Cover Letter Detail
Show a cover letter.
GET /api/1.2/covers/2224480/?format=api
{ "id": 2224480, "url": "http://patchwork.ozlabs.org/api/1.2/covers/2224480/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/cover/20260417130204.49896-1-philippe.reynes@softathome.com/", "project": { "id": 18, "url": "http://patchwork.ozlabs.org/api/1.2/projects/18/?format=api", "name": "U-Boot", "link_name": "uboot", "list_id": "u-boot.lists.denx.de", "list_email": "u-boot@lists.denx.de", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260417130204.49896-1-philippe.reynes@softathome.com>", "list_archive_url": null, "date": "2026-04-17T13:01:50", "name": "[v4,00/14] add software ecdsa support", "submitter": { "id": 74351, "url": "http://patchwork.ozlabs.org/api/1.2/people/74351/?format=api", "name": "Philippe Reynes", "email": "philippe.reynes@softathome.com" }, "mbox": "http://patchwork.ozlabs.org/project/uboot/cover/20260417130204.49896-1-philippe.reynes@softathome.com/mbox/", "series": [ { "id": 500332, "url": "http://patchwork.ozlabs.org/api/1.2/series/500332/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/list/?series=500332", "date": "2026-04-17T13:02:04", "name": "add software ecdsa support", "version": 4, "mbox": "http://patchwork.ozlabs.org/series/500332/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/covers/2224480/comments/", "headers": { "Return-Path": "<u-boot-bounces@lists.denx.de>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.a=rsa-sha256 header.s=selector1-softathome1-onmicrosoft-com\n header.b=peyXSivZ;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=85.214.62.61; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)", "phobos.denx.de;\n dmarc=none (p=none dis=none) header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de", "phobos.denx.de;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.b=\"peyXSivZ\";\n\tdkim-atps=neutral", "phobos.denx.de; dmarc=none (p=none dis=none)\n header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=philippe.reynes@softathome.com" ], "Received": [ "from phobos.denx.de (phobos.denx.de [85.214.62.61])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fxw6Q5z66z1yCv\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 17 Apr 2026 23:03:10 +1000 (AEST)", "from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id DC1A384368;\n\tFri, 17 Apr 2026 15:02:18 +0200 (CEST)", "by phobos.denx.de (Postfix, from userid 109)\n id 5BFCE841C2; Fri, 17 Apr 2026 15:02:17 +0200 (CEST)", "from MRZP264CU002.outbound.protection.outlook.com\n (mail-francesouthazlp170100001.outbound.protection.outlook.com\n [IPv6:2a01:111:f403:c207::1])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id 601EF842BF\n for <u-boot@lists.denx.de>; Fri, 17 Apr 2026 15:02:14 +0200 (CEST)", "from MR1P264CA0024.FRAP264.PROD.OUTLOOK.COM (2603:10a6:501:2f::11)\n by MR0P264MB5446.FRAP264.PROD.OUTLOOK.COM (2603:10a6:501:4b::17) with\n Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9818.25; Fri, 17 Apr\n 2026 13:02:10 +0000", "from MR1PEPF00000D57.FRAP264.PROD.OUTLOOK.COM\n (2603:10a6:501:2f:cafe::c6) by MR1P264CA0024.outlook.office365.com\n (2603:10a6:501:2f::11) with Microsoft SMTP Server (version=TLS1_3,\n cipher=TLS_AES_256_GCM_SHA384) id 15.20.9769.52 via Frontend Transport; Fri,\n 17 Apr 2026 13:02:10 +0000", "from proxy.softathome.com (149.6.166.170) by\n MR1PEPF00000D57.mail.protection.outlook.com (10.167.241.4) with Microsoft\n SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9769.17\n via Frontend Transport; Fri, 17 Apr 2026 13:02:09 +0000", "from sah1lpt726.home (unknown [192.168.72.39])\n by proxy.softathome.com (Postfix) with ESMTPSA id 8431B1FFF4;\n Fri, 17 Apr 2026 15:02:09 +0200 (CEST)" ], "X-Spam-Checker-Version": "SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de", "X-Spam-Level": "", "X-Spam-Status": "No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,\n DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_PASS,SPF_PASS autolearn=ham\n autolearn_force=no version=3.4.2", "ARC-Seal": "i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;\n b=EU3KuqY3gWf56aGHRa2qTZW4ZWR7SwJFK6LQXSHCxRbhjRy6iKwi4UyNgS7yjRIiUBvNcDzQww6uych0AAL9NKHY20zMRWwKOHhnA1VMvBKMfIfVRSK/d+vVaP4pe9Kmy1hSRUy8EtysmF94OrjKtSbCs3H8FSL5zmiXFICqRnPcIkm+jdaLGckiXHKj9CyCru4GZdvmpT+p66uJ9Tggb4QLD1kRFpNLV6gR2hCsKULosj2Vb6YQeUQTO6P/5UUbF4Vb9Mli6pgk3nqudYOvtbvvvA9HtFuCjH0IZHnDWJVt9dvrXn+mqpMROA0BoqISVk38hIfwY0ZGmNdc7cakNQ==", "ARC-Message-Signature": "i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;\n s=arcselector10001;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;\n bh=Hv4zMAEGQK3DFFQc4W+9xhZbm/kS7mZnx06FPh3nQDk=;\n b=VAGZFTu2TNaeid/y98zhks5ld+AHxOaXq8jxNa2CUTxvJ6MD6sLGPJ9SKh6fL0/xMHbkVvagol0j4DPEFwFEQPxzgZQgD6kQwx0rIZaHMcK5waja65XGQi4/wZLANmPxfGwtEXvKCziMMP/a0TP6aph7bkFP4C9RMd94oTsQeoC6aQx4GceAZmu5gwbCKMEAj3E/lqjZQrDiP8Jqd1G7vumAB6oUQ6KUvnwkdMjodqr3BBFGQM9JfVC7Vuy0mDbqJuAB+pyaAbMCAqCy4qewMJWLLlMAVCqJn1pO4kHOSTBBssW9xNRzf1a3K/dml/y4pRmtqRAeiaQle8bpsZttDA==", "ARC-Authentication-Results": "i=1; mx.microsoft.com 1; spf=pass (sender ip is\n 149.6.166.170) smtp.rcpttodomain=canonical.com smtp.mailfrom=softathome.com;\n dmarc=bestguesspass action=none header.from=softathome.com; dkim=none\n (message not signed); arc=none (0)", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=softathome1.onmicrosoft.com; s=selector1-softathome1-onmicrosoft-com;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;\n bh=Hv4zMAEGQK3DFFQc4W+9xhZbm/kS7mZnx06FPh3nQDk=;\n b=peyXSivZOoqv05vmSb8QsTlaWIzT+rKWJUqdjFjrNpmU6B2celSfGpu5r4MLZl9W0UdU/OkVLOk7pbIBdPNkuV7RZyu+aeXflK8cziK/l/PxEyQ5wGfhXQQfkF79zw9c7HsL90abr222OthRN0GYt1Odz5B7pHwUb872gF0BiYhsj4CNVB0msUhsNA9rgaCMMhJ9bbxvXxq7IKkcMy6NJhujI7gX+AHV+qZSaZg8T3EGHRpxlsuPRpKJUSQZsKrKfIhi4iKLoApXO2t7SU8G1RbkM0lQy6y/9Tcj6zn/zPdo3vnczYy522de3/i4/YZAqJ1kUfwBb0HUN40rOu0wjw==", "X-MS-Exchange-Authentication-Results": "spf=pass (sender IP is 149.6.166.170)\n smtp.mailfrom=softathome.com; dkim=none (message not signed)\n header.d=none;dmarc=bestguesspass action=none header.from=softathome.com;", "Received-SPF": "Pass (protection.outlook.com: domain of softathome.com\n designates 149.6.166.170 as permitted sender)\n receiver=protection.outlook.com; client-ip=149.6.166.170;\n