Cover Letter Detail
Show a cover letter.
GET /api/covers/2225955/?format=api
{ "id": 2225955, "url": "http://patchwork.ozlabs.org/api/covers/2225955/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/cover/20260421210954.1170437-1-philippe.reynes@softathome.com/", "project": { "id": 18, "url": "http://patchwork.ozlabs.org/api/projects/18/?format=api", "name": "U-Boot", "link_name": "uboot", "list_id": "u-boot.lists.denx.de", "list_email": "u-boot@lists.denx.de", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260421210954.1170437-1-philippe.reynes@softathome.com>", "list_archive_url": null, "date": "2026-04-21T21:09:39", "name": "[v5,00/15] add software ecdsa support", "submitter": { "id": 74351, "url": "http://patchwork.ozlabs.org/api/people/74351/?format=api", "name": "Philippe Reynes", "email": "philippe.reynes@softathome.com" }, "mbox": "http://patchwork.ozlabs.org/project/uboot/cover/20260421210954.1170437-1-philippe.reynes@softathome.com/mbox/", "series": [ { "id": 500895, "url": "http://patchwork.ozlabs.org/api/series/500895/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/list/?series=500895", "date": "2026-04-21T21:09:51", "name": "add software ecdsa support", "version": 5, "mbox": "http://patchwork.ozlabs.org/series/500895/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/covers/2225955/comments/", "headers": { "Return-Path": "<u-boot-bounces@lists.denx.de>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.a=rsa-sha256 header.s=selector1-softathome1-onmicrosoft-com\n header.b=F8OXYeqa;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=85.214.62.61; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)", "phobos.denx.de;\n dmarc=none (p=none dis=none) header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de", "phobos.denx.de;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.b=\"F8OXYeqa\";\n\tdkim-atps=neutral", "phobos.denx.de; dmarc=none (p=none dis=none)\n header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=philippe.reynes@softathome.com" ], "Received": [ "from phobos.denx.de (phobos.denx.de [85.214.62.61])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g0ZmF1hLfz1yGs\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 22 Apr 2026 07:11:41 +1000 (AEST)", "from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id 015FC84353;\n\tTue, 21 Apr 2026 23:10:29 +0200 (CEST)", "by phobos.denx.de (Postfix, from userid 109)\n id 2CDE1842B7; Tue, 21 Apr 2026 23:10:18 +0200 (CEST)", "from PAUP264CU001.outbound.protection.outlook.com\n (mail-francecentralazlp170110002.outbound.protection.outlook.com\n [IPv6:2a01:111:f403:c20a::2])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id 311F9842BF\n for <u-boot@lists.denx.de>; Tue, 21 Apr 2026 23:10:03 +0200 (CEST)", "from PR1P264CA0045.