-static inline
-int ecdsa_add_verify_data(struct image_sign_info *info, void *keydest)
-{
-	return -ENXIO;
-}
-#endif
-
-#if IMAGE_ENABLE_VERIFY_ECDSA
 /**
  * verify() - Verify a signature against some data
  *
@@ -78,15 +62,6 @@ int ecdsa_add_verify_data(struct image_sign_info *info, void *keydest)
 int ecdsa_verify(struct image_sign_info *info,
 		 const struct image_region region[], int region_count,
 		 uint8_t *sig, uint sig_len);
-#else
-static inline
-int ecdsa_verify(struct image_sign_info *info,
-		 const struct image_region region[], int region_count,
-		 uint8_t *sig, uint sig_len)
-{
-	return -ENXIO;
-}
-#endif
 /** @} */
 
 #define ECDSA256_BYTES	(256 / 8)

include/u-boot/rsa.h

@@ -31,7 +31,6 @@ struct rsa_public_key {
 
 struct image_sign_info;
 
-#if IMAGE_ENABLE_SIGN
 /**
  * sign() - calculate and return signature for given input data
  *
@@ -66,22 +65,7 @@ int rsa_sign(struct image_sign_info *info,
 		other -ve value on error
 */
 int rsa_add_verify_data(struct image_sign_info *info, void *keydest);
-#else
-static inline int rsa_sign(struct image_sign_info *info,
-		const struct image_region region[], int region_count,
-		uint8_t **sigp, uint *sig_len)
-{
-	return -ENXIO;
-}
 
-static inline int rsa_add_verify_data(struct image_sign_info *info,
-				      void *keydest)
-{
-	return -ENXIO;
-}
-#endif
-
-#if IMAGE_ENABLE_VERIFY
 /**
  * rsa_verify_hash() - Verify a signature against a hash
  *
@@ -119,42 +103,11 @@ int padding_pkcs_15_verify(struct image_sign_info *info,
 			   uint8_t *msg, int msg_len,
 			   const uint8_t *hash, int hash_len);
 
-#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
+#ifdef CONFIG_FIT_RSASSA_PSS
 int padding_pss_verify(struct image_sign_info *info,
 		       uint8_t *msg, int msg_len,
 		       const uint8_t *hash, int hash_len);
-#endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */
-#else
-static inline int rsa_verify_hash(struct image_sign_info *info,
-				  const uint8_t *hash,
-				  uint8_t *sig, uint sig_len)
-{
-	return -ENXIO;
-}
-
-static inline int rsa_verify(struct image_sign_info *info,
-		const struct image_region region[], int region_count,
-		uint8_t *sig, uint sig_len)
-{
-	return -ENXIO;
-}
-
-static inline int padding_pkcs_15_verify(struct image_sign_info *info,
-					 uint8_t *msg, int msg_len,
-					 const uint8_t *hash, int hash_len)
-{
-	return -ENXIO;
-}
-
-#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
-static inline int padding_pss_verify(struct image_sign_info *info,
-				     uint8_t *msg, int msg_len,
-				     const uint8_t *hash, int hash_len)
-{
-	return -ENXIO;
-}
-#endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */
-#endif
+#endif /* CONFIG_FIT_RSASSA_PSS */
 
 #define RSA_DEFAULT_PADDING_NAME		"pkcs-1.5"
 

lib/rsa/rsa-sign.c

@@ -442,7 +442,7 @@ static int rsa_sign_with_key(EVP_PKEY *pkey, struct padding_algo *padding_algo,
 		goto err_sign;
 	}
 
