Message ID | 20191121001121.21854-3-takahiro.akashi@linaro.org |
---|---|
State | Changes Requested |
Delegated to: | Tom Rini |
Headers | show |
Series | rsa: extend rsa_verify() for UEFI secure boot | expand |
On 11/21/19 1:11 AM, AKASHI Takahiro wrote: > In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, > rsa_verify() will be extended to be able to perform RSA decryption without > additional RSA key properties from FIT image, i.e. rr and n0inv. > > Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> > Reviewed-by: Simon Glass <sjg@chromium.org> The patch series does not build for some configurations. > --- > lib/rsa/Kconfig | 14 ++++++++++++++ > 1 file changed, 14 insertions(+) > > diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig > index 03ffa2969048..71e4c06bf883 100644 > --- a/lib/rsa/Kconfig > +++ b/lib/rsa/Kconfig > @@ -30,6 +30,20 @@ config RSA_VERIFY > help > Add RSA signature verification support. > > +config RSA_VERIFY_WITH_PKEY For CONFIG_RSA_VERIFY_WITH_PKEY=y and CONFIG_RSA_PUBLIC_KEY_PARSER=n I get an error: lib/rsa/rsa-keyprop.c:669: undefined reference to `rsa_parse_pub_key' RSA_PUBLIC_KEY_PARSER depends on ASYMMETRIC_KEY_TYPE [=n] && ASYMMETRIC_PUBLIC_KEY_SUBTYPE [=n] Please, fix the dependencies. Best regards Heinrich > + bool "Execute RSA verification without key parameters from FDT" > + depends on RSA > + help > + The standard RSA-signature verification code (FIT_SIGNATURE) uses > + pre-calculated key properties, that are stored in fdt blob, in > + decrypting a signature. > + This does not suit the use case where there is no way defined to > + provide such additional key properties in standardized form, > + particularly UEFI secure boot. > + This options enables RSA signature verification with a public key > + directly specified in image_sign_info, where all the necessary > + key properties will be calculated on the fly in verification code. > + > config RSA_SOFTWARE_EXP > bool "Enable driver for RSA Modular Exponentiation in software" > depends on DM >
On Wed, Jan 08, 2020 at 01:35:13PM +0100, Heinrich Schuchardt wrote: > On 11/21/19 1:11 AM, AKASHI Takahiro wrote: > >In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, > >rsa_verify() will be extended to be able to perform RSA decryption without > >additional RSA key properties from FIT image, i.e. rr and n0inv. > > > >Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> > >Reviewed-by: Simon Glass <sjg@chromium.org> > > The patch series does not build for some configurations. > > >--- > > lib/rsa/Kconfig | 14 ++++++++++++++ > > 1 file changed, 14 insertions(+) > > > >diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig > >index 03ffa2969048..71e4c06bf883 100644 > >--- a/lib/rsa/Kconfig > >+++ b/lib/rsa/Kconfig > >@@ -30,6 +30,20 @@ config RSA_VERIFY > > help > > Add RSA signature verification support. > > > >+config RSA_VERIFY_WITH_PKEY > > For CONFIG_RSA_VERIFY_WITH_PKEY=y and CONFIG_RSA_PUBLIC_KEY_PARSER=n > I get an error: This error is inevitable as both RSA_VERIFY_WITH_PKEY and RSA_PUBLIC_KEY_PARSER are "select"able configurations with visible prompts and then we should generally avoid potential illegal configurations; The one should NOT forcibly select the other as the kernel kconfig document suggests. # Note: # select should be used with care. select will force # a symbol to a value without visiting the dependencies. # By abusing select you are able to select a symbol FOO even # if FOO depends on BAR that is not set. # In general use select only for non-visible symbols # (no prompts anywhere) and for symbols with no dependencies. # That will limit the usefulness but on the other hand avoid # the illegal configurations all over. -Takahiro Akashi > lib/rsa/rsa-keyprop.c:669: undefined reference to `rsa_parse_pub_key' > > RSA_PUBLIC_KEY_PARSER depends on > ASYMMETRIC_KEY_TYPE [=n] && ASYMMETRIC_PUBLIC_KEY_SUBTYPE [=n] > > Please, fix the dependencies. > > Best regards > > Heinrich > > >+ bool "Execute RSA verification without key parameters from FDT" > >+ depends on RSA > >+ help > >+ The standard RSA-signature verification code (FIT_SIGNATURE) uses > >+ pre-calculated key properties, that are stored in fdt blob, in > >+ decrypting a signature. > >+ This does not suit the use case where there is no way defined to > >+ provide such additional key properties in standardized form, > >+ particularly UEFI secure boot. > >+ This options enables RSA signature verification with a public key > >+ directly specified in image_sign_info, where all the necessary > >+ key properties will be calculated on the fly in verification code. > >+ > > config RSA_SOFTWARE_EXP > > bool "Enable driver for RSA Modular Exponentiation in software" > > depends on DM > >
On 1/14/20 8:45 AM, AKASHI Takahiro wrote: > On Wed, Jan 08, 2020 at 01:35:13PM +0100, Heinrich Schuchardt wrote: >> On 11/21/19 1:11 AM, AKASHI Takahiro wrote: >>> In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, >>> rsa_verify() will be extended to be able to perform RSA decryption without >>> additional RSA key properties from FIT image, i.e. rr and n0inv. >>> >>> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> >>> Reviewed-by: Simon Glass <sjg@chromium.org> >> >> The patch series does not build for some configurations. >> >>> --- >>> lib/rsa/Kconfig | 14 ++++++++++++++ >>> 1 file changed, 14 insertions(+) >>> >>> diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig >>> index 03ffa2969048..71e4c06bf883 100644 >>> --- a/lib/rsa/Kconfig >>> +++ b/lib/rsa/Kconfig >>> @@ -30,6 +30,20 @@ config RSA_VERIFY >>> help >>> Add RSA signature verification support. >>> >>> +config RSA_VERIFY_WITH_PKEY >> >> For CONFIG_RSA_VERIFY_WITH_PKEY=y and CONFIG_RSA_PUBLIC_KEY_PARSER=n >> I get an error: > > This error is inevitable as both RSA_VERIFY_WITH_PKEY and > RSA_PUBLIC_KEY_PARSER are "select"able configurations with > visible prompts and then No, it is not inevitbable. Just ensure that in the Makefiles all modules are selected that you need for your configuration. > we should generally avoid potential illegal configurations; Yes, we want to avoid potentially illegal configurations everywhere. This is why we have a randconfig build target. Best regards Heinrich > The one should NOT forcibly select the other as the kernel kconfig > document suggests. > > # Note: > # select should be used with care. select will force > # a symbol to a value without visiting the dependencies. > # By abusing select you are able to select a symbol FOO even > # if FOO depends on BAR that is not set. > # In general use select only for non-visible symbols > # (no prompts anywhere) and for symbols with no dependencies. > # That will limit the usefulness but on the other hand avoid > # the illegal configurations all over. > > -Takahiro Akashi > > >> lib/rsa/rsa-keyprop.c:669: undefined reference to `rsa_parse_pub_key' >> >> RSA_PUBLIC_KEY_PARSER depends on >> ASYMMETRIC_KEY_TYPE [=n] && ASYMMETRIC_PUBLIC_KEY_SUBTYPE [=n] >> >> Please, fix the dependencies. >> >> Best regards >> >> Heinrich >> >>> + bool "Execute RSA verification without key parameters from FDT" >>> + depends on RSA >>> + help >>> + The standard RSA-signature verification code (FIT_SIGNATURE) uses >>> + pre-calculated key properties, that are stored in fdt blob, in >>> + decrypting a signature. >>> + This does not suit the use case where there is no way defined to >>> + provide such additional key properties in standardized form, >>> + particularly UEFI secure boot. >>> + This options enables RSA signature verification with a public key >>> + directly specified in image_sign_info, where all the necessary >>> + key properties will be calculated on the fly in verification code. >>> + >>> config RSA_SOFTWARE_EXP >>> bool "Enable driver for RSA Modular Exponentiation in software" >>> depends on DM >>> >
On Tue, Jan 14, 2020 at 12:43:40PM +0100, Heinrich Schuchardt wrote: > On 1/14/20 8:45 AM, AKASHI Takahiro wrote: > >On Wed, Jan 08, 2020 at 01:35:13PM +0100, Heinrich Schuchardt wrote: > >>On 11/21/19 1:11 AM, AKASHI Takahiro wrote: > >>>In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, > >>>rsa_verify() will be extended to be able to perform RSA decryption without > >>>additional RSA key properties from FIT image, i.e. rr and n0inv. > >>> > >>>Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> > >>>Reviewed-by: Simon Glass <sjg@chromium.org> > >> > >>The patch series does not build for some configurations. > >> > >>>--- > >>> lib/rsa/Kconfig | 14 ++++++++++++++ > >>> 1 file changed, 14 insertions(+) > >>> > >>>diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig > >>>index 03ffa2969048..71e4c06bf883 100644 > >>>--- a/lib/rsa/Kconfig > >>>+++ b/lib/rsa/Kconfig > >>>@@ -30,6 +30,20 @@ config RSA_VERIFY > >>> help > >>> Add RSA signature verification support. > >>> > >>>+config RSA_VERIFY_WITH_PKEY > >> > >>For CONFIG_RSA_VERIFY_WITH_PKEY=y and CONFIG_RSA_PUBLIC_KEY_PARSER=n > >>I get an error: > > > >This error is inevitable as both RSA_VERIFY_WITH_PKEY and > >RSA_PUBLIC_KEY_PARSER are "select"able configurations with > >visible prompts and then > > No, it is not inevitbable. Just ensure that in the Makefiles all modules > are selected that you need for your configuration. How? Can you please show me a simple solution? Thanks, -Takahiro Akashi > >we should generally avoid potential illegal configurations; > > Yes, we want to avoid potentially illegal configurations everywhere. > This is why we have a randconfig build target. > > Best regards > > Heinrich > > >The one should NOT forcibly select the other as the kernel kconfig > >document suggests. > > > ># Note: > ># select should be used with care. select will force > ># a symbol to a value without visiting the dependencies. > ># By abusing select you are able to select a symbol FOO even > ># if FOO depends on BAR that is not set. > ># In general use select only for non-visible symbols > ># (no prompts anywhere) and for symbols with no dependencies. > ># That will limit the usefulness but on the other hand avoid > ># the illegal configurations all over. > > > >-Takahiro Akashi > > > > > >>lib/rsa/rsa-keyprop.c:669: undefined reference to `rsa_parse_pub_key' > >> > >>RSA_PUBLIC_KEY_PARSER depends on > >>ASYMMETRIC_KEY_TYPE [=n] && ASYMMETRIC_PUBLIC_KEY_SUBTYPE [=n] > >> > >>Please, fix the dependencies. > >> > >>Best regards > >> > >>Heinrich > >> > >>>+ bool "Execute RSA verification without key parameters from FDT" > >>>+ depends on RSA > >>>+ help > >>>+ The standard RSA-signature verification code (FIT_SIGNATURE) uses > >>>+ pre-calculated key properties, that are stored in fdt blob, in > >>>+ decrypting a signature. > >>>+ This does not suit the use case where there is no way defined to > >>>+ provide such additional key properties in standardized form, > >>>+ particularly UEFI secure boot. > >>>+ This options enables RSA signature verification with a public key > >>>+ directly specified in image_sign_info, where all the necessary > >>>+ key properties will be calculated on the fly in verification code. > >>>+ > >>> config RSA_SOFTWARE_EXP > >>> bool "Enable driver for RSA Modular Exponentiation in software" > >>> depends on DM > >>> > > >
