From patchwork Mon May 17 18:39:00 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Alex G." X-Patchwork-Id: 1479750 X-Patchwork-Delegate: patrice.chotard@st.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=OC8BXcfB; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FkSc92K6Lz9sWQ for ; Tue, 18 May 2021 04:40:09 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id EDA5782D1C; Mon, 17 May 2021 20:39:43 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="OC8BXcfB"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 94D2482CE2; Mon, 17 May 2021 20:39:19 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x335.google.com (mail-ot1-x335.google.com [IPv6:2607:f8b0:4864:20::335]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 8133A82CB6 for ; Mon, 17 May 2021 20:39:10 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=mr.nuke.me@gmail.com Received: by mail-ot1-x335.google.com with SMTP id u19-20020a0568302493b02902d61b0d29adso6411449ots.10 for ; Mon, 17 May 2021 11:39:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=0DwDeNL8oAEPe8haKuUamE65nQV8WYAPpyuUAbUv78w=; b=OC8BXcfBiFH89t3VBEnyRWGoSfGbJK89ZE+8Q+ggV3eji6fsOmDs3PwxvHPSsMifXI FJuJYk7QaWTkNfI4czqU2G75gksyxSuiekoGhx+BCY08uWHor8jonju2ulymSFI/Yh9w IxUcOcZKFuQg0QwrkhrpASK2kKDsnSapfaWlzlYZiz+05EwGAAXZpA5o1axNrYVSmb2V V47tHZ+uph9MqB3XwOKZz0eKpSnpEHBo/ydID71H0bkzF1Yz9d8/acaZRuCDLBe/Sn4O mc53845sBNvTCv+L5EbeKwuWiKn0Wg+HqQbRm6s1J7wFRtG/AFxfmZkAK5BrFCqi65QR M1qw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=0DwDeNL8oAEPe8haKuUamE65nQV8WYAPpyuUAbUv78w=; b=ALdpwpGvQsE0YKqeQpdZoPRHyS+nME6ZLOzVHTjbKKrtG3ok/yV8+xwcXV44wlbwZG AutUU2Ykx2+xCRN7bCwpoqAU2xeS77VWq35BEZRJCzTYXhVjJPcz5sDFHSLUJICtjYgi i4fpNP7JwEEJQP30VJIG2RwgyJpTAreIYL0URJ4zveOhMMSIw1EIbzlhvk7b0sgAdgHi x1+m6oQmm4yWEVYjroLGa/KH/ePzPYETnSGMowIYidjeZbLNfNLd/8x99wHw5Ih+KzDa n69q4a55rYC7y05vdRTmAmxxzHTVfXT3VGN7bH8uItVvZbIo7HeC8Ugmb7OEKiRjZBbA inqg== X-Gm-Message-State: AOAM533R1jB0Y4wfQPT30BuW7h4jpEjLgCDLXPnP/F5PAnIQmcnpX1aJ FqlAo/4apCTaq1IUkK13Tx0GgGgK47sRFQ== X-Google-Smtp-Source: ABdhPJx/pwC9Wi8VXEvbT0hyn/FcUpdPhpZsJz+OvnkZdKH733SfyLJ9xd0vgGEecHt9Z2hwyAQtRQ== X-Received: by 2002:a05:6830:18fb:: with SMTP id d27mr754489otf.235.1621276748872; Mon, 17 May 2021 11:39:08 -0700 (PDT) Received: from nuclearis3.lan (c-98-195-139-126.hsd1.tx.comcast.net. [98.195.139.126]) by smtp.gmail.com with ESMTPSA id f9sm1814532oig.31.2021.05.17.11.39.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 May 2021 11:39:08 -0700 (PDT) From: Alexandru Gagniuc To: u-boot@lists.denx.de, patrick.delaunay@foss.st.com Cc: Alexandru Gagniuc , trini@konsulko.com, sjg@chromium.org, etienne.carriere@linaro.org Subject: [PATCH v5 1/5] dm: crypto: Define UCLASS API for ECDSA signature verification Date: Mon, 17 May 2021 13:39:00 -0500 Message-Id: <20210517183904.853304-2-mr.nuke.me@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210517183904.853304-1-mr.nuke.me@gmail.com> References: <20210517183904.853304-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean Define a UCLASS API for verifying ECDSA signatures. Unlike UCLASS_MOD_EXP, which focuses strictly on modular exponentiation, the ECDSA class focuses on verification. This is done so that it better aligns with mach-specific implementations, such as stm32mp. Signed-off-by: Alexandru Gagniuc --- include/crypto/ecdsa-uclass.h | 39 +++++++++++++++++++++++++++++++++++ include/dm/uclass-id.h | 1 + 2 files changed, 40 insertions(+) create mode 100644 include/crypto/ecdsa-uclass.h diff --git a/include/crypto/ecdsa-uclass.h b/include/crypto/ecdsa-uclass.h new file mode 100644 index 0000000000..189843820a --- /dev/null +++ b/include/crypto/ecdsa-uclass.h @@ -0,0 +1,39 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright (c) 2020, Alexandru Gagniuc + */ + +#include + +/** + * struct ecdsa_public_key - ECDSA public key properties + * + * The struct has pointers