-#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
+#ifdef CONFIG_FIT_RSASSA_PSS
 	if (padding_algo && !strcmp(padding_algo->name, "pss")) {
 		if (EVP_PKEY_CTX_set_rsa_padding(ckey,
 						 RSA_PKCS1_PSS_PADDING) <= 0) {
@@ -450,7 +450,7 @@ static int rsa_sign_with_key(EVP_PKEY *pkey, struct padding_algo *padding_algo,
 			goto err_sign;
 		}
 	}
-#endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */
+#endif /* CONFIG_FIT_RSASSA_PSS */
 
 	for (i = 0; i < region_count; i++) {
 		if (!EVP_DigestSignUpdate(context, region[i].data,

lib/rsa/rsa-verify.c

@@ -95,7 +95,7 @@ int padding_pkcs_15_verify(struct image_sign_info *info,
 	return 0;
 }
 
-#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
+#ifdef CONFIG_FIT_RSASSA_PSS
 static void u32_i2osp(uint32_t val, uint8_t *buf)
 {
 	buf[0] = (uint8_t)((val >> 24) & 0xff);
@@ -571,3 +571,19 @@ int rsa_verify(struct image_sign_info *info,
 
 	return rsa_verify_hash(info, hash, sig, sig_len);
 }
+
+#ifndef USE_HOSTCC
+
+U_BOOT_CRYPTO_ALGO(rsa2048) = {
+	.name = "rsa2048",
+	.key_len = RSA2048_BYTES,
+	.verify = rsa_verify,
+};
+
+U_BOOT_CRYPTO_ALGO(rsa4096) = {
+	.name = "rsa4096",
+	.key_len = RSA4096_BYTES,
+	.verify = rsa_verify,
+};
+
+#endif

tools/Kconfig

@@ -9,4 +9,15 @@ config MKIMAGE_DTC_PATH
 	  some cases the system dtc may not support all required features
 	  and the path to a different version should be given here.
 
+config TOOLS_LIBCRYPTO
+	bool "Use OpenSSL's libcrypto library for host tools"
+	default y
+	help
+	  Cryptographic signature, verification, and encryption of images is
+	  provided by host tools using OpenSSL's libcrypto. Select 'n' here if
+	  you wish to build host tools without OpenSSL. mkimage will not have
+	  the ability to sign images.
+	  This selection does not affect target features, such as runtime FIT
+	  signature verification.
+
 endmenu

tools/Makefile

@@ -3,6 +3,25 @@
 # (C) Copyright 2000-2006
 # Wolfgang Denk, DENX Software Engineering, wd@denx.de.
 
+# A note on target vs host configuration:
+#
+# Host tools can be used across multiple targets, or different configurations
+# of the same target. Thus, host tools must be able to handle any combination
+# of target configurations. To prevent having different variations of the same
+# tool, the tool build options may not depend on target configuration.
+#
+# Some linux distributions package these utilities as u-boot-tools, and it
+# would be unmaintainable to have a different tool variation for each
+# arch or configuration.
+#
+# A couple of simple rules:
+#
+# 1) Do not use target CONFIG_* options to enable or disable features in host
+#    tools. Only use the configs from tools/Kconfig
+# 2) It's okay to use target configs to disable building specific tools.
+#    That's as long as the features of those tools aren't modified.
+#
+
 # Enable all the config-independent tools
 ifneq ($(HOST_TOOLS_ALL),)
 CONFIG_ARCH_KIRKWOOD = y
@@ -53,30 +72,30 @@ hostprogs-y += mkenvimage
 mkenvimage-objs := mkenvimage.o os_support.o lib/crc32.o
 
 hostprogs-y += dumpimage mkimage
-hostprogs-$(CONFIG_FIT_SIGNATURE) += fit_info fit_check_sign
+hostprogs-$(CONFIG_TOOLS_LIBCRYPTO) += fit_info fit_check_sign
 
 hostprogs-$(CONFIG_CMD_BOOTEFI_SELFTEST) += file2include
 
-FIT_OBJS-$(CONFIG_FIT) := fit_common.o fit_image.o image-host.o common/image-fit.o
-FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig.o common/image-fit-sig.o
-FIT_CIPHER_OBJS-$(CONFIG_FIT_CIPHER) := common/image-cipher.o
+FIT_OBJS-y := fit_common.o fit_image.o image-host.o common/image-fit.o
+FIT_SIG_OBJS-$(CONFIG_TOOLS_LIBCRYPTO) := image-sig-host.o common/image-fit-sig.o
+FIT_CIPHER_OBJS-$(CONFIG_TOOLS_LIBCRYPTO) := common/image-cipher.o
 