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:2cb::9)\n by MR1PPFBA07BFAE9.FRAP264.PROD.OUTLOOK.COM (2603:10a6:508:1::684) with\n Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9846.17; Tue, 21 Apr\n 2026 21:09:57 +0000", "from PA3PEPF000089B8.FRAP264.PROD.OUTLOOK.COM\n (2603:10a6:102:2cb:cafe::ab) by PR1P264CA0045.outlook.office365.com\n (2603:10a6:102:2cb::9) with Microsoft SMTP Server (version=TLS1_3,\n cipher=TLS_AES_256_GCM_SHA384) id 15.20.9791.48 via Frontend Transport; Tue,\n 21 Apr 2026 21:09:57 +0000", "from proxy.softathome.com (149.6.166.170) by\n PA3PEPF000089B8.mail.protection.outlook.com (10.167.242.20) with Microsoft\n SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9846.18\n via Frontend Transport; Tue, 21 Apr 2026 21:09:56 +0000", "from sah1lpt726.softathome.com (unknown [192.168.72.32])\n by proxy.softathome.com (Postfix) with ESMTPSA id A161D202C3;\n Tue, 21 Apr 2026 23:09:56 +0200 (CEST)" ], "X-Spam-Checker-Version": "SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de", "X-Spam-Level": "", "X-Spam-Status": "No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,\n DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_PASS,SPF_PASS autolearn=ham\n autolearn_force=no version=3.4.2", "ARC-Seal": "i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;\n b=LgwBc1d9XTZhn4bAl/Rp3uG16u0jsZ5cGnAsls9qeIkaGYpWrz6RVqanRjF9pR4SlBJBt9XnGMfQeeH/dVS2yOtrd0YwFqncnGqqBlj4syOcPDwyLy11tQ9Afd20ZnlcRsgLXXiDOdEpSyROtioT8t0boXXu7ffa4x+W8dF1NANtdRigEhK1Z7G8wQGsYgZIRDDP1cdNWtPSjbdasUpT5ULm+F276euNVqyPWhagM4Sreynos8AIyTDSClM81KGR/u2Wtwnq9byYJ4ut312T2GyiDiIScAkU7nFX96MM/d6b7a2F9M5CDLsfUZhnX6dLbmSwfTriI30vUfyuNHhaeg==", "ARC-Message-Signature": "i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;\n s=arcselector10001;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;\n bh=C9+nwOWr2hu/uZXK0FgkREIrjNAc9OOwdA8md2bzlVc=;\n b=cEW65kjSAeRDc3Rpa81oEl9YZ7Qn3HB+dahwxiR92lGRdj9YuwzL7AfogB2a1sPUHmsfk8G23pzB/SKl5N/CxPFj/mp1EGrrENf3ic/zjQInSsqY1UvU3AupSN034rMATjBRel1l+RD9HLRLy202ybJ5RNZTNMfSMB7yBUTu+KRd3sCN0YVU6hl1OGSgpNJUtnuOMLg5iPhTGlVWiXDbymkPsc39nYdES8CR1S+na+sUsG5Ccni8YQRUzYeSN4T+CRj642LhrgJax4jSttJVRZQJjPLvHhieRvckPDi+Bm9jA8DbRjmXxRPDSgwq37Q8aGjDoh1GOSO0kKcpVZa69w==", "ARC-Authentication-Results": "i=1; mx.microsoft.com 1; spf=pass (sender ip is\n 149.6.166.170) smtp.rcpttodomain=canonical.com smtp.mailfrom=softathome.com;\n dmarc=bestguesspass action=none header.from=softathome.com; dkim=none\n (message not signed); arc=none (0)", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=softathome1.onmicrosoft.com; s=selector1-softathome1-onmicrosoft-com;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;\n bh=C9+nwOWr2hu/uZXK0FgkREIrjNAc9OOwdA8md2bzlVc=;\n b=F8OXYeqaEwtACsdOkeGheDwhxeS8r3QB9HQAs+voTSAlgdCT5ddVmDZLMIRaAsXVWDLd31izibRw/a1WqiX0IGzyx7nn/RgSr91TfzrfzSG3oq34vrShDR+LXXO7ly5zRwMVLEt3fzKkR2KZHlVQY35qvNohHzltJsNw24TIn18QfPoBd5+qho2hYDHHZaWqEJLBpezXFIEr21UovB63tklmqphIc7nq4z082cGSJWcrKm0e0Qc/NhNJDF3hVYKK07vLVr7ounbsoaZeE1aZkeqPG2g0sUv9uphb/JO1wrpmdTFDmSlLgpx+ynpjwmvJ/ogkBoxHZUC9152MH5QF4w==", "X-MS-Exchange-Authentication-Results": "spf=pass (sender IP is 149.6.166.170)\n smtp.mailfrom=softathome.com; dkim=none (message not signed)\n header.d=none;dmarc=bestguesspass action=none header.from=softathome.com;", "Received-SPF": "Pass (protection.outlook.com: domain of softathome.com\n designates 149.6.166.170 as permitted sender)\n receiver=protection.outlook.com; client-ip=149.6.166.170;\n helo=proxy.softathome.com; pr=C", "From": "Philippe Reynes <philippe.reynes@softathome.com>", "To": "marko.makela@iki.fi, jonny.green@keytechinc.com, raymondmaoca@gmail.com,\n trini@konsulko.com, simon.glass@canonical.com", "Cc": "u-boot@lists.denx.de,\n\tPhilippe Reynes <philippe.reynes@softathome.com>", "Subject": "[PATCH v5 00/15] add software ecdsa support", "Date": "Tue, 21 Apr 2026 23:09:39 +0200", "Message-ID": "<20260421210954.1170437-1-philippe.reynes@softathome.com>", "X-Mailer": "git-send-email 2.43.0", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-EOPAttributedMessage": "0", "X-MS-PublicTrafficType": "Email", "X-MS-TrafficTypeDiagnostic": "PA3PEPF000089B8:EE_|MR1PPFBA07BFAE9:EE_", "Content-Type": "text/plain", "X-MS-Office365-Filtering-Correlation-Id": "3617829a-c63b-46be-bca4-08de9fea5748", "X-MS-Exchange-SenderADCheck": "1", "X-MS-Exchange-AntiSpam-Relay": "0", "X-Microsoft-Antispam": "BCL:0;\n ARA:13230040|36860700016|1800799024|376014|82310400026|18002099003|56012099003;", "X-Microsoft-Antispam-Message-Info": "\n BT1kCMEvML/EGI8hmsahrivxCLfvsBsrHcqKohAfJuuE5rgDpKdGMArIvLHeVHJZA0tqHPeMT3Ccq3L/6igXuFutgrpd9E7D9+kMopiSwOjbOcdmOIaVPhaHchvAq8PFzZh8E9uatvvCgVpdYtFurcUaBTtXxYV7CBZe/QR4xde593NkFy517MUciDwnu9CyDKaSepdkKYNSCXDbzuc8Ie/k1LR6ivUXtl+q90xM0xqvbFSbq9eWGU/JOtzCAuXPdrOJuK1OsVRHHCwl8OLKyt2CseIRVJyyDKWe313ETk943XK+xBkEWplair2aHN1DjlDpvF00LX4Y9S9h2wAWbW5aDx0swtO+G58dwupBocp0bZRzJHNDOo2BBVqgEmLQO0Y/TzYe2FVGYIZmBtsYCePU0xpr70iA9pfvqUlI5TUwphnIP1Lpf7RX8wcD9JFwp/XfGyO5VHlsT7V/KUP6+4OWzOlUT0FneZhOXdZVAJB6jrN7QQNag7qMApVpOKDFbdNVE9GqclfvebjhW+wSW44h5Uwhfvh+ELzzARZphSbRVg6vVUeaDSPKN9CQfQG++EeIyM8SMwQXdphE9/w5gMXXFueY59d8Rqv8MjkNvSOmPpSobrmewzQeBQdL+SbjjyUV7XRlKw0AHL+MaOaATcduAJRQg2S3cCtaI+envhvMqYtpvU4ZV0tJghBvY6jEH5SW1qAwdRR3bQl5FzW31shRGLvKzCLIYJkGXSvneQLxAup869DyYEH/dQljpFN6KbpRbaC9gDWmRSxtxU8cCA==", "X-Forefront-Antispam-Report": "CIP:149.6.166.170; CTRY:FR; LANG:en; SCL:1; SRV:;\n IPV:CAL; SFV:NSPM; H:proxy.softathome.com; PTR:InfoDomainNonexistent;\n CAT:NONE;\n SFS:(13230040)(36860700016)(1800799024)(376014)(82310400026)(18002099003)(56012099003);\n DIR:OUT; SFP:1101;", "X-MS-Exchange-AntiSpam-MessageData-ChunkCount": "1", "X-MS-Exchange-AntiSpam-MessageData-0": "\n BhQnXFQmBmOPiMvIkhh2AU93BWZAus36Q9rBTGj0hTJTjQk7O2HY3Zmeq6MhnW9qWinGu3j5qX09VYxnqtQ1cotG34uJnIjgLm7/Fh8OfjH7M7DQccJ3xD2nzSmHCMzuTFFtQsBLSzh9dxb1b7YYamBePYU24n7USssvmrNF8WJdTu8ksUr1TqKlUpQ2A0MHLz4cW0qhyhvsumye9YpCtOHk5BXdzM5mH2wUuDJGsp75gFfkpJPnXERY/QwN9rYGSnnW3Cm10xfnasiZ/QCDfJ2G6khzWARjbZZvDLH4AOIw3tzhSuiI5LdJa1VMkdNxg/SNzqqOWm9ENCn8ck2hex11upjlhfzixsttcqRVBok7L1luS5y0QIfzUDDbCKNHQLGVmnEES+sxscmQdazkwAkXasO7e+eL5XdSvrtK/yOQOerhG8v3alpxwww2Vc4o", "X-OriginatorOrg": "softathome.com", "X-MS-Exchange-CrossTenant-OriginalArrivalTime": "21 Apr 2026 21:09:56.8259 (UTC)", "X-MS-Exchange-CrossTenant-Network-Message-Id": "\n 3617829a-c63b-46be-bca4-08de9fea5748", "X-MS-Exchange-CrossTenant-Id": "aa10e044-e405-4c10-8353-36b4d0cce511", "X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp": "\n TenantId=aa10e044-e405-4c10-8353-36b4d0cce511; Ip=[149.6.166.170];\n Helo=[proxy.softathome.com]", "X-MS-Exchange-CrossTenant-AuthSource": "PA3PEPF000089B8.FRAP264.PROD.OUTLOOK.COM", "X-MS-Exchange-CrossTenant-AuthAs": "Anonymous", "X-MS-Exchange-CrossTenant-FromEntityHeader": "HybridOnPrem", "X-MS-Exchange-Transport-CrossTenantHeadersStamped": "MR1PPFBA07BFAE9", "X-BeenThere": "u-boot@lists.denx.de", "X-Mailman-Version": "2.1.39", "Precedence": "list", "List-Id": "U-Boot