On 1/17/20 3:24 AM, AKASHI Takahiro wrote: > On Tue, Jan 14, 2020 at 12:43:40PM +0100, Heinrich Schuchardt wrote: >> On 1/14/20 8:45 AM, AKASHI Takahiro wrote: >>> On Wed, Jan 08, 2020 at 01:35:13PM +0100, Heinrich Schuchardt wrote: >>>> On 11/21/19 1:11 AM, AKASHI Takahiro wrote: >>>>> In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, >>>>> rsa_verify() will be extended to be able to perform RSA decryption without >>>>> additional RSA key properties from FIT image, i.e. rr and n0inv. >>>>> >>>>> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> >>>>> Reviewed-by: Simon Glass <sjg@chromium.org> >>>> >>>> The patch series does not build for some configurations. >>>> >>>>> --- >>>>> lib/rsa/Kconfig | 14 ++++++++++++++ >>>>> 1 file changed, 14 insertions(+) >>>>> >>>>> diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig >>>>> index 03ffa2969048..71e4c06bf883 100644 >>>>> --- a/lib/rsa/Kconfig >>>>> +++ b/lib/rsa/Kconfig >>>>> @@ -30,6 +30,20 @@ config RSA_VERIFY >>>>> help >>>>> Add RSA signature verification support. >>>>> >>>>> +config RSA_VERIFY_WITH_PKEY >>>> >>>> For CONFIG_RSA_VERIFY_WITH_PKEY=y and CONFIG_RSA_PUBLIC_KEY_PARSER=n >>>> I get an error: >>> >>> This error is inevitable as both RSA_VERIFY_WITH_PKEY and >>> RSA_PUBLIC_KEY_PARSER are "select"able configurations with >>> visible prompts and then >> >> No, it is not inevitbable. Just ensure that in the Makefiles all modules >> are selected that you need for your configuration. > > How? > Can you please show me a simple solution? ifneq($(CONFIG_RSA_VERIFY_WITH_PKEY)$(CONFIG_RSA_PUBLIC_KEY_PARSER),) obj-y += foo.o endif or config RSA_VERIFY_WITH_PKEY depends on RSA_PUBLIC_KEY_PARSER or config RSA_VERIFY_WITH_PKEY select RSA_PUBLIC_KEY_PARSER Best regards Heinrich > > Thanks, > -Takahiro Akashi > > >>> we should generally avoid potential illegal configurations; >> >> Yes, we want to avoid potentially illegal configurations everywhere. >> This is why we have a randconfig build target. >> >> Best regards >> >> Heinrich >> >>> The one should NOT forcibly select the other as the kernel kconfig >>> document suggests. >>> >>> # Note: >>> # select should be used with care. select will force >>> # a symbol to a value without visiting the dependencies. >>> # By abusing select you are able to select a symbol FOO even >>> # if FOO depends on BAR that is not set. >>> # In general use select only for non-visible symbols >>> # (no prompts anywhere) and for symbols with no dependencies. >>> # That will limit the usefulness but on the other hand avoid >>> # the illegal configurations all over. >>> >>> -Takahiro Akashi >>> >>> >>>> lib/rsa/rsa-keyprop.c:669: undefined reference to `rsa_parse_pub_key' >>>> >>>> RSA_PUBLIC_KEY_PARSER depends on >>>> ASYMMETRIC_KEY_TYPE [=n] && ASYMMETRIC_PUBLIC_KEY_SUBTYPE [=n] >>>> >>>> Please, fix the dependencies. >>>> >>>> Best regards >>>> >>>> Heinrich >>>> >>>>> + bool "Execute RSA verification without key parameters from FDT" >>>>> + depends on RSA >>>>> + help >>>>> + The standard RSA-signature verification code (FIT_SIGNATURE) uses >>>>> + pre-calculated key properties, that are stored in fdt blob, in >>>>> + decrypting a signature. >>>>> + This does not suit the use case where there is no way defined to >>>>> + provide such additional key properties in standardized form, >>>>> + particularly UEFI secure boot. >>>>> + This options enables RSA signature verification with a public key >>>>> + directly specified in image_sign_info, where all the necessary >>>>> + key properties will be calculated on the fly in verification code. >>>>> + >>>>> config RSA_SOFTWARE_EXP >>>>> bool "Enable driver for RSA Modular Exponentiation in software" >>>>> depends on DM >>>>> >>> >> >
