On Fri, Apr 17, 2020 at 08:19:04AM +1200, Reuben Dowle wrote:
The current recommendation for best security practice from the US government is to use SHA384 for TOP SECRET [1].
This patch adds support for SHA384 and SHA512 in the hash command, and also allows FIT images to be hashed with these algorithms, and signed with sha384,rsaXXXX and sha512,rsaXXXX
The SHA implementation is adapted from the linux kernel implementation.
[1] Commercial National Security Algorithm Suite http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm
Signed-off-by: Reuben Dowle reuben.dowle@4rf.com
Two general comments. First, please use CONFIG_IS_ENABLED() to test for the new symbols so that we won't have any growth in SPL if we have one of these enabled in the main binary but NOT SPL. Second, please make sure that all new files have an SPDX license tag on them. Finally, when porting code from the Linux kernel please make sure to include what release or githash they came from, thanks!