rsa: add support of padding pss We add the support of the padding pss for rsa signature. This new padding is often recommended instead of pkcs-1.5. Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> Reviewed-by: Simon Glass <sjg@chromium.org>

commit: 47d73f002939ec61bb44fe2a49f4580a9b27e75c [log] [tgz]
author: Philippe Reynes <philippe.reynes@softathome.com> Wed Nov 14 13:51:01 2018 +0100
committer: Tom Rini <trini@konsulko.com> Mon Dec 03 10:44:10 2018 -0500
tree: f16e131f6e8fd1a724fd70d6669c9011f28c23eb
parent: 1246835397e24416377d9830393e5dea2a1a297d [diff] [blame]
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 6aa0e2a..fb5e07b 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c

@@ -438,6 +438,16 @@
 		goto err_sign;
 	}
 
+#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
+	if (padding_algo && !strcmp(padding_algo->name, "pss")) {
+		if (EVP_PKEY_CTX_set_rsa_padding(ckey,
+						 RSA_PKCS1_PSS_PADDING) <= 0) {
+			ret = rsa_err("Signer padding setup failed");
+			goto err_sign;
+		}
+	}
+#endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */
+
 	for (i = 0; i < region_count; i++) {
 		if (!EVP_DigestSignUpdate(context, region[i].data,
 					  region[i].size)) {
commit	47d73f002939ec61bb44fe2a49f4580a9b27e75c	[log] [tgz]
author	Philippe Reynes <philippe.reynes@softathome.com>	Wed Nov 14 13:51:01 2018 +0100
committer	Tom Rini <trini@konsulko.com>	Mon Dec 03 10:44:10 2018 -0500
tree	f16e131f6e8fd1a724fd70d6669c9011f28c23eb
parent	1246835397e24416377d9830393e5dea2a1a297d [diff] [blame]