Tom, Simon, On Fri, Jan 17, 2020 at 06:59:44AM +0100, Heinrich Schuchardt wrote: > On 1/17/20 3:24 AM, AKASHI Takahiro wrote: > >On Tue, Jan 14, 2020 at 12:43:40PM +0100, Heinrich Schuchardt wrote: > >>On 1/14/20 8:45 AM, AKASHI Takahiro wrote: > >>>On Wed, Jan 08, 2020 at 01:35:13PM +0100, Heinrich Schuchardt wrote: > >>>>On 11/21/19 1:11 AM, AKASHI Takahiro wrote: > >>>>>In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, > >>>>>rsa_verify() will be extended to be able to perform RSA decryption without > >>>>>additional RSA key properties from FIT image, i.e. rr and n0inv. > >>>>> > >>>>>Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> > >>>>>Reviewed-by: Simon Glass <sjg@chromium.org> > >>>> > >>>>The patch series does not build for some configurations. > >>>> > >>>>>--- > >>>>> lib/rsa/Kconfig | 14 ++++++++++++++ > >>>>> 1 file changed, 14 insertions(+) > >>>>> > >>>>>diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig > >>>>>index 03ffa2969048..71e4c06bf883 100644 > >>>>>--- a/lib/rsa/Kconfig > >>>>>+++ b/lib/rsa/Kconfig > >>>>>@@ -30,6 +30,20 @@ config RSA_VERIFY > >>>>> help > >>>>> Add RSA signature verification support. > >>>>> > >>>>>+config RSA_VERIFY_WITH_PKEY > >>>> > >>>>For CONFIG_RSA_VERIFY_WITH_PKEY=y and CONFIG_RSA_PUBLIC_KEY_PARSER=n > >>>>I get an error: > >>> > >>>This error is inevitable as both RSA_VERIFY_WITH_PKEY and > >>>RSA_PUBLIC_KEY_PARSER are "select"able configurations with > >>>visible prompts and then > >> > >>No, it is not inevitbable. Just ensure that in the Makefiles all modules > >>are selected that you need for your configuration. > > > >How? > >Can you please show me a simple solution? > Which is your choice as a maintainer/author of lib/rsa? In my opinion, > ifneq($(CONFIG_RSA_VERIFY_WITH_PKEY)$(CONFIG_RSA_PUBLIC_KEY_PARSER),) > obj-y += foo.o > endif I will take this by a process of elimination. > or > > config RSA_VERIFY_WITH_PKEY > depends on RSA_PUBLIC_KEY_PARSER I normally use "depends on" to select a subset feature of the target. > or > > config RSA_VERIFY_WITH_PKEY > select RSA_PUBLIC_KEY_PARSER Nak, as I said, because RSA_PUBLIC_KEY_PARSER is a visible configuration symbol. Thanks, -Takahiro Akashi > Best regards > > Heinrich > > > > >Thanks, > >-Takahiro Akashi > > > > > >>>we should generally avoid potential illegal configurations; > >> > >>Yes, we want to avoid potentially illegal configurations everywhere. > >>This is why we have a randconfig build target. > >> > >>Best regards > >> > >>Heinrich > >> > >>>The one should NOT forcibly select the other as the kernel kconfig > >>>document suggests. > >>> > >>># Note: > >>># select should be used with care. select will force > >>># a symbol to a value without visiting the dependencies. > >>># By abusing select you are able to select a symbol FOO even > >>># if FOO depends on BAR that is not set. > >>># In general use select only for non-visible symbols > >>># (no prompts anywhere) and for symbols with no dependencies. > >>># That will limit the usefulness but on the other hand avoid > >>># the illegal configurations all over. > >>> > >>>-Takahiro Akashi > >>> > >>> > >>>>lib/rsa/rsa-keyprop.c:669: undefined reference to `rsa_parse_pub_key' > >>>> > >>>>RSA_PUBLIC_KEY_PARSER depends on > >>>>ASYMMETRIC_KEY_TYPE [=n] && ASYMMETRIC_PUBLIC_KEY_SUBTYPE [=n] > >>>> > >>>>Please, fix the dependencies. > >>>> > >>>>Best regards > >>>> > >>>>Heinrich > >>>> > >>>>>+ bool "Execute RSA verification without key parameters from FDT" > >>>>>+ depends on RSA > >>>>>+ help > >>>>>+ The standard RSA-signature verification code (FIT_SIGNATURE) uses > >>>>>+ pre-calculated key properties, that are stored in fdt blob, in > >>>>>+ decrypting a signature. > >>>>>+ This does not suit the use case where there is no way defined to > >>>>>+ provide such additional key properties in standardized form, > >>>>>+ particularly UEFI secure boot. > >>>>>+ This options enables RSA signature verification with a public key > >>>>>+ directly specified in image_sign_info, where all the necessary > >>>>>+ key properties will be calculated on the fly in verification code. > >>>>>+ > >>>>> config RSA_SOFTWARE_EXP > >>>>> bool "Enable driver for RSA Modular Exponentiation in software" > >>>>> depends on DM > >>>>> > >>> > >> > > >