helo=proxy.softathome.com; pr=C", "From": "Philippe Reynes <philippe.reynes@softathome.com>", "To": "marko.makela@iki.fi, jonny.green@keytechinc.com, raymondmaoca@gmail.com,\n trini@konsulko.com, simon.glass@canonical.com", "Cc": "u-boot@lists.denx.de,\n\tPhilippe Reynes <philippe.reynes@softathome.com>", "Subject": "[PATCH v4 00/14] add software ecdsa support", "Date": "Fri, 17 Apr 2026 15:01:50 +0200", "Message-ID": "<20260417130204.49896-1-philippe.reynes@softathome.com>", "X-Mailer": "git-send-email 2.43.0", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-EOPAttributedMessage": "0", "X-MS-PublicTrafficType": "Email", "X-MS-TrafficTypeDiagnostic": "MR1PEPF00000D57:EE_|MR0P264MB5446:EE_", "Content-Type": "text/plain", "X-MS-Office365-Filtering-Correlation-Id": "20916d5b-8e15-40c2-daa8-08de9c818922", "X-MS-Exchange-SenderADCheck": "1", "X-MS-Exchange-AntiSpam-Relay": "0", "X-Microsoft-Antispam": "BCL:0;\n ARA:13230040|1800799024|82310400026|36860700016|376014|56012099003|18002099003;", "X-Microsoft-Antispam-Message-Info": "\n yELsczSeJkAI6ac1E2XbC6E5VRoXvgO++WrWxqkbKI1vKO7mdUVPA8Q847R9ruUTMH9tNqVdOKs3sS5ECdHWGwgrWYln75NNyHp8Q0ZhqjZHZy1QKvHnSCrYR5Xll++Iz7q82n8/grNVbmQ0ew65E/Q7/tACAZNWNvYk43A1h4KxV30fKZCd4MsBUDKQ0Va0N78yM7A2mPu5mD1sTLclohI6vt+zocbXjRxZsudnEItRDTzB/Ovz64vBiXxxtRniDz1/vudHWwcJlLDkqqYnoWT4emEK/Wea+AIY8F5ZhWlQk+vTBFc7Zf5Eq2ViQZqLr851aQMjHGvmejAFI3vhrgXCwSMvcje7p383uXlWnaDNkut8T3IaTSa7J7+L057HIpkGGYr5CBHsLfgz87jiITFjegKp8Lb5hpBXC6N2CzqK0nOTjz0jR1/JYrd/mJ5fNv9EN30sc4dgs7d0sTUu6i99blszRQOM4L6DyBtxtvD2R4e+hzWCPKFbRTHtGJIWi7EiHTBPme00xx04N45a6STanlytIWFmFcCpzaAsoSu3lduhWDg/8ETPkdfQru23/qETHwKxdwlPOCO1ptlG6d6MaIjufB7Q+XWfnwVe8CbjhkzYZvNdppNugnD6ce8673ztf82xr5VKKFznwfnsaglt5dGq/ZQ0OangYaeQbz42QKPP4bnMqYVx7DERW/5jmUpoONUvph1Ld9CMs4y7MLlcPHyAX3y7qTTwFbbPWBiFMtkclWA1IlULTl0V8CF2ecmhTNNZGpfUMdtd59p+Bw==", "X-Forefront-Antispam-Report": "CIP:149.6.166.170; CTRY:FR; LANG:en; SCL:1; SRV:;\n IPV:CAL; SFV:NSPM; H:proxy.softathome.com; PTR:InfoDomainNonexistent;\n CAT:NONE;\n SFS:(13230040)(1800799024)(82310400026)(36860700016)(376014)(56012099003)(18002099003);\n DIR:OUT; SFP:1101;", "X-MS-Exchange-AntiSpam-MessageData-ChunkCount": "1", "X-MS-Exchange-AntiSpam-MessageData-0": "\n fIxKQ6Mc8jsV/sXjvGieyja/sQnXMIe1oMb08z38y4LV/NNHK7Ni8b6uwIwtBu2KVhgB8/dJE5Mmih+i+tTYriC/CvJ2+OKCPSutFhVNwpIdvOz1Ke8EAGVo8xPxTAeWrcyY6thO7XfM7B9K8qBe9nWAyPLkfj5U6nWfFXf+BBG5wOQTgGTTrCEjXXP3txpmgvuFDmiarvN+cBWmpf7RdETftjIL643p73t3t4LEHWM5vphXBMNeXh+3O5FyjBAL8S7VXHtgWmKMXx4akQeCbpGJ9c5mpEQ09drn4SxfqJlEpXALbSkx3nXuKUj+fwA5H7xv8MFQ//aRqROfePKHHdr5fm1J0qsc457pq80HZyPKHnV2gOiTD29hLo2GyjlEx+gDbtXP2E7breVFvdlEeTWqTUuNj5JEqK1+OT9aOvAM+gFWWYxUpfEapZ/k8Z5b", "X-OriginatorOrg": "softathome.com", "X-MS-Exchange-CrossTenant-OriginalArrivalTime": "17 Apr 2026 13:02:09.7944 (UTC)", "X-MS-Exchange-CrossTenant-Network-Message-Id": "\n 20916d5b-8e15-40c2-daa8-08de9c818922", "X-MS-Exchange-CrossTenant-Id": "aa10e044-e405-4c10-8353-36b4d0cce511", "X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp": "\n TenantId=aa10e044-e405-4c10-8353-36b4d0cce511; Ip=[149.6.166.170];\n