to the (x, y) curve coordinates to an ECDSA public + * key, as well as the name of the ECDSA curve. The size of the key is inferred + * from the 'curve_name' + */ +struct ecdsa_public_key { + const char *curve_name; /* Name of curve, e.g. "prime256v1" */ + const void *x; /* x coordinate of public key */ + const void *y; /* y coordinate of public key */ + unsigned int size_bits; /* key size in bits, derived from curve name */ +}; + +struct ecdsa_ops { + /** + * Verify signature of hash against given public key + * + * @dev: ECDSA Device + * @pubkey: ECDSA public key + * @hash: Hash of binary image + * @hash_len: Length of hash in bytes + * @signature: Signature in a raw (R, S) point pair + * @sig_len: Length of signature in bytes + * + * This function verifies that the 'signature' of the given 'hash' was + * signed by the private key corresponding to 'pubkey'. + */ + int (*verify)(struct udevice *dev, const struct ecdsa_public_key *pubkey, + const void *hash, size_t hash_len, + const void *signature, size_t sig_len); +}; diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h index d800f679d5..2a32809669 100644 --- a/include/dm/uclass-id.h +++ b/include/dm/uclass-id.h @@ -47,6 +47,7 @@ enum uclass_id { UCLASS_DSI_HOST, /* Display Serial Interface host */ UCLASS_DMA, /* Direct Memory Access */ UCLASS_DSA, /* Distributed (Ethernet) Switch Architecture */ + UCLASS_ECDSA, /* Elliptic curve cryptographic device */ UCLASS_EFI, /* EFI managed devices */ UCLASS_ETH, /* Ethernet device */ UCLASS_ETH_PHY, /* Ethernet PHY device */ From patchwork Mon May 17 18:39:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Alex G." X-Patchwork-Id: 1479749 X-Patchwork-Delegate: patrice.chotard@st.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=tmEvh6DN; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FkSbt50j3z9sWQ for ; Tue, 18 May 2021 04:39:54 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 5602C82D05; Mon, 17 May 2021 20:39:40 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="tmEvh6DN"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 90CCC82CB6; Mon, 17 May 2021 20:39:20 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x334.google.com (mail-ot1-x334.google.com [IPv6:2607:f8b0:4864:20::334]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 8940C82CE6 for ; Mon, 17 May 2021 20:39:11 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=mr.nuke.me@gmail.com Received: by mail-ot1-x334.google.com with SMTP id d3-20020a9d29030000b029027e8019067fso6384654otb.13 for ; Mon, 17 May 2021 11:39:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=lclbMWHvDhL2ml/od287fDALFReuV86N8ZtuXoAlK3g=; b=tmEvh6DNFEzJLItM6AUbIrDk7DyBJKSP8QCyIGcE6ASU2Z0zOw3IXY9AeCJBGaInCT mgkHfR0vRXKGszVvNymreGsl/G47pFi+Qxh6zJ8a9Dy4Cm+BlTahvAgF5dQW237NlQz5 bVxzdcbI8JemtTRLeIPnhc38z90xQMAltp7fYAWqQZ2u9eQN9WRFVCiTLxKOb2wEAJn7 ZMC/WdqT0f+b+3uQDxm1ZW0ElIKqSjkO3hYAI0gxhe3Q1Ex4JOqw7wAG6splQffeFgHm IMfYySEQqZiTclOBE8NQ4sqUHedG6YwWcOCNEpPYmKllt+6UPhOJFOmmh1rqM6cOoYY0 7Unw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=lclbMWHvDhL2ml/od287fDALFReuV86N8ZtuXoAlK3g=; b=Hf7hyWSRvUFv74FBo+7HGxh9qMYAB4IC9PRnq47EN0gQzaUSA2wh7Q3uEzWUQHV3eK kkCsRRcXR3OXl62Bl+1YZ9gqsCjrUrtdDVfGEksDpbEewktuL5E473V8iHaAqFUhQtjY w3VEz91NtfNoxaN1Mwx7LU4kIfy+bTI1OT+3L2TZQHo5gypyGCJ4Fjevc5TORfia2TlS k1FYwHALBIzsHxuKHi/QhGiDDIJdpLfaePsFWBNCR42wuuNPIAvGPD+zp1u18gr2qaWg XY7T2i8AFEF3QMUgP86SCLN7GDSZ47zVUCKZufW55GfRzIz39JgJG9fiLvdlr/f7Qq+r GpbQ== X-Gm-Message-State: AOAM530fAVyiflyfY50hR1rnPTaMGdOOIaISlcZJVz6sAnLv/wGPOPhN 606lfo+7IxtrRSXoD0A0in5LbE80Zwlbcw== X-Google-Smtp-Source: ABdhPJyvngz8U5YGHUQD2p2jB7Qrpq5s6OL/I+J6MRIFiwjzB+NUKvQYIBt3Rv624fhcX4UIkHWcGA== X-Received: by 2002:a9d:7d12:: with SMTP id v18mr775811otn.221.1621276749762; Mon, 17 May 2021 11:39:09 -0700 (PDT) Received: from nuclearis3.lan (c-98-195-139-126.hsd1.tx.comcast.net. [98.195.139.126]) by smtp.gmail.com with ESMTPSA id f9sm1814532oig.31.2021.05.17.11.39.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 May 2021 11:39:09 -0700 (PDT) From: Alexandru Gagniuc To: u-boot@lists.denx.de, patrick.delaunay@foss.st.com Cc: Alexandru Gagniuc , trini@konsulko.com, sjg@chromium.org, etienne.carriere@linaro.org Subject: [PATCH v5 2/5] lib: ecdsa: Implement UCLASS_ECDSA verification on target Date: Mon, 17 May 2021 13:39:01 -0500 Message-Id: <20210517183904.853304-3-mr.nuke.me@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210517183904.853304-1-mr.nuke.me@gmail.com> References: <20210517183904.853304-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean Implement the crypto_algo .verify() function for ecdsa256. Because it backends on UCLASS_ECDSA, this change is focused on parsing the keys from devicetree and passing this information to the specific UCLASS driver. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- lib/Kconfig | 1 + lib/Makefile | 1 + lib/ecdsa/Kconfig | 23 +++++++ lib/ecdsa/Makefile | 1 + lib/ecdsa/ecdsa-verify.c | 134 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 160 insertions(+) create mode 100644 lib/ecdsa/Kconfig create mode 100644 lib/ecdsa/Makefile create mode 100644 lib/ecdsa/ecdsa-verify.c diff --git a/lib/Kconfig b/lib/Kconfig index 6d2d41de30..8719a51baa 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -295,6 +295,7 @@ config AES supported by the algorithm but only a 128-bit key is supported at present. +source lib/ecdsa/Kconfig source lib/rsa/Kconfig source lib/crypto/Kconfig diff --git a/lib/Makefile b/lib/Makefile index 6825671955..2c7c145a27 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -60,6 +60,7 @@ endif obj-$(CONFIG_$(SPL_)ACPIGEN) += acpi/ obj-$(CONFIG_$(SPL_)MD5) += md5.o +obj-$(CONFIG_ECDSA) += ecdsa/ obj-$(CONFIG_$(SPL_)RSA) += rsa/ obj-$(CONFIG_FIT_SIGNATURE) += hash-checksum.o obj-$(CONFIG_SHA1) += sha1.o diff --git a/lib/ecdsa/Kconfig b/lib/ecdsa/Kconfig new file mode 100644 index 0000000000..a95c4ff581 --- /dev/null +++ b/lib/ecdsa/Kconfig @@ -0,0 +1,23 @@ +config ECDSA + bool "Enable ECDSA support" + depends on DM + help + This enables the ECDSA (elliptic curve signature) algorithm for FIT + image verification in U-Boot. The ECDSA algorithm is implemented + using the driver model, so CONFIG_DM is required by this library. + See doc/uImage.FIT/signature.txt for more details. + ECDSA is enabled for mkimage regardless of this option. + +if ECDSA + +config ECDSA_VERIFY + bool "Enable ECDSA verification support in U-Boot." + help + Allow ECDSA signatures to be recognized and verified in U-Boot. + +config SPL_ECDSA_VERIFY + bool "Enable ECDSA verification support in SPL" + help + Allow ECDSA signatures to be recognized and verified in SPL. + +endif diff --git a/lib/ecdsa/Makefile b/lib/ecdsa/Makefile new file mode 100644 index 0000000000..771d6d3135 --- /dev/null +++ b/lib/ecdsa/Makefile @@ -0,0 +1 @@ +obj-$(CONFIG_$(SPL_)ECDSA_VERIFY) += ecdsa-verify.o diff --git a/lib/ecdsa/ecdsa-verify.c b/lib/ecdsa/ecdsa-verify.c new file mode 100644 index 0000000000..0601700c4f --- /dev/null +++ b/lib/ecdsa/ecdsa-verify.c @@ -0,0 +1,134 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * ECDSA signature verification for u-boot + * + * This implements the firmware-side wrapper for ECDSA verification. It bridges + * the struct crypto_algo API to the ECDSA uclass implementations. + * + * Copyright (c) 2020, Alexandru Gagniuc + */ + +#include +#include +#include + +/* + * Derive size of an ECDSA key from the curve name + * + * While it's possible to extract the key size by using string manipulation, + * use a list of known curves for the time being. + */ +static int ecdsa_key_size(const char *curve_name) +{ + if (!strcmp(curve_name, "prime256v1")) + return 256; + else + return 0; +} + +static int fdt_get_key(struct ecdsa_public_key *key, const void *fdt, int node) +{ + int x_len, y_len; + + key->curve_name = fdt_getprop(fdt, node, "ecdsa,curve", NULL); + key->size_bits = ecdsa_key_size(key->curve_name); + if (key->size_bits == 0) { + debug("Unknown ECDSA curve '%s'", key->curve_name); + return -EINVAL; + } + + key->x = fdt_getprop(fdt, node, "ecdsa,x-point", &x_len); + key->y = fdt_getprop(fdt, node, "ecdsa,y-point", &y_len); + + if (!key->x || !key->y) + return -EINVAL; + + if (x_len != (key->size_bits / 8) || y_len != (key->size_bits / 8)) { + printf("%s: node=%d, curve@%p x@%p+%i y@%p+%i\n", __func__, + node, key->curve_name, key->x, x_len, key->y, y_len); + return -EINVAL; + } + + return 0; +} + +static int ecdsa_verify_hash(struct udevice *dev, + const struct image_sign_info *info, + const void *hash, const void *sig, uint sig_len) +{ + const struct ecdsa_ops *ops = device_get_ops(dev); + const struct checksum_algo *algo = info->checksum; + struct ecdsa_public_key key; + int sig_node, key_node, ret; + + if (!ops || !ops->verify) + return -ENODEV; + + if (info->required_keynode > 0) { + ret = fdt_get_key(&key, info->fdt_blob, info->required_keynode); + if (ret < 0) + return ret; + + return ops->verify(dev, &key, hash, algo->checksum_len, + sig, sig_len); + } + + sig_node = fdt_subnode_offset(info->fdt_blob, 0, FIT_SIG_NODENAME); + if (sig_node < 0) + return -ENOENT; + + /* Try all possible keys under the "/signature" node */ + fdt_for_each_subnode(key_node, info->fdt_blob, sig_node) { + ret = fdt_get_key(&key, info->fdt_blob, key_node); + if (ret < 0) + continue; + + ret = ops->verify(dev, &key, hash, algo->checksum_len, + sig, sig_len); + + /* On success, don't worry about remaining keys */ + if (!ret) + return 0; + } + + return -EPERM; +} + +int ecdsa_verify(struct image_sign_info *info, + const struct image_region region[], int region_count, + uint8_t *sig, uint sig_len) +{ + const struct checksum_algo *algo = info->checksum; + uint8_t hash[algo->checksum_len]; + struct udevice *dev; + int ret; + + ret = uclass_first_device_err(UCLASS_ECDSA, &dev); + if (ret) { + debug("ECDSA: Could not find ECDSA implementation: %d\n", ret); + return ret; + } + + ret = algo->calculate(algo->name, region, region_count, hash); + if (ret < 0) + return -EINVAL; + + return ecdsa_verify_hash(dev, info, hash, sig, sig_len); +} + +U_BOOT_CRYPTO_ALGO(ecdsa) = { + .name = "ecdsa256", + .key_len = ECDSA256_BYTES, + .verify = ecdsa_verify, +}; + +/* + * uclass definition for ECDSA API + * + * We don't implement any wrappers around ecdsa_ops->verify() because it's + * trivial to call ops->verify(). + */ +UCLASS_DRIVER(ecdsa) = { + .id = UCLASS_ECDSA, + .name = "ecdsa_verifier", +}; From patchwork Mon May 17 18:39:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Alex G." X-Patchwork-Id: 1479748 X-Patchwork-Delegate: patrice.chotard@st.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=XwBDcv6n; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FkSbf4wvTz9sWl for ; Tue, 18 May 2021 04:39:42 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id F20CE82CE2; Mon, 17 May 2021 20:39:32 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="XwBDcv6n"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id E3CB082B8E; Mon, 17 May 2021 20:39:19 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x330.google.com (mail-ot1-x330.google.com [IPv6:2607:f8b0:4864:20::330]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 32DB882CB8 for ; Mon, 17 May 2021 20:39:12 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=mr.nuke.me@gmail.com Received: by mail-ot1-x330.google.com with SMTP id 69-20020a9d0a4b0000b02902ed42f141e1so6431465otg.2 for ; Mon, 17 May 2021 11:39:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ZgE3Zx6EE9rcTVaaHnGl9axWiGz3iPdOg1zGQhAWJQg=; b=XwBDcv6nuf2+qge2Bm46mBujUTHwj0XjRSMMwMQaEJWhPAt+QR30EEl0H4OZ0XUzhe nJVTr5Wu9RDd4DrNjGNcQeWmpy5NRWEFmzOzcuBJlgWHKVpzAW4mPk81CHCbHGYMJVpn