diff mbox series

[1/5] dm: crypto: Define UCLASS API for ECDSA signature verification

Message ID 20210111154137.621732-2-mr.nuke.me@gmail.com
State New
Delegated to: Patrick Delaunay
Headers show
Series Enable ECDSA FIT verification for stm32mp | expand

Commit Message

Alexandru Gagniuc Jan. 11, 2021, 3:41 p.m. UTC
Define a UCLASS API for verifying ECDSA signatures. Unlike
UCLASS_MOD_EXP, which focuses strictly on modular exponentiation,
the ECDSA class focuses on verification. This is done so that it
better aligns with mach-specific implementations, such as stm32mp.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
---
 include/crypto/ecdsa-uclass.h | 39 +++++++++++++++++++++++++++++++++++
 include/dm/uclass-id.h        |  1 +
 2 files changed, 40 insertions(+)
 create mode 100644 include/crypto/ecdsa-uclass.h

Comments

Simon Glass Jan. 13, 2021, 4:10 p.m. UTC | #1
Hi Alexandru,

On Mon, 11 Jan 2021 at 08:41, Alexandru Gagniuc <mr.nuke.me@gmail.com> wrote:
>
> Define a UCLASS API for verifying ECDSA signatures. Unlike
> UCLASS_MOD_EXP, which focuses strictly on modular exponentiation,
> the ECDSA class focuses on verification. This is done so that it
> better aligns with mach-specific implementations, such as stm32mp.
>
> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
> ---
>  include/crypto/ecdsa-uclass.h | 39 +++++++++++++++++++++++++++++++++++
>  include/dm/uclass-id.h        |  1 +
>  2 files changed, 40 insertions(+)
>  create mode 100644 include/crypto/ecdsa-uclass.h

This needs a test, as do all uclasses in U-Boot. If it isn't easy to
implement the algorithm then I suppose you could fake it by using an
easy algorithm like md5, but it does need a test.

Regards,
Simon
Alexandru Gagniuc Jan. 14, 2021, 4:09 p.m. UTC | #2
On 1/13/21 10:10 AM, Simon Glass wrote:
> Hi Alexandru,
> 
> On Mon, 11 Jan 2021 at 08:41, Alexandru Gagniuc <mr.nuke.me@gmail.com> wrote:
>>
>> Define a UCLASS API for verifying ECDSA signatures. Unlike
>> UCLASS_MOD_EXP, which focuses strictly on modular exponentiation,
>> the ECDSA class focuses on verification. This is done so that it
>> better aligns with mach-specific implementations, such as stm32mp.
>>
>> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
>> ---
>>   include/crypto/ecdsa-uclass.h | 39 +++++++++++++++++++++++++++++++++++
>>   include/dm/uclass-id.h        |  1 +
>>   2 files changed, 40 insertions(+)
>>   create mode 100644 include/crypto/ecdsa-uclass.h
> 
> This needs a test, as do all uclasses in U-Boot. If it isn't easy to
> implement the algorithm then I suppose you could fake it by using an
> easy algorithm like md5, but it does need a test.

I agree. I couldn't find a test for UCLASS_MOD_EXP (for guidance), so 
I'm not sure where to even start.

Alex

> Regards,
> Simon
>
Simon Glass Jan. 14, 2021, 7:16 p.m. UTC | #3
Hi Alex,

On Thu, 14 Jan 2021 at 09:09, Alex G. <mr.nuke.me@gmail.com> wrote:
>
> On 1/13/21 10:10 AM, Simon Glass wrote:
> > Hi Alexandru,
> >
> > On Mon, 11 Jan 2021 at 08:41, Alexandru Gagniuc <mr.nuke.me@gmail.com> wrote:
> >>
> >> Define a UCLASS API for verifying ECDSA signatures. Unlike
> >> UCLASS_MOD_EXP, which focuses strictly on modular exponentiation,
> >> the ECDSA class focuses on verification. This is done so that it
> >> better aligns with mach-specific implementations, such as stm32mp.
> >>
> >> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
> >> ---
> >>   include/crypto/ecdsa-uclass.h | 39 +++++++++++++++++++++++++++++++++++
> >>   include/dm/uclass-id.h        |  1 +
> >>   2 files changed, 40 insertions(+)
> >>   create mode 100644 include/crypto/ecdsa-uclass.h
> >
> > This needs a test, as do all uclasses in U-Boot. If it isn't easy to
> > implement the algorithm then I suppose you could fake it by using an
> > easy algorithm like md5, but it does need a test.
>
> I agree. I couldn't find a test for UCLASS_MOD_EXP (for guidance), so
> I'm not sure where to even start.

How about dm_test_rng_read()? That is pretty simple and does a few basic things.

Re UCLASS_MOD_EXP this is tested by the vboot tests. It should really
have a simple unit test too, though. This is an example of how to add
a software implementation of a hardware algorithm. See mod_exp_sw.c

Regards,
Simon
diff mbox series

Patch

diff --git a/include/crypto/ecdsa-uclass.h b/include/crypto/ecdsa-uclass.h
new file mode 100644
index 0000000000..189843820a
--- /dev/null
+++ b/include/crypto/ecdsa-uclass.h
@@ -0,0 +1,39 @@ 
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright (c) 2020, Alexandru Gagniuc <mr.nuke.me@gmail.com>
+ */
+
+#include <dm/device.h>
+
+/**
+ * struct ecdsa_public_key - ECDSA public key properties
+ *
+ * The struct has pointers to the (x, y) curve coordinates to an ECDSA public
+ * key, as well as the name of the ECDSA curve. The size of the key is inferred
+ * from the 'curve_name'
+ */
+struct ecdsa_public_key {
+	const char *curve_name;	/* Name of curve, e.g. "prime256v1" */
+	const void *x;		/* x coordinate of public key */
+	const void *y;		/* y coordinate of public key */
+	unsigned int size_bits;	/* key size in bits, derived from curve name */
+};
+
+struct ecdsa_ops {
+	/**
+	 * Verify signature of hash against given public key
+	 *
+	 * @dev:	ECDSA Device
+	 * @pubkey:	ECDSA public key
+	 * @hash:	Hash of binary image
+	 * @hash_len:	Length of hash in bytes
+	 * @signature:	Signature in a raw (R, S) point pair
+	 * @sig_len:	Length of signature in bytes
+	 *
+	 * This function verifies that the 'signature' of the given 'hash' was
+	 * signed by the private key corresponding to 'pubkey'.
+	 */
+	int (*verify)(struct udevice *dev, const struct ecdsa_public_key *pubkey,
+		      const void *hash, size_t hash_len,
+		      const void *signature, size_t sig_len);
+};
diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h
index e952a9967c..de4f5db086 100644
--- a/include/dm/uclass-id.h
+++ b/include/dm/uclass-id.h
@@ -45,6 +45,7 @@  enum uclass_id {
 	UCLASS_DISPLAY,		/* Display (e.g. DisplayPort, HDMI) */
 	UCLASS_DSI_HOST,	/* Display Serial Interface host */
 	UCLASS_DMA,		/* Direct Memory Access */
+	UCLASS_ECDSA,		/* Elliptic curve cryptographic device */
 	UCLASS_EFI,		/* EFI managed devices */
 	UCLASS_ETH,		/* Ethernet device */
 	UCLASS_ETH_PHY,		/* Ethernet PHY device */