Helo=[proxy.softathome.com]", "X-MS-Exchange-CrossTenant-AuthSource": "MR1PEPF00000D57.FRAP264.PROD.OUTLOOK.COM", "X-MS-Exchange-CrossTenant-AuthAs": "Anonymous", "X-MS-Exchange-CrossTenant-FromEntityHeader": "HybridOnPrem", "X-MS-Exchange-Transport-CrossTenantHeadersStamped": "MR0P264MB5446", "X-BeenThere": "u-boot@lists.denx.de", "X-Mailman-Version": "2.1.39", "Precedence": "list", "List-Id": "U-Boot discussion <u-boot.lists.denx.de>", "List-Unsubscribe": "<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>", "List-Archive": "<https://lists.denx.de/pipermail/u-boot/>", "List-Post": "<mailto:u-boot@lists.denx.de>", "List-Help": "<mailto:u-boot-request@lists.denx.de?subject=help>", "List-Subscribe": "<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>", "Errors-To": "u-boot-bounces@lists.denx.de", "Sender": "\"U-Boot\" <u-boot-bounces@lists.denx.de>", "X-Virus-Scanned": "clamav-milter 0.103.8 at phobos.denx.de", "X-Virus-Status": "Clean" }, "content": "This serie adds the support of ecdsa with software\nusing mbedtls. So boards without ecdsa hardware may\nalso use signature with ecdsa.\n\nTo add the support of ecdsa with mbedtls, I have:\n- enabled ecdsa in mbedtls\n- add a function sw_ecdsa_verify that uses mbedtls\n- add a driver sw_ecdsa that call sw_ecdsa_verify\n\nI have tested this code with sandbox, and I have\nfollowed those steps:\n\n0) build u-boot using sandbox_defconfig and adding those options:\nCONFIG_ECDSA_SW=y\nCONFIG_ECDSA_MBEDTLS=y\nCONFIG_ECDSA=y\nCONFIG_ECDSA_VERIFY=y\n\n1) add a signature node to an its file\n\tsignature-256 {\n\t\talgo = \"sha256,ecdsa256\";\n\t\tkey-name-hint = \"private-key-256\";\n\t};\n\n2) generate an ecdsa key\nopenssl ecparam -name prime256v1 -genkey -noout -out private-key-256.pem\n\n3) create the itb file\n./tools/mkimage -f <file.its> -k . -K arch/sandbox/dts/test.dtb <file.itb>\n\n4) launch sandbox u-boot\n\n./u-boot -d arch/sandbox/dts/test.dtb\n\n5) on sandbox u-boot prompt, load the itb and launch bootm on it\n\n=> host load hostfs - 1000000 uboot-ecdsa.itb\n4628674 bytes read in 1 ms (4.3 GiB/s)\n=> bootm 1000000\n...\n...\n Verifying Hash Integrity ... sha256,ecdsa256:private-key-256+ OK\n\n\nI have tested with success ecdsa256 and ecdsa384,\nbut there is an issue with secp521r1. \n\nChanges in v2:\n- move ECDSA_MBEDTLS to MBEDTLS_LIB_X509\n- rename lib/mbedtls/sw_ecdsa.c to lib/mbedtls/ecdsa.c\n- enhance dependancies for ECDSA_MBEDTLS\n- fix support of ecdsa521/secp521r1\n- add vboot test using ecdsa\n\nChanges in v3:\n- do not use _MBEDTLS in mbedtls_def_config.h\n- check returns and remove mem leak in lib/mbedtls/ecdsa.c\n- remove useless field *k in struct ecdsa_test_vector_s\n- check returns in test/lib/ecdsa.c\n- fix third parameter when calling sha*_csum_wd()\n- add support of ecdsa in pre-load header\n\nChanges in v4:\n- change some dependencies to enable ecc\n- use ECDSA_MBEDTLS to build the ecdsa driver\n- support ecdsa521 and secp521r1\n- add a test calling ecdsa_verify for the ecdsa class\n- merge patch 10 and 11 (support ecdsa pre-load for binman and tests)\n- several code cleanup\n\n\nPhilippe