dQ/x3EfyVoOF1zBjIniMDt3G60KxA7gcyAByf6ECopo0IRCAJLfe2fpusIrMCnGadyRW BtrWMahj2mIO9vq2IVlyyM9WcU4s8yIWoQO5/UVFX8L5W20/8pPoRtwjB/m3GlOsQzuh tizTCpBLvIXMeVwgDuU43FGT9bC1ipV7an3oXSYHOywJjsLfpGfQxXOfVf7JYGpSnZck ZZoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ZgE3Zx6EE9rcTVaaHnGl9axWiGz3iPdOg1zGQhAWJQg=; b=eVGJnmCBsOZ5HQnSbaEa1ci7GBh9bZ0lUaHAz6pBU72t7XPZl2BJHlutdu5BCsmASm tDNoa0kl4ZZi+DYY/Eg83pMkL65MOuXfOWLEAaVGz3N3CI/Fp5YT7kLpo4Av/A9fRVxD Cu9OeGMDbwwX5Mqo095wEUS799BqIYmRbKmUockHLrE+tT/z0jCLV7ktE2KaGi30iF3S IYuiMmSdUgHliHCOUJiihTgxKxCq/BWJfPL3Um9YGqdahTmRCyCj0KpwkjPgtsNLP8rq KA7k3ibdXwv2+fryt4L276bHAv0V4KhJYeGZR7pYazzfMx/hj1n/pf/pQ32MKkEyfbCS KmEQ== X-Gm-Message-State: AOAM533BrCtCZYWHVnWfjXh1sAocGcu+76AVG9SNWuRp53ckhh+fXYcI ATxM4RKzEIOKz7pK7UjhkzVtErkSfPW4Pw== X-Google-Smtp-Source: ABdhPJzzFpI2wY4lL1Emw71UPP5CvoVW3Xlc3sG1qqdj7uyq4+eUqlSsJIRpK5AvnS79xQXuhLMrpw== X-Received: by 2002:a9d:5a7:: with SMTP id 36mr769453otd.321.1621276750628; Mon, 17 May 2021 11:39:10 -0700 (PDT) Received: from nuclearis3.lan (c-98-195-139-126.hsd1.tx.comcast.net. [98.195.139.126]) by smtp.gmail.com with ESMTPSA id f9sm1814532oig.31.2021.05.17.11.39.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 May 2021 11:39:10 -0700 (PDT) From: Alexandru Gagniuc To: u-boot@lists.denx.de, patrick.delaunay@foss.st.com Cc: Alexandru Gagniuc , trini@konsulko.com, sjg@chromium.org, etienne.carriere@linaro.org Subject: [PATCH v5 3/5] arm: stm32mp1: Implement ECDSA signature verification Date: Mon, 17 May 2021 13:39:02 -0500 Message-Id: <20210517183904.853304-4-mr.nuke.me@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210517183904.853304-1-mr.nuke.me@gmail.com> References: <20210517183904.853304-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean The STM32MP ROM provides several service. One of them is the ability to verify ecdsa256 signatures. Hook the ROM API into the ECDSA uclass. Signed-off-by: Alexandru Gagniuc --- arch/arm/mach-stm32mp/Kconfig | 9 +++ arch/arm/mach-stm32mp/Makefile | 1 + arch/arm/mach-stm32mp/ecdsa_romapi.c | 102 +++++++++++++++++++++++++++ 3 files changed, 112 insertions(+) create mode 100644 arch/arm/mach-stm32mp/ecdsa_romapi.c diff --git a/arch/arm/mach-stm32mp/Kconfig b/arch/arm/mach-stm32mp/Kconfig index 7c25266f33..b47fbbb97b 100644 --- a/arch/arm/mach-stm32mp/Kconfig +++ b/arch/arm/mach-stm32mp/Kconfig @@ -172,6 +172,15 @@ config STM32_ETZPC help Say y to enable STM32 Extended TrustZone Protection +config STM32_ECDSA_VERIFY + bool "STM32 ECDSA verification via the ROM API" + depends on SPL_ECDSA_VERIFY + default y + help + Say y to enable the uclass driver for ECDSA verification using the + ROM API provided on STM32MP. + The ROM API is only available during SPL for now. + config CMD_STM32KEY bool "command stm32key to fuse public key hash" default y diff --git a/arch/arm/mach-stm32mp/Makefile b/arch/arm/mach-stm32mp/Makefile index aa39867080..0942092d8e 100644 --- a/arch/arm/mach-stm32mp/Makefile +++ b/arch/arm/mach-stm32mp/Makefile @@ -10,6 +10,7 @@ obj-y += bsec.o ifdef CONFIG_SPL_BUILD obj-y += spl.o +obj-$(CONFIG_STM32_ECDSA_VERIFY) += ecdsa_romapi.o else obj-y += cmd_stm32prog/ obj-$(CONFIG_CMD_STM32KEY) += cmd_stm32key.o diff --git a/arch/arm/mach-stm32mp/ecdsa_romapi.c b/arch/arm/mach-stm32mp/ecdsa_romapi.c new file mode 100644 index 0000000000..a2f63ff879 --- /dev/null +++ b/arch/arm/mach-stm32mp/ecdsa_romapi.c @@ -0,0 +1,102 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * STM32MP ECDSA verification via the ROM API + * + * Implements ECDSA signature verification via the STM32MP ROM. + */ +#include +#include +#include +#include +#include +#include +#include + +#define ROM_API_SUCCESS 0x77 +#define ROM_API_ECDSA_ALGO_PRIME_256V1 1 +#define ROM_API_ECDSA_ALGO_BRAINPOOL_256 2 + +#define ROM_API_OFFSET_ECDSA_VERIFY 0x60 + +struct ecdsa_rom_api { + uint32_t (*ecdsa_verify_signature)(const void *hash, const void *pubkey, + const void *signature, + uint32_t ecc_algo); +}; + +/* + * Without forcing the ".data" section, this would get saved in ".bss". BSS + * will be cleared soon after, so it's not suitable. + */ +static uintptr_t rom_api_loc __section(".data"); + +/* + * The ROM gives us the API location in r0 when starting. This is only available + * during SPL, as there isn't (yet) a mechanism to pass this on to u-boot. + */ +void save_boot_params(unsigned long r0, unsigned long r1, unsigned long r2, + unsigned long r3) +{ + rom_api_loc = r0; + save_boot_params_ret(); +} + +static void stm32mp_rom_get_ecdsa_functions(struct ecdsa_rom_api *rom) +{ + uintptr_t verify_ptr = rom_api_loc + ROM_API_OFFSET_ECDSA_VERIFY; + + rom->ecdsa_verify_signature = *(void **)verify_ptr; +} + +static int ecdsa_key_algo(const char *curve_name) +{ + if (!strcmp(curve_name, "prime256v1")) + return ROM_API_ECDSA_ALGO_PRIME_256V1; + else if (!strcmp(curve_name, "brainpool256")) + return ROM_API_ECDSA_ALGO_BRAINPOOL_256; + else + return -ENOPROTOOPT; +} + +static int romapi_ecdsa_verify(struct udevice *dev, + const struct ecdsa_public_key *pubkey, + const void *hash, size_t hash_len, + const void *signature, size_t sig_len) +{ + struct ecdsa_rom_api rom; + uint8_t raw_key[64]; + uint32_t rom_ret; + int algo; + + /* The ROM API can only handle 256-bit ECDSA keys. */ + if (sig_len != 64 || hash_len != 32 || pubkey->size_bits != 256) + return -EINVAL; + + algo = ecdsa_key_algo(pubkey->curve_name); + if (algo < 0) + return algo; + + /* The ROM API wants the (X, Y) coordinates concatenated. */ + memcpy(raw_key, pubkey->x, 32); + memcpy(raw_key + 32, pubkey->y, 32); + + stm32mp_rom_get_ecdsa_functions(&rom); + rom_ret = rom.ecdsa_verify_signature(hash, raw_key, signature, algo); + + return rom_ret == ROM_API_SUCCESS ? 0 : -EPERM; +} + +static const struct ecdsa_ops rom_api_ops = { + .verify = romapi_ecdsa_verify, +}; + +U_BOOT_DRIVER(stm32mp_rom_api_ecdsa) = { + .name = "stm32mp_rom_api_ecdsa", + .id = UCLASS_ECDSA, + .ops = &rom_api_ops, + .flags = DM_FLAG_PRE_RELOC, +}; + +U_BOOT_DRVINFO(stm32mp_rom_api_ecdsa) = { + .name = "stm32mp_rom_api_ecdsa", +}; From patchwork Mon May 17 18:39:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Alex G." X-Patchwork-Id: 1479752 X-Patchwork-Delegate: patrice.chotard@st.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=ot5ZYHO3; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FkScZ5MPvz9sWQ for ; Tue, 18 May 2021 04:40:30 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 46B9A82D47; Mon, 17 May 2021 20:39:58 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="ot5ZYHO3"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 55F1182CB8; Mon, 17 May 2021 20:39:24 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x334.google.com (mail-ot1-x334.google.com [IPv6:2607:f8b0:4864:20::334]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id BB7ED82CEE for ; Mon, 17 May 2021 20:39:17 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=mr.nuke.me@gmail.com Received: by mail-ot1-x334.google.com with SMTP id 69-20020a9d0a4b0000b02902ed42f141e1so6431717otg.2 for ; Mon, 17 May 2021 11:39:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=yEPfozgLW8Ul0dSrbIiKf6u2pM8RZAHDdfBtVydBWao=; b=ot5ZYHO3ZBpcZzjYR65OSAI2OPRO6+0VDkdi5Pt9g2+nKaf9+S91DmFiAeD7D8ZwMN fkr+SwIqX6OqfioNlhOto1coMeJi6w3CmabVJjPukmNhuu9o1R55PhGX8AlxVqg0fAgb hDiE8i2J1PEFYwOH4hINOv5/dWiz9yj2BVcCu6LV1I3UpAUY9A4k1N1fHtan2Iga1ZAk Hsiqi8Trf5Pc3T6wnJE6aIIvv69VDIPViWCvXSmxESSZ2COxWGvPrGb07P283DhcxIII G+tkY15EcNh7dyuImrfw4sAF8QkT/AqDkUb+743BaVovJ/W7yrKlAC+6Fj73iqXKpkkk wHeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=yEPfozgLW8Ul0dSrbIiKf6u2pM8RZAHDdfBtVydBWao=; b=Bi3nsE5cyCZocFaRY5CGqWVo7hYiMQbBL9v2R5vG7M83sZWt9kr7klD8dYHlvSKdrx DLULjmt1bD7/EXnGtjE8a4ZjOsSywzf/qWFr08EMUsOJiuUaJL9FMkxPyy15h13FOx81 NbrMcsINfRNn4Si6VYoN4pW3CjSOaxkJaZb3JzxjUuJJH4ucLZGmX7s4HdyvVrGyROKX F1Bfu9Wclokj66b8ygSxi1v3O90nU2Z2pinfnJJoS80ONfRZ4LW5Oz4Zt1elEk73Mxqe UolN/O+5W2B74cuX8EL6KF9zWB6nRCnGi5OrI4FHYJT1MbjYhsvbvYer+yNBsDq3TQH9 CgEQ== X-Gm-Message-State: AOAM531tXxjEabeCtgtpar9q3LvdFao0BL2Jm0U90SVNde4Rllv13VEn AEnQyH0m4+3nWlBVdipWbQuNB1q8kUOtJw== X-Google-Smtp-Source: ABdhPJxa4+lQAuiZBLuFS2HcG7MsyD5Doskv1xs0UL1/1MjA6FKUSYMjhqblpnTwHNsxL6cS95k9/g== X-Received: by 2002:a9d:58c1:: with SMTP id s1mr739221oth.361.1621276751503; Mon, 17 May 2021 11:39:11 -0700 (PDT) Received: from nuclearis3.lan (c-98-195-139-126.hsd1.tx.comcast.net. [98.195.139.126]) by smtp.gmail.com with ESMTPSA id f9sm1814532oig.31.2021.05.17.11.39.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 May 2021 11:39:10 -0700 (PDT) From: Alexandru Gagniuc To: u-boot@lists.denx.de, patrick.delaunay@foss.st.com Cc: Alexandru Gagniuc , trini@konsulko.com, sjg@chromium.org, etienne.carriere@linaro.org Subject: [PATCH v5 4/5] Kconfig: FIT_SIGNATURE should not select RSA_VERIFY Date: Mon, 17 May 2021 13:39:03 -0500 Message-Id: <20210517183904.853304-5-mr.nuke.me@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210517183904.853304-1-mr.nuke.me@gmail.com> References: <20210517183904.853304-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean FIT signatures can now be implemented with ECDSA. The assumption that all FIT images are signed with RSA is no longer valid. Thus, instead of 'select'ing RSA, only 'imply' it. This doesn't change the defaults, but allows one to explicitly disable RSA support. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass Reviewed-by: Igor Opaniuk --- common/Kconfig.boot | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/common/Kconfig.boot b/common/Kconfig.boot index 03a6e6f214..1527e3e600 100644 --- a/common/Kconfig.boot +++ b/common/Kconfig.boot @@ -76,8 +76,8 @@ config FIT_SIGNATURE bool "Enable signature verification of FIT uImages" depends on DM select HASH - select RSA - select RSA_VERIFY + imply RSA + imply RSA_VERIFY select IMAGE_SIGN_INFO select FIT_FULL_CHECK help @@ -186,8 +186,8 @@ config SPL_FIT_SIGNATURE select SPL_FIT select SPL_CRYPTO_SUPPORT select SPL_HASH_SUPPORT - select SPL_RSA - select SPL_RSA_VERIFY + imply SPL_RSA + imply SPL_RSA_VERIFY select SPL_IMAGE_SIGN_INFO select SPL_FIT_FULL_CHECK From patchwork Mon May 17 18:39:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Alex G." X-Patchwork-Id: 1479751 X-Patchwork-Delegate: patrice.chotard@st.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=VyVbOPZV; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FkScP4qPjz9sWc for ; Tue, 18 May 2021 04:40:18 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 309C082D3B; Mon, 17 May 2021 20:39:51 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="VyVbOPZV"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 4953D82CB8; Mon, 17 May 2021 20:39:21 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x333.google.com (mail-ot1-x333.google.com [IPv6:2607:f8b0:4864:20::333]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 85A0F82AB1 for ; Mon, 17 May 2021 20:39:13 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=mr.nuke.me@gmail.com Received: by mail-ot1-x333.google.com with SMTP id g15-20020a9d128f0000b02902a7d7a7bb6eso6404872otg.9 for ; Mon, 17 May 2021 11:39:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ROZ3pn96D1az0SAuyw/Oo0RBksXGKiwWgMc/WCvertE=; b=VyVbOPZVsUinKZWIJX6VdwSo/qfMXboBZ4lYVwuuZECzFrfpb3P/QfkzP2ur0LPh/l IGo5C5yIICys1k691n9M66LGlu84G7n6SZ657eMbntfY/HpetF7gVRqejYhd5f0bJDQt OtMNc4hpnh9i43qhaxn+HLz/ooQzHqdotD8ApgEXbwJ2LNXq+zZvAYkrZoRtu+XXGjNn EG/RPw8Q3BSiEp+dwVXUQnaVHl2Keo86k1BvmMRj3UA2F2z3Om3+dHXN146sZ5V8IgdH 9mSVD6O9+1Qr8sqRq0YcDo/k3q+6+msdph29aN0YrphbeYAFjdxb/96GxfvY6hiTsar2 BzNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ROZ3pn96D1az0SAuyw/Oo0RBksXGKiwWgMc/WCvertE=; b=BLFjqjqi3RfgAtupTPsc4VIT25EJFGEj+r+r4HUrIoCMvxhT7TtyWcpkOwYr0kbnXt