 # The following files are synced with upstream DTC.
 # Use synced versions from scripts/dtc/libfdt/.
 LIBFDT_OBJS := $(addprefix libfdt/, fdt.o fdt_ro.o fdt_wip.o fdt_sw.o fdt_rw.o \
 		fdt_strerror.o fdt_empty_tree.o fdt_addresses.o fdt_overlay.o)
 
-RSA_OBJS-$(CONFIG_FIT_SIGNATURE) := $(addprefix lib/rsa/, \
+RSA_OBJS-$(CONFIG_TOOLS_LIBCRYPTO) := $(addprefix lib/rsa/, \
 					rsa-sign.o rsa-verify.o \
 					rsa-mod-exp.o)
 
-ECDSA_OBJS-$(CONFIG_FIT_SIGNATURE) := $(addprefix lib/ecdsa/, ecdsa-libcrypto.o)
+ECDSA_OBJS-$(CONFIG_TOOLS_LIBCRYPTO) := $(addprefix lib/ecdsa/, ecdsa-libcrypto.o)
 
-AES_OBJS-$(CONFIG_FIT_CIPHER) := $(addprefix lib/aes/, \
+AES_OBJS-$(CONFIG_TOOLS_LIBCRYPTO) := $(addprefix lib/aes/, \
 					aes-encrypt.o aes-decrypt.o)
 
 # Cryptographic helpers that depend on openssl/libcrypto
-LIBCRYPTO_OBJS-$(CONFIG_FIT_SIGNATURE) := $(addprefix lib/, \
+LIBCRYPTO_OBJS-$(CONFIG_TOOLS_LIBCRYPTO) := $(addprefix lib/, \
 					fdt-libcrypto.o)
 
 ROCKCHIP_OBS = lib/rc4.o rkcommon.o rkimage.o rksd.o rkspi.o
@@ -136,22 +155,17 @@ fit_info-objs   := $(dumpimage-mkimage-objs) fit_info.o
 fit_check_sign-objs   := $(dumpimage-mkimage-objs) fit_check_sign.o
 file2include-objs := file2include.o
 
-ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_FIT_SIGNATURE),)
+ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_TOOLS_LIBCRYPTO),)
 # Add CONFIG_MXS into host CFLAGS, so we can check whether or not register
 # the mxsimage support within tools/mxsimage.c .
 HOSTCFLAGS_mxsimage.o += -DCONFIG_MXS
 endif
 
-ifdef CONFIG_FIT_SIGNATURE
+ifdef CONFIG_TOOLS_LIBCRYPTO
 # This affects include/image.h, but including the board config file
 # is tricky, so manually define this options here.
 HOST_EXTRACFLAGS	+= -DCONFIG_FIT_SIGNATURE
-HOST_EXTRACFLAGS	+= -DCONFIG_FIT_SIGNATURE_MAX_SIZE=$(CONFIG_FIT_SIGNATURE_MAX_SIZE)
-endif
-
-ifdef CONFIG_FIT_CIPHER
-# This affects include/image.h, but including the board config file
-# is tricky, so manually define this options here.
+HOST_EXTRACFLAGS	+= -DCONFIG_FIT_SIGNATURE_MAX_SIZE=0xffffffff
 HOST_EXTRACFLAGS	+= -DCONFIG_FIT_CIPHER
 endif
 
@@ -164,7 +178,7 @@ HOSTCFLAGS_kwbimage.o += -DCONFIG_KWB_SECURE
 endif
 
 # MXSImage needs LibSSL
-ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_FIT_SIGNATURE)$(CONFIG_FIT_CIPHER),)
+ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_TOOLS_LIBCRYPTO),)
 HOSTCFLAGS_kwbimage.o += \
 	$(shell pkg-config --cflags libssl libcrypto 2> /dev/null || echo "")
 HOSTLDLIBS_mkimage += \

tools/image-sig-host.c

@@ -0,0 +1,133 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright (c) 2013, Google Inc.
+ */
+
+#include "mkimage.h"
+#include <fdt_support.h>
+#include <time.h>
+#include <linux/libfdt.h>
+#include <image.h>
+#include <u-boot/ecdsa.h>
+#include <u-boot/rsa.h>
+#include <u-boot/hash-checksum.h>
+
+struct checksum_algo checksum_algos[] = {
+	{
+		.name = "sha1",
+		.checksum_len = SHA1_SUM_LEN,
+		.der_len = SHA1_DER_LEN,
+		.der_prefix = sha1_der_prefix,
+		.calculate_sign = EVP_sha1,
+		.calculate = hash_calculate,
+	},
+	{
+		.name = "sha256",
+		.checksum_len = SHA256_SUM_LEN,
+		.der_len = SHA256_DER_LEN,
+		.der_prefix = sha256_der_prefix,
+		.calculate_sign = EVP_sha256,
+		.calculate = hash_calculate,
+	},
+	{
+		.name = "sha384",
+		.checksum_len = SHA384_SUM_LEN,
+		.der_len = SHA384_DER_LEN,
+		.der_prefix = sha384_der_prefix,
+		.calculate_sign = EVP_sha384,
+		.calculate = hash_calculate,
+	},
+	{
+		.name = "sha512",
+		.checksum_len = SHA512_SUM_LEN,
+		.der_len = SHA512_DER_LEN,
+		.der_prefix = sha512_der_prefix,
+		.calculate_sign = EVP_sha512,
+		.calculate = hash_calculate,
+	},
+};
+
+struct crypto_algo crypto_algos[] = {
+	{
+		.name = "rsa2048",
+		.key_len = RSA2048_BYTES,
+		.sign = rsa_sign,
+		.add_verify_data = rsa_add_verify_data,
+		.verify = rsa_verify,
+	},
+	{
+		.name = "rsa4096",
+		.key_len = RSA4096_BYTES,
+		.sign = rsa_sign,
+		.add_verify_data = rsa_add_verify_data,
+		.verify = rsa_verify,
+	},
+	{
+		.name = "ecdsa256",
+		.key_len = ECDSA256_BYTES,
+		.sign = ecdsa_sign,
+		.add_verify_data = ecdsa_add_verify_data,
+		.verify = ecdsa_verify,
+	},
+};
+
+struct padding_algo padding_algos[] = {
+	{
+		.name = "pkcs-1.5",
+		.verify = padding_pkcs_15_verify,
+	},
+	{
+		.name = "pss",
+		.verify = padding_pss_verify,
+	}
+};
+
+struct checksum_algo *image_get_checksum_algo(const char *full_name)
+{
+	int i;
+	const char *name;
+
+	for (i = 0; i < ARRAY_SIZE(checksum_algos); i++) {
+		name = checksum_algos[i].name;
+		/* Make sure names match and next char is a comma */
+		if (!strncmp(name, full_name, strlen(name)) &&
+		    full_name[strlen(name)] == ',')
+			return &checksum_algos[i];
+	}
+
+	return NULL;
+}
+
+struct crypto_algo *image_get_crypto_algo(const char *full_name)
+{
+	int i;
+	const char *name;
+
+	/* Move name to after the comma */
+	name = strchr(full_name, ',');
+	if (!name)
+		return NULL;
+	name += 1;
+
+	for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
+		if (!strcmp(crypto_algos[i].name, name))
+			return &crypto_algos[i];
+	}
+
+	return NULL;
+}
+
+struct padding_algo *image_get_padding_algo(const char *name)
+{
+	int i;
+
+	if (!name)
+		return NULL;
+
+	for (i = 0; i < ARRAY_SIZE(padding_algos); i++) {
+		if (!strcmp(padding_algos[i].name, name))
+			return &padding_algos[i];
+	}
+
+	return NULL;
+}