discussion <u-boot.lists.denx.de>", "List-Unsubscribe": "<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>", "List-Archive": "<https://lists.denx.de/pipermail/u-boot/>", "List-Post": "<mailto:u-boot@lists.denx.de>", "List-Help": "<mailto:u-boot-request@lists.denx.de?subject=help>", "List-Subscribe": "<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>", "Errors-To": "u-boot-bounces@lists.denx.de", "Sender": "\"U-Boot\" <u-boot-bounces@lists.denx.de>", "X-Virus-Scanned": "clamav-milter 0.103.8 at phobos.denx.de", "X-Virus-Status": "Clean" }, "content": "This series adds the support of ecdsa with software\nusing mbedtls. So boards without ecdsa hardware may\nalso use signature with ecdsa.\n\nTo add the support of ecdsa with mbedtls, I have:\n- enabled ecdsa in mbedtls\n- add a function sw_ecdsa_verify that uses mbedtls\n- add a driver sw_ecdsa that call sw_ecdsa_verify\n\nI have tested this code with sandbox, and I have\nfollowed those steps:\n\n0) build u-boot using sandbox_defconfig and adding those options:\n\nCONFIG_ECDSA_MBEDTLS=y\nCONFIG_ECDSA=y\nCONFIG_ECDSA_VERIFY=y\n\n1) add a signature node to an its file\n\tsignature-256 {\n\t\talgo = \"sha256,ecdsa256\";\n\t\tkey-name-hint = \"private-key-256\";\n\t};\n\n2) generate an ecdsa key\nopenssl ecparam -name prime256v1 -genkey -noout -out private-key-256.pem\n\n3) create the itb file\n./tools/mkimage -f <file.its> -k . -K arch/sandbox/dts/test.dtb <file.itb>\n\n4) launch sandbox u-boot\n\n./u-boot -d arch/sandbox/dts/test.dtb\n\n5) on sandbox u-boot prompt, load the itb and launch bootm on it\n\n=> host load hostfs - 1000000 uboot-ecdsa.itb\n4628674 bytes read in 1 ms (4.3 GiB/s)\n=> bootm 1000000\n...\n...\n Verifying Hash Integrity ... sha256,ecdsa256:private-key-256+ OK\n\n\n\n\n\nChanges in v2:\n- move ECDSA_MBEDTLS to MBEDTLS_LIB_X509\n- rename lib/mbedtls/sw_ecdsa.c to lib/mbedtls/ecdsa.c\n- enhance dependancies for ECDSA_MBEDTLS\n- fix support of ecdsa521/secp521r1\n- add vboot test using ecdsa\n\nChanges in v3:\n- do not use _MBEDTLS in mbedtls_def_config.h\n- check returns and remove mem leak in lib/mbedtls/ecdsa.c\n- remove useless field *k in struct ecdsa_test_vector_s\n- check returns in test/lib/ecdsa.c\n- fix third parameter when calling sha*_csum_wd()\n- add support of ecdsa in pre-load header\n\nChanges in v4:\n- change some dependencies to enable ecc\n- use ECDSA_MBEDTLS to build the ecdsa driver\n- support ecdsa521 and secp521r1\n- add a test calling ecdsa_verify for the ecdsa class\n- merge patch 10 and 11 (support ecdsa pre-load for binman and tests)\n- several code cleanup\n\nChange in v5:\n- fix ecdsa 521 in the first patch (instead of the 5th patch)\n- mbedtls: ecdsa is only compiled when ECDSA_MBEDTLS is enabled\n- fit_image_setup_sig: required_keynode is initiazed to -1 instead of 0\n- avoid hardcoded value for ecdsa sig and point size\n- check pointer before using them\n- free ecdsa keys when key are not found/used\n\n\nPhilippe Reynes (15):\n ecdsa: fix support of secp521r1\n mbedtls: enable support of ecc\n ecdsa: initial support of ecdsa using