From patchwork Fri Sep 6 07:08:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: AKASHI Takahiro X-Patchwork-Id: 1158808 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="DQcWF69U"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 46PpWV5jdlz9sN1 for ; Fri, 6 Sep 2019 17:06:30 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 7210BC21E0D; Fri, 6 Sep 2019 07:06:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 40414C21E2C; Fri, 6 Sep 2019 07:06:09 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E6FACC21DB6; Fri, 6 Sep 2019 07:05:58 +0000 (UTC) Received: from mail-pf1-f193.google.com (mail-pf1-f193.google.com [209.85.210.193]) by lists.denx.de (Postfix) with ESMTPS id 1E3F5C21DD9 for ; Fri, 6 Sep 2019 07:05:52 +0000 (UTC) Received: by mail-pf1-f193.google.com with SMTP id b13so3725682pfo.8 for ; Fri, 06 Sep 2019 00:05:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=g/0ECfLbrvV58d6yNrpEiHKip4PLcpUTpVbf3aVjip4=; b=DQcWF69US7R71eEPUioUenaErcSRzd1dKzeP3ube9RwTRCUG2/zTEWZTHStHSiPCmO ir74inoxZZHfhWuE3M2w6d7180xKOpJNslWRIATmZNZn6X6YlS7yEMUlqE3/YIrH7/vc oXzn95+qXN+ZLpP1F07j5VV1MhtOdqzcr/dwBdgrJrDIj9VbD3Q59JUzpFb6UJUq0Cxy SqD+iP06DSDOYCOchqzuFLa1HlT5IDgS9kFSXsw1UrphjvLm/Th5SOpBkzJzIPfuPLEz w+kUgHFweYTiKmmyFJ7GsmczmnqMwd2ma3Dho7tPdSeB1H13AY4dfBtcOQKx50KP4ksJ 8WYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=g/0ECfLbrvV58d6yNrpEiHKip4PLcpUTpVbf3aVjip4=; b=CUSJWjw/Atv9ZHtpuAOqRsxu2SD2lA0bjU5UvML6/7/lenJcHA01gwCJx/zb/mZ7kh cBJsuopTRXC+8wdIHtsieREFyIlxcZ8k+hZUC9VpRRAta0edxDAOITWKBUnpyjsvtN+b pV68SDG/TrBc4Sm6XjWTy0xo0us3buAFsaa/x0CifGnAVHVCLOTgTsMo/bQkqBJbsgfi oKJrZnE9jh7Vkr8twOQtHXMaBptb+hlQG8NidkmiyxZzZCjgSIefETM8aLoADYc+9VAT +ELa9ZxuxSrcdR+FNUC3ZLBhBM3rkdLnJWq8jShCk447z8YjRYRcZEXQlEfnQjOAJoAm N9BA== X-Gm-Message-State: APjAAAXsqE8ZdwA4JCBwy5l6PYhS/KaYNxuV8WzLJPu6rUzh0UyIeg8M X4/mEbV48JEHjchfvbZ8x2xyww== X-Google-Smtp-Source: APXvYqzL3R1uGEJCW/ucKcp/OPhiTZqBvkMbJT+rv4p7OHuKYgyWyYdjpOpSkr3RWOVuMuFClIThvA== X-Received: by 2002:a63:f04:: with SMTP id e4mr6514664pgl.38.1567753550119; Fri, 06 Sep 2019 00:05:50 -0700 (PDT) Received: from linaro.org ([121.95.100.191]) by smtp.googlemail.com with ESMTPSA id em21sm3664395pjb.31.2019.09.06.00.05.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 06 Sep 2019 00:05:49 -0700 (PDT) From: AKASHI Takahiro To: trini@konsulko.com, sjg@chromium.org, xypron.glpk@gmx.de, agraf@csgraf.de Date: Fri, 6 Sep 2019 16:08:06 +0900 Message-Id: <20190906070808.1198-2-takahiro.akashi@linaro.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190906070808.1198-1-takahiro.akashi@linaro.org> References: <20190906070808.1198-1-takahiro.akashi@linaro.org> MIME-Version: 1.0 Cc: u-boot@lists.denx.de Subject: [U-Boot] [RFC 1/3] lib: rsa: decouple rsa from FIT image verification X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro --- lib/rsa/Kconfig | 7 +++++++ lib/rsa/Makefile | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig index 2b33f323bccc..338c8124da59 100644 --- a/lib/rsa/Kconfig +++ b/lib/rsa/Kconfig @@ -1,5 +1,6 @@ config RSA bool "Use RSA Library" + select RSA_VERIFY select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX6 && !ARCH_MX5 select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP help @@ -17,6 +18,12 @@ if RSA config SPL_RSA bool "Use RSA Library within SPL" + select RSA_VERIFY + +config RSA_VERIFY + bool + help + Add RSA signature verification support. config RSA_SOFTWARE_EXP bool "Enable driver for RSA Modular Exponentiation in software" diff --git a/lib/rsa/Makefile b/lib/rsa/Makefile index a51c6e1685fb..226d8f3514a9 100644 --- a/lib/rsa/Makefile +++ b/lib/rsa/Makefile @@ -5,5 +5,5 @@ # (C) Copyright 2000-2007 # Wolfgang Denk, DENX Software Engineering, wd@denx.de. -obj-$(CONFIG_$(SPL_)FIT_SIGNATURE) += rsa-verify.o rsa-checksum.o +obj-$(CONFIG_RSA_VERIFY) += rsa-verify.o rsa-checksum.o obj-$(CONFIG_RSA_SOFTWARE_EXP) += rsa-mod-exp.o