Reynes (14):\n mbedtls: enable support of ecc\n ecdsa: initial support of ecdsa using mbedtls\n test: lib: ecdsa: add initial test\n drivers: crypto: add software ecdsa support\n ecdsa: fix support of secp521r1\n test: dm: ecdsa.c: clean this test as software ecdsa is now\n implemented\n test: py: vboot: prepare integration test for ecdsa\n test: vboot: add test for ecdsa\n tools: mkimage: pre-load: add support of ecdsa\n tools: binman: pre-load: add support of ecdsa\n boot: pre-load: add support of ecdsa\n tools: preload_check_sign: add support of ecdsa\n test: py: vboot: prepare test for global signature with ecdsa\n test: py: vboot: add test for global signature with ecdsa\n\n boot/image-pre-load.c | 56 ++-\n configs/sandbox_defconfig | 1 +\n drivers/crypto/Makefile | 1 +\n drivers/crypto/ecdsa/Makefile | 6 +\n drivers/crypto/ecdsa/ecdsa-sw.c | 33 ++\n include/crypto/ecdsa-uclass.h | 15 +-\n include/crypto/internal/ecdsa.h | 28 ++\n include/u-boot/sha256.h | 2 +\n include/u-boot/sha512.h | 3 +\n lib/ecdsa/Kconfig | 1 +\n lib/ecdsa/ecdsa-libcrypto.c | 83 +++-\n lib/ecdsa/ecdsa-verify.c | 64 ++-\n lib/fdt-libcrypto.c | 2 +-\n lib/mbedtls/Kconfig | 14 +\n lib/mbedtls/Makefile | 20 +-\n lib/mbedtls/ecdsa.c | 146 ++++++\n lib/mbedtls/mbedtls_def_config.h | 17 +\n test/dm/ecdsa.c | 104 +++-\n test/lib/Makefile | 1 +\n test/lib/ecdsa.c | 453 ++++++++++++++++++\n test/py/tests/test_fit_ecdsa.py | 2 +-\n test/py/tests/test_vboot.py | 143 +++---\n .../tests/vboot/sandbox-binman-ecdsa256.dts | 24 +\n .../tests/vboot/sandbox-binman-ecdsa384.dts | 24 +\n .../tests/vboot/sandbox-binman-ecdsa521.dts | 24 +\n ...pss.dts => sandbox-binman-rsa2048-pss.dts} | 0\n ...-binman.dts => sandbox-binman-rsa2048.dts} | 0\n .../vboot/sandbox-u-boot-global-ecdsa256.dts | 27 ++\n .../vboot/sandbox-u-boot-global-ecdsa384.dts | 27 ++\n .../vboot/sandbox-u-boot-global-ecdsa521.dts | 27 ++\n ... => sandbox-u-boot-global-rsa2048-pss.dts} | 0\n ....dts => sandbox-u-boot-global-rsa2048.dts} | 0\n ....its => sign-configs-sha1-rsa2048-pss.its} | 0\n ...sha1.its => sign-configs-sha1-rsa2048.its} | 0\n .../vboot/sign-configs-sha256-ecdsa256.its | 45 ++\n .../vboot/sign-configs-sha256-ecdsa384.its | 45 ++\n .../vboot/sign-configs-sha256-ecdsa521.its | 45 ++\n ... sign-configs-sha256-rsa2048-pss-prod.its} | 0\n ...ts => sign-configs-sha256-rsa2048-pss.its} | 0\n ...56.its => sign-configs-sha256-rsa2048.its} | 0\n ...84.its => sign-configs-sha384-rsa3072.its} | 0\n ...s.its => sign-images-sha1-rsa2048-pss.its} | 0\n ...-sha1.its => sign-images-sha1-rsa2048.its} | 0\n .../vboot/sign-images-sha256-ecdsa256.its | 42 ++\n .../vboot/sign-images-sha256-ecdsa384.its | 42 ++\n .../vboot/sign-images-sha256-ecdsa521.its | 42 ++\n ...its => sign-images-sha256-rsa2048-pss.its} | 0\n ...256.its => sign-images-sha256-rsa2048.its} | 0\n ...384.its => sign-images-sha384-rsa3072.its} | 0\n tools/binman/etype/pre_load.py | 76 ++-\n tools/binman/ftest.py | 50 ++\n tools/binman/test/ecdsa521.pem | 7 +\n tools/binman/test/security/pre_load_ecdsa.dts | 22 +\n .../security/pre_load_ecdsa_invalid_algo.dts | 22 +\n .../security/pre_load_ecdsa_invalid_key.dts | 22 +\n .../security/pre_load_ecdsa_invalid_sha.dts | 22 +\n tools/image-host.c | 79 ++-\n tools/image-sig-host.c | 7 +\n tools/preload_check_sign.c | 29 ++\n 59 files changed, 1810 insertions(+), 135 deletions(-)\n create mode 100644 drivers/crypto/ecdsa/Makefile\n create mode 100644 drivers/crypto/ecdsa/ecdsa-sw.c\n create mode 100644 include/crypto/internal/ecdsa.h\n create mode 100644 lib/mbedtls/ecdsa.c\n create mode 100644 test/lib/ecdsa.c\n create mode 100644 test/py/tests/vboot/sandbox-binman-ecdsa256.dts\n create mode 100644 test/py/tests/vboot/sandbox-binman-ecdsa384.dts\n create mode 100644 test/py/tests/vboot/sandbox-binman-ecdsa521.dts\n rename test/py/tests/vboot/{sandbox-binman-pss.dts => sandbox-binman-rsa2048-pss.dts} (100%)\n rename test/py/tests/vboot/{sandbox-binman.dts => sandbox-binman-rsa2048.dts} (100%)\n create mode 100644 test/py/tests/vboot/sandbox-u-boot-global-ecdsa256.dts\n create mode 100644 test/py/tests/vboot/sandbox-u-boot-global-ecdsa384.dts\n create mode 100644 test/py/tests/vboot/sandbox-u-boot-global-ecdsa521.dts\n rename test/py/tests/vboot/{sandbox-u-boot-global-pss.dts => sandbox-u-boot-global-rsa2048-pss.dts} (100%)\n rename test/py/tests/vboot/{sandbox-u-boot-global.dts => sandbox-u-boot-global-rsa2048.dts} (100%)\n rename test/py/tests/vboot/{sign-configs-sha1-pss.its => sign-configs-sha1-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha1.its => sign-configs-sha1-rsa2048.its} (100%)\n create mode 100644 test/py/tests/vboot/sign-configs-sha256-ecdsa256.its\n create mode 100644 test/py/tests/vboot/sign-configs-sha256-ecdsa384.its\n create mode 100644 test/py/tests/vboot/sign-configs-sha256-ecdsa521.its\n rename test/py/tests/vboot/{sign-configs-sha256-pss-prod.its => sign-configs-sha256-rsa2048-pss-prod.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256-pss.its => sign-configs-sha256-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256.its => sign-configs-sha256-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha384.its => sign-configs-sha384-rsa3072.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha1-pss.its => sign-images-sha1-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha1.its => sign-images-sha1-rsa2048.its} (100%)\n create mode 100644 test/py/tests/vboot/sign-images-sha256-ecdsa256.its\n create mode 100644 test/py/tests/vboot/sign-images-sha256-ecdsa384.its\n create mode 100644 test/py/tests/vboot/sign-images-sha256-ecdsa521.its\n rename test/py/tests/vboot/{sign-images-sha256-pss.its => sign-images-sha256-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha256.its => sign-images-sha256-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha384.its => sign-images-sha384-rsa3072.its} (100%)\n create mode 100644 tools/binman/test/ecdsa521.pem\n create mode 100644 tools/binman/test/security/pre_load_ecdsa.dts\n create mode 100644 tools/binman/test/security/pre_load_ecdsa_invalid_algo.dts\n create mode 100644 tools/binman/test/security/pre_load_ecdsa_invalid_key.dts\n create mode 100644 tools/binman/test/security/pre_load_ecdsa_invalid_sha.dts" }