mbedtls\n test: lib: ecdsa: add initial test\n drivers: crypto: add software ecdsa support\n test: dm: ecdsa.c: clean this test as software ecdsa is now\n implemented\n test: py: vboot: prepare integration test for ecdsa\n test: vboot: add test for ecdsa\n tools: fit_image_setup_sig: set required_keynode to -1\n tools: mkimage: pre-load: add support of ecdsa\n tools: binman: pre-load: add support of ecdsa\n boot: pre-load: add support of ecdsa\n tools: preload_check_sign: add support of ecdsa\n test: py: vboot: prepare test for global signature with ecdsa\n test: py: vboot: add test for global signature with ecdsa\n\n boot/image-pre-load.c | 53 +-\n configs/amd_versal2_virt_defconfig | 3 +\n configs/qemu_arm64_lwip_defconfig | 3 +\n configs/sandbox_defconfig | 1 +\n configs/starfive_visionfive2_defconfig | 3 +\n configs/xilinx_versal_net_virt_defconfig | 3 +\n configs/xilinx_versal_virt_defconfig | 3 +\n configs/xilinx_zynqmp_kria_defconfig | 3 +\n configs/xilinx_zynqmp_virt_defconfig | 3 +\n drivers/crypto/Makefile | 1 +\n drivers/crypto/ecdsa/Makefile | 6 +\n drivers/crypto/ecdsa/ecdsa-sw.c | 33 ++\n include/crypto/ecdsa-uclass.h | 15 +-\n include/crypto/internal/ecdsa.h | 39 ++\n lib/ecdsa/Kconfig | 1 +\n lib/ecdsa/ecdsa-libcrypto.c | 92 +++-\n lib/ecdsa/ecdsa-verify.c | 75 ++-\n lib/fdt-libcrypto.c | 2 +-\n lib/mbedtls/Kconfig | 14 +\n lib/mbedtls/Makefile | 19 +-\n lib/mbedtls/ecdsa.c | 146 ++++++\n lib/mbedtls/mbedtls_def_config.h | 17 +\n test/dm/ecdsa.c | 107 +++-\n test/lib/Makefile | 1 +\n test/lib/ecdsa.c | 456 ++++++++++++++++++\n test/py/tests/test_fit_ecdsa.py | 2 +-\n test/py/tests/test_vboot.py | 143 +++---\n .../tests/vboot/sandbox-binman-ecdsa256.dts | 24 +\n .../tests/vboot/sandbox-binman-ecdsa384.dts | 24 +\n .../tests/vboot/sandbox-binman-ecdsa521.dts | 24 +\n ...pss.dts => sandbox-binman-rsa2048-pss.dts} | 0\n ...-binman.dts => sandbox-binman-rsa2048.dts} | 0\n .../vboot/sandbox-u-boot-global-ecdsa256.dts | 27 ++\n .../vboot/sandbox-u-boot-global-ecdsa384.dts | 27 ++\n .../vboot/sandbox-u-boot-global-ecdsa521.dts | 27 ++\n ... => sandbox-u-boot-global-rsa2048-pss.dts} | 0\n ....dts => sandbox-u-boot-global-rsa2048.dts} | 0\n ....its => sign-configs-sha1-rsa2048-pss.its} | 0\n ...sha1.its => sign-configs-sha1-rsa2048.its} | 0\n .../vboot/sign-configs-sha256-ecdsa256.its | 45 ++\n .../vboot/sign-configs-sha256-ecdsa384.its | 45 ++\n .../vboot/sign-configs-sha256-ecdsa521.its | 45 ++\n ... sign-configs-sha256-rsa2048-pss-prod.its} | 0\n ...ts => sign-configs-sha256-rsa2048-pss.its} | 0\n ...56.its => sign-configs-sha256-rsa2048.its} | 0\n ...84.its => sign-configs-sha384-rsa3072.its} | 0\n ...s.its => sign-images-sha1-rsa2048-pss.its} | 0\n ...-sha1.its => sign-images-sha1-rsa2048.its} | 0\n .../vboot/sign-images-sha256-ecdsa256.its | 42 ++\n .../vboot/sign-images-sha256-ecdsa384.its | 42 ++\n .../vboot/sign-images-sha256-ecdsa521.its | 42 ++\n ...its => sign-images-sha256-rsa2048-pss.its} | 0\n ...256.its => sign-images-sha256-rsa2048.its} | 0\n ...384.its => sign-images-sha384-rsa3072.its} | 0\n tools/binman/etype/pre_load.py | 78 ++-\n tools/binman/ftest.py | 52 ++\n tools/binman/test/ecdsa521.pem | 7 +\n tools/binman/test/security/pre_load_ecdsa.dts | 22 +\n .../security/pre_load_ecdsa_invalid_algo.dts | 22 +\n .../security/pre_load_ecdsa_invalid_key.dts | 22 +\n .../security/pre_load_ecdsa_invalid_sha.dts | 22 +\n tools/image-host.c | 93 +++-\n tools/image-sig-host.c | 7 +\n tools/preload_check_sign.c | 30 ++\n 64 files changed, 1877 insertions(+), 136 deletions(-)\n create mode 100644 drivers/crypto/ecdsa/Makefile\n create mode 100644 drivers/crypto/ecdsa/ecdsa-sw.c\n create mode 100644 include/crypto/internal/ecdsa.h\n create mode 100644 lib/mbedtls/ecdsa.c\n create mode 100644 test/lib/ecdsa.c\n create mode 100644 test/py/tests/vboot/sandbox-binman-ecdsa256.dts\n create mode 100644 test/py/tests/vboot/sandbox-binman-ecdsa384.dts\n create mode 100644 test/py/tests/vboot/sandbox-binman-ecdsa521.dts\n rename test/py/tests/vboot/{sandbox-binman-pss.dts => sandbox-binman-rsa2048-pss.dts} (100%)\n rename test/py/tests/vboot/{sandbox-binman.dts => sandbox-binman-rsa2048.dts} (100%)\n create mode 100644 test/py/tests/vboot/sandbox-u-boot-global-ecdsa256.dts\n create mode 100644 test/py/tests/vboot/sandbox-u-boot-global-ecdsa384.dts\n create mode 100644 test/py/tests/vboot/sandbox-u-boot-global-ecdsa521.dts\n rename test/py/tests/vboot/{sandbox-u-boot-global-pss.dts => sandbox-u-boot-global-rsa2048-pss.dts} (100%)\n rename test/py/tests/vboot/{sandbox-u-boot-global.dts => sandbox-u-boot-global-rsa2048.dts} (100%)\n rename test/py/tests/vboot/{sign-configs-sha1-pss.its => sign-configs-sha1-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha1.its => sign-configs-sha1-rsa2048.its} (100%)\n create mode 100644 test/py/tests/vboot/sign-configs-sha256-ecdsa256.its\n create mode 100644 test/py/tests/vboot/sign-configs-sha256-ecdsa384.its\n create mode 100644 test/py/tests/vboot/sign-configs-sha256-ecdsa521.its\n rename test/py/tests/vboot/{sign-configs-sha256-pss-prod.its => sign-configs-sha256-rsa2048-pss-prod.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256-pss.its => sign-configs-sha256-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256.its => sign-configs-sha256-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha384.its => sign-configs-sha384-rsa3072.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha1-pss.its => sign-images-sha1-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha1.its => sign-images-sha1-rsa2048.its} (100%)\n create mode 100644 test/py/tests/vboot/sign-images-sha256-ecdsa256.its\n create mode 100644 test/py/tests/vboot/sign-images-sha256-ecdsa384.its\n create mode 100644 test/py/tests/vboot/sign-images-sha256-ecdsa521.its\n rename test/py/tests/vboot/{sign-images-sha256-pss.its => sign-images-sha256-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha256.its => sign-images-sha256-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha384.its => sign-images-sha384-rsa3072.its} (100%)\n create mode 100644 tools/binman/test/ecdsa521.pem\n create mode 100644 tools/binman/test/security/pre_load_ecdsa.dts\n create mode 100644 tools/binman/test/security/pre_load_ecdsa_invalid_algo.dts\n create mode 100644 tools/binman/test/security/pre_load_ecdsa_invalid_key.dts\n create mode 100644 tools/binman/test/security/pre_load_ecdsa_invalid_sha.dts" }