i1Jlh/Qzog6WFbTXUcUhmFG0FlKgYfX2FE59ZIKwT8i7Jq5OBGEtcQkcuFyDy/rbeOtR u9h7nkJMd/GJTM7f8l09kFyV6MVf78Ar7a5tm+Wx4OtIuU7igBr3ELs621DDhFoa5zrj D181jPs0Vpso7YPo5BMGNo2rdbjCj4YiPeME+SKpPEmsDPr1m3w+GQviWH0degqKoONQ ijV7c0YWC9isdeYZCSvNv0qKpym+xjzoakdTJqlWyWzOFv8/fCVgW5fS+pjo9J2PvDsQ gb/Q== X-Gm-Message-State: AOAM531VWX9kJn+Ttgwo/nEoXLk6j11lqnm2Nyuw1cb+yknkMLhJCZPi tK13XykCXC2AgXs8nuOiwwAToaPRa6ruIw== X-Google-Smtp-Source: ABdhPJwIrAj/p3wtKUBjDairue2Q0pQngUXiRB2P/CDNgDHbji8BGwwJ3cIrUa8r6A7p/jUeLYI1AQ== X-Received: by 2002:a9d:5552:: with SMTP id h18mr843949oti.104.1621276752116; Mon, 17 May 2021 11:39:12 -0700 (PDT) Received: from nuclearis3.lan (c-98-195-139-126.hsd1.tx.comcast.net. [98.195.139.126]) by smtp.gmail.com with ESMTPSA id f9sm1814532oig.31.2021.05.17.11.39.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 May 2021 11:39:11 -0700 (PDT) From: Alexandru Gagniuc To: u-boot@lists.denx.de, patrick.delaunay@foss.st.com Cc: Alexandru Gagniuc , trini@konsulko.com, sjg@chromium.org, etienne.carriere@linaro.org Subject: [PATCH v5 5/5] test: dm: Add test for ECDSA UCLASS support Date: Mon, 17 May 2021 13:39:04 -0500 Message-Id: <20210517183904.853304-6-mr.nuke.me@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210517183904.853304-1-mr.nuke.me@gmail.com> References: <20210517183904.853304-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean This test verifies that ECDSA_UCLASS is implemented, and that ecdsa_verify() works as expected. The definition of "expected" is "does not find a device, and returns -ENODEV". The lack of a hardware-independent ECDSA implementation prevents us from having one in the sandbox, for now. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- configs/sandbox_defconfig | 2 ++ test/dm/Makefile | 1 + test/dm/ecdsa.c | 39 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 42 insertions(+) create mode 100644 test/dm/ecdsa.c diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig index 7b8603d1ef..e40bcb4b16 100644 --- a/configs/sandbox_defconfig +++ b/configs/sandbox_defconfig @@ -287,3 +287,5 @@ CONFIG_TEST_FDTDEC=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y +CONFIG_ECDSA=y +CONFIG_ECDSA_VERIFY=y diff --git a/test/dm/Makefile b/test/dm/Makefile index c9644617a1..3508aa1968 100644 --- a/test/dm/Makefile +++ b/test/dm/Makefile @@ -34,6 +34,7 @@ obj-$(CONFIG_DEVRES) += devres.o obj-$(CONFIG_DMA) += dma.o obj-$(CONFIG_VIDEO_MIPI_DSI) += dsi_host.o obj-$(CONFIG_DM_DSA) += dsa.o +obj-$(CONFIG_ECDSA_VERIFY) += ecdsa.o obj-$(CONFIG_DM_ETH) += eth.o ifneq ($(CONFIG_EFI_PARTITION),) obj-$(CONFIG_FASTBOOT_FLASH_MMC) += fastboot.o diff --git a/test/dm/ecdsa.c b/test/dm/ecdsa.c new file mode 100644 index 0000000000..9c0007b180 --- /dev/null +++ b/test/dm/ecdsa.c @@ -0,0 +1,39 @@ +// SPDX-License-Identifier: GPL-2.0-or-later + +#include +#include +#include +#include +#include + +/* + * Basic test of the ECDSA uclass and ecdsa_verify() + * + * ECDSA implementations in u-boot are hardware-dependent. Until we have a + * software implementation that can be compiled into the sandbox, all we can + * test is the uclass support. + * + * The uclass_get() test is redundant since ecdsa_verify() would also fail. We + * run both functions in order to isolate the cause more clearly. i.e. is + * ecdsa_verify() failing because the UCLASS is absent/broken? + */ +static int dm_test_ecdsa_verify(struct unit_test_state *uts) +{ + const struct ecdsa_ops *ops; + struct uclass *ucp; + + const struct checksum_algo algo = { + .checksum_len = 256, + }; + + struct image_sign_info info = { + .checksum = &algo, + }; + + ut_assertok(uclass_get(UCLASS_ECDSA, &ucp)); + ut_assertnonnull(ucp); + ut_asserteq(-ENODEV, ecdsa_verify(&info, NULL, 0, NULL, 0)); + + return 0; +} +DM_TEST(dm_test_ecdsa_verify, UT_TESTF_SCAN_PDATA | UT_TESTF_SCAN_FDT);