Padding verification was done against static SHA/RSA pair arrays which
take up a lot of static memory, are mostly 0xff, and cannot be reused
for additional SHA/RSA pairings. The padding can be easily computed
according to PKCS#1v2.1 as:

  EM = 0x00 || 0x01 || PS || 0x00 || T

where PS is (emLen - tLen - 3) octets of 0xff and T is DER encoding
of the hash.

Store DER prefix in checksum_algo and create rsa_verify_padding
function to handle verification of a message for any SHA/RSA pairing.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

In a number of places we had wordings of the GPL (or LGPL in a few
cases) license text that were split in such a way that it wasn't caught
previously.  Convert all of these to the correct SPDX-License-Identifier
tag.

Signed-off-by: Tom Rini <trini@konsulko.com>

This prevents a clang warning.
Signed-off-by: Jeroen Hofstee <jeroen@myspectrum.nl>

commit 18b06652 "tools: include u-boot version of sha256.h"
unconditionally forced the sha256.h from u-boot to be used
for tools instead of the host version. This is fragile though
as it will also include the host version. Therefore move it
to include/u-boot to join u-boot/md5.h etc which were renamed
for the same reason.

cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Jeroen Hofstee <jeroen@myspectrum.nl>

In preparation for making the hash function common, we may as well use
const where we can. Also the input length cannot be negative, but may
be very large, so use unsigned.

Signed-off-by: Simon Glass <sjg@chromium.org>

Now that the other architecture-specific lib directories have been
moved out of the top-level directory there's not much reason to have the
'_generic' suffix on the common lib directory.

Signed-off-by: Peter Tyser <ptyser@xes-inc.com>

This commit:
commit 338cc038
Author: Wolfgang Denk <wd@denx.de>
Date:   Fri Jun 6 14:28:14 2008 +0200

    tools/mkimage: fix compiler warnings on some systems.

Broke building on some systems, because the host's string.h was interfering
with u-boot's linux/string.h.  It doesn't look like we need the u-boot one if
we're building for the host, so now we only include when building inside
u-boot.

Signed-off-by: Andy Fleming <afleming@freescale.com>

Signed-off-by: Wolfgang Denk <wd@denx.de>

Some files didn't get updated properly with the "Use watchdog-aware
functions when calculating hashes of images" commit, this commit
fixes this.

Signed-off-by: Bartlomiej Sieka <tur@semihalf.com>
Signed-off-by: Wolfgang Denk <wd@denx.de>

Implement watchodg-aware variants of hash calculation functions:
- crc32_wd()
- md5_wd()
- sha1_csum_wd()
The above functions calculate the hash of the input buffer in chunks,
triggering the watchdog after processing each chunk. The chunk size
is given as a function call parameter.

Signed-off-by: Bartlomiej Sieka <tur@semihalf.com>

Signed-off-by: Wolfgang Denk <wd@denx.de>

                - Show on the Status LEDs, some States of the board.
                - Get the MAC addresses from the EEProm
                - use PREBOOT
                - use the CF on the board.
                - check the U-Boot image in the Flash with a SHA1
                  checksum.
                - use dynamic TLB entries generation for the SDRAM

Signed-off-by: Heiko Schocher <hs@denx.de>