[PATCH 3/6] crypto: include public key hashes

Thu Aug 21 06:18:26 PDT 2025

The keys built into the barebox binary are not identifiable. They might
have a key name hint, but this is optional. This adds a sha256 hash
to struct public_key which can be printed when a key is used. The
hash can be obtained on the host from the certificate files or public
key PEM files with openssl commands:

openssl x509 -in crypto/fit-ecdsa-development.crt -pubkey -noout | openssl ec -pubin -inform PEM -outform DER | openssl dgst -sha256
cat ~/git/ptx-code-signing-dev/fit/fit-ecdsa-development.public-key | openssl ec -pubin -inform PEM -outform DER | openssl dgst -sha256

Signed-off-by: Sascha Hauer <s.hauer at pengutronix.de>
---
 crypto/public-keys.c        |  2 ++
 include/crypto/public_key.h |  2 ++
 scripts/keytoc.c            | 59 +++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 63 insertions(+)

diff --git a/crypto/public-keys.c b/crypto/public-keys.c
index fba963db4eb875196daf0e3a4e3fb3cac844796a..3b691ffd6aa536084aefca90933b4bb74b724423 100644
--- a/crypto/public-keys.c
+++ b/crypto/public-keys.c
@@ -46,6 +46,8 @@ static struct public_key *public_key_dup(const struct public_key *key)
 	k->type = key->type;
 	if (key->key_name_hint)
 		k->key_name_hint = xstrdup(key->key_name_hint);
+	k->hash = xmemdup(key->hash, key->hashlen);
+	k->hashlen = key->hashlen;
 
 	switch (key->type) {
 	case PUBLIC_KEY_TYPE_RSA:
diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index d4e75981738ba9651145b9a03527525ae63d6c39..7edea2d69190cb30f328510f905bab3054ad5845 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -15,6 +15,8 @@ struct public_key {
 	enum public_key_type type;
 	struct list_head list;
 	char *key_name_hint;
+	unsigned char *hash;
+	unsigned int hashlen;
 
 	union {
 		struct rsa_public_key *rsa;
diff --git a/scripts/keytoc.c b/scripts/keytoc.c
index c92465707f65950e95b04afe58fb10161178998c..4e5ef72cfc9a82be6fa2a74b94a663136dd703b6 100644
--- a/scripts/keytoc.c
+++ b/scripts/keytoc.c
@@ -452,6 +452,45 @@ static EVP_PKEY *reimport_key(EVP_PKEY *pkey)
 	return pkey_out;
 }
 
+static int print_hash(EVP_PKEY *key)
+{
+	int i, ret;
+	BIO *mem;
+	BUF_MEM *p;
+	unsigned char hash[SHA256_DIGEST_LENGTH];
+	SHA256_CTX sha256;
+	mem = BIO_new(BIO_s_mem());
+
+	ret = i2d_PUBKEY_bio(mem, key);
+	if (ret != 1)
+		goto err;
+
+	BIO_get_mem_ptr(mem, &p);
+
+	ret = SHA256_Init(&sha256);
+	if (ret != 1)
+		goto err;
+
+	ret = SHA256_Update(&sha256, p->data, p->length);
+	if (ret != 1)
+		goto err;
+
+	ret = SHA256_Final(hash, &sha256);
+	if (ret != 1)
+		goto err;
+
+	for (i = 0; i < SHA256_DIGEST_LENGTH; i++)
+		fprintf(outfilep, "0x%02x, ", hash[i]);
+
+	fprintf(outfilep, "\n");
+
+	ret = 0;
+err:
+	BIO_free(mem);
+
+	return ret ? -EINVAL : 0;
+}
+
 static int gen_key_ecdsa(EVP_PKEY *key, const char *key_name, const char *key_name_c)
 {
 	char group[128];
@@ -482,6 +521,14 @@ static int gen_key_ecdsa(EVP_PKEY *key, const char *key_name, const char *key_na
 		fprintf(stderr, "ERROR: generating a dts snippet for ECDSA keys is not yet supported\n");
 		return -EOPNOTSUPP;
 	} else {
+		fprintf(outfilep, "\nstatic unsigned char %s_hash[] = {\n\t", key_name_c);
+
+		ret = print_hash(key);
+		if (ret)
+			return ret;
+
+		fprintf(outfilep, "\n};\n\n");
+
 		fprintf(outfilep, "\nstatic uint64_t %s_x[] = {", key_name_c);
 		ret = print_bignum(key_x, bits, 64);
 		if (ret)
@@ -506,6 +553,8 @@ static int gen_key_ecdsa(EVP_PKEY *key, const char *key_name, const char *key_na
 			fprintf(outfilep, "\nstruct public_key __attribute__((section(\".public_keys.rodata.%s\"))) %s_public_key = {\n", key_name_c, key_name_c);
 			fprintf(outfilep, "\t.type = PUBLIC_KEY_TYPE_ECDSA,\n");
 			fprintf(outfilep, "\t.key_name_hint = \"%s\",\n", key_name);
+			fprintf(outfilep, "\t.hash = %s_hash,\n", key_name_c);
+			fprintf(outfilep, "\t.hashlen = %u,\n", SHA256_DIGEST_LENGTH);
 			fprintf(outfilep, "\t.ecdsa = &%s,\n", key_name_c);
 			fprintf(outfilep, "};\n");
 		}
@@ -568,6 +617,14 @@ static int gen_key_rsa(EVP_PKEY *key, const char *key_name, const char *key_name
 		fprintf(outfilep, "\t\t\tkey-name-hint = \"%s\";\n", key_name_c);
 		fprintf(outfilep, "\t\t};\n");
 	} else {
+		fprintf(outfilep, "\nstatic unsigned char %s_hash[] = {\n\t", key_name_c);
+
+		ret = print_hash(key);
+		if (ret)
+			return ret;
+
+		fprintf(outfilep, "\n};\n\n");
+
 		fprintf(outfilep, "\nstatic uint32_t %s_modulus[] = {", key_name_c);
 		ret = print_bignum(modulus, bits, 32);
 		if (ret)
@@ -600,6 +657,8 @@ static int gen_key_rsa(EVP_PKEY *key, const char *key_name, const char *key_name
 			fprintf(outfilep, "\nstruct public_key __attribute__((section(\".public_keys.rodata.%s\"))) %s_public_key = {\n", key_name_c, key_name_c);
 			fprintf(outfilep, "\t.type = PUBLIC_KEY_TYPE_RSA,\n");
 			fprintf(outfilep, "\t.key_name_hint = \"%s\",\n", key_name);
+			fprintf(outfilep, "\t.hash = %s_hash,\n", key_name_c);
+			fprintf(outfilep, "\t.hashlen = %u,\n", SHA256_DIGEST_LENGTH);
 			fprintf(outfilep, "\t.rsa = &%s,\n", key_name_c);
 			fprintf(outfilep, "};\n");
 		}

-- 
2.39.5