On Tue, Jan 21, 2020 at 01:29:58PM +0900, AKASHI Takahiro wrote: > Tom, Simon, > > On Fri, Jan 17, 2020 at 06:59:44AM +0100, Heinrich Schuchardt wrote: > > On 1/17/20 3:24 AM, AKASHI Takahiro wrote: > > >On Tue, Jan 14, 2020 at 12:43:40PM +0100, Heinrich Schuchardt wrote: > > >>On 1/14/20 8:45 AM, AKASHI Takahiro wrote: > > >>>On Wed, Jan 08, 2020 at 01:35:13PM +0100, Heinrich Schuchardt wrote: > > >>>>On 11/21/19 1:11 AM, AKASHI Takahiro wrote: > > >>>>>In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, > > >>>>>rsa_verify() will be extended to be able to perform RSA decryption without > > >>>>>additional RSA key properties from FIT image, i.e. rr and n0inv. > > >>>>> > > >>>>>Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> > > >>>>>Reviewed-by: Simon Glass <sjg@chromium.org> > > >>>> > > >>>>The patch series does not build for some configurations. > > >>>> > > >>>>>--- > > >>>>> lib/rsa/Kconfig | 14 ++++++++++++++ > > >>>>> 1 file changed, 14 insertions(+) > > >>>>> > > >>>>>diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig > > >>>>>index 03ffa2969048..71e4c06bf883 100644 > > >>>>>--- a/lib/rsa/Kconfig > > >>>>>+++ b/lib/rsa/Kconfig > > >>>>>@@ -30,6 +30,20 @@ config RSA_VERIFY > > >>>>> help > > >>>>> Add RSA signature verification support. > > >>>>> > > >>>>>+config RSA_VERIFY_WITH_PKEY > > >>>> > > >>>>For CONFIG_RSA_VERIFY_WITH_PKEY=y and CONFIG_RSA_PUBLIC_KEY_PARSER=n > > >>>>I get an error: > > >>> > > >>>This error is inevitable as both RSA_VERIFY_WITH_PKEY and > > >>>RSA_PUBLIC_KEY_PARSER are "select"able configurations with > > >>>visible prompts and then > > >> > > >>No, it is not inevitbable. Just ensure that in the Makefiles all modules > > >>are selected that you need for your configuration. > > > > > >How? > > >Can you please show me a simple solution? > > > > Which is your choice as a maintainer/author of lib/rsa? > > In my opinion, > > > ifneq($(CONFIG_RSA_VERIFY_WITH_PKEY)$(CONFIG_RSA_PUBLIC_KEY_PARSER),) > > obj-y += foo.o > > endif > > I will take this by a process of elimination. > > > or > > > > config RSA_VERIFY_WITH_PKEY > > depends on RSA_PUBLIC_KEY_PARSER > > I normally use "depends on" to select a subset feature of the target. > > > or > > > > config RSA_VERIFY_WITH_PKEY > > select RSA_PUBLIC_KEY_PARSER > > Nak, as I said, because RSA_PUBLIC_KEY_PARSER is a visible configuration symbol. This is getting a bit complicated. So, if and only if RSA_VERIFY_WITH_PKEY and RSA_PUBLIC_KEY_PARSER can be functional without the other enabled: obj-$(CONFIG_RSA_VERIFY_WITH_PKEY) += verify-with-pkey.o common-thing.o obj-$(CONFIG_RSA_PUBLIC_KEY_PARSER) += public-key-parser.o common-thing.o and we don't need to do anything extra with depends/select. There's nothing wrong with listing an object multiple times, it gets sorted correctly.
diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig index 03ffa2969048..71e4c06bf883 100644 --- a/lib/rsa/Kconfig +++ b/lib/rsa/Kconfig @@ -30,6 +30,20 @@ config RSA_VERIFY help Add RSA signature verification support. +config RSA_VERIFY_WITH_PKEY + bool "Execute RSA verification without key parameters from FDT" + depends on RSA + help + The standard RSA-signature verification code (FIT_SIGNATURE) uses + pre-calculated key properties, that are stored in fdt blob, in + decrypting a signature. + This does not suit the use case where there is no way defined to + provide such additional key properties in standardized form, + particularly UEFI secure boot. + This options enables RSA signature verification with a public key + directly specified in image_sign_info, where all the necessary + key properties will be calculated on the fly in verification code. + config RSA_SOFTWARE_EXP bool "Enable driver for RSA Modular Exponentiation in software" depends on DM