Message ID | 20210729164719.3490718-6-mr.nuke.me@gmail.com |
---|---|
State | Accepted |
Commit | 46a738a4ec81959c7545a4bb07e4f5232bbcfefe |
Delegated to: | Patrice Chotard |
Headers | show |
Series | [1/5] dm: crypto: Define UCLASS API for ECDSA signature verification | expand |
Hi, On 7/29/21 6:47 PM, Alexandru Gagniuc wrote: > This test verifies that ECDSA_UCLASS is implemented, and that > ecdsa_verify() works as expected. The definition of "expected" is > "does not find a device, and returns -ENODEV". > > The lack of a hardware-independent ECDSA implementation prevents us > from having one in the sandbox, for now. > > Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> > Reviewed-by: Simon Glass <sjg@chromium.org> > --- > configs/sandbox_defconfig | 2 ++ > test/dm/Makefile | 1 + > test/dm/ecdsa.c | 38 ++++++++++++++++++++++++++++++++++++++ > 3 files changed, 41 insertions(+) > create mode 100644 test/dm/ecdsa.c > Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com> Thanks Patrick
Hi Alexandru On 7/30/21 11:53 AM, Patrick DELAUNAY wrote: > Hi, > > On 7/29/21 6:47 PM, Alexandru Gagniuc wrote: >> This test verifies that ECDSA_UCLASS is implemented, and that >> ecdsa_verify() works as expected. The definition of "expected" is >> "does not find a device, and returns -ENODEV". >> >> The lack of a hardware-independent ECDSA implementation prevents us >> from having one in the sandbox, for now. >> >> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> >> Reviewed-by: Simon Glass <sjg@chromium.org> >> --- >> configs/sandbox_defconfig | 2 ++ >> test/dm/Makefile | 1 + >> test/dm/ecdsa.c | 38 ++++++++++++++++++++++++++++++++++++++ >> 3 files changed, 41 insertions(+) >> create mode 100644 test/dm/ecdsa.c >> > > Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com> > > Thanks > Patrick > Applied to u-boot-stm/master Thanks Patrice
diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig index bcd82f76ff..8bb981d6f5 100644 --- a/configs/sandbox_defconfig +++ b/configs/sandbox_defconfig @@ -299,3 +299,5 @@ CONFIG_TEST_FDTDEC=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y +CONFIG_ECDSA=y +CONFIG_ECDSA_VERIFY=y diff --git a/test/dm/Makefile b/test/dm/Makefile index d5c42e7643..516f69d61c 100644 --- a/test/dm/Makefile +++ b/test/dm/Makefile @@ -36,6 +36,7 @@ obj-$(CONFIG_DEVRES) += devres.o obj-$(CONFIG_DMA) += dma.o obj-$(CONFIG_VIDEO_MIPI_DSI) += dsi_host.o obj-$(CONFIG_DM_DSA) += dsa.o +obj-$(CONFIG_ECDSA_VERIFY) += ecdsa.o obj-$(CONFIG_DM_ETH) += eth.o ifneq ($(CONFIG_EFI_PARTITION),) obj-$(CONFIG_FASTBOOT_FLASH_MMC) += fastboot.o diff --git a/test/dm/ecdsa.c b/test/dm/ecdsa.c new file mode 100644 index 0000000000..da535c98b5 --- /dev/null +++ b/test/dm/ecdsa.c @@ -0,0 +1,38 @@ +// SPDX-License-Identifier: GPL-2.0-or-later + +#include <crypto/ecdsa-uclass.h> +#include <dm.h> +#include <dm/test.h> +#include <test/ut.h> +#include <u-boot/ecdsa.h> + +/* + * Basic test of the ECDSA uclass and ecdsa_verify() + * + * ECDSA implementations in u-boot are hardware-dependent. Until we have a + * software implementation that can be compiled into the sandbox, all we can + * test is the uclass support. + * + * The uclass_get() test is redundant since ecdsa_verify() would also fail. We + * run both functions in order to isolate the cause more clearly. i.e. is + * ecdsa_verify() failing because the UCLASS is absent/broken? + */ +static int dm_test_ecdsa_verify(struct unit_test_state *uts) +{ + struct uclass *ucp; + + struct checksum_algo algo = { + .checksum_len = 256, + }; + + struct image_sign_info info = { + .checksum = &algo, + }; + + ut_assertok(uclass_get(UCLASS_ECDSA, &ucp)); + ut_assertnonnull(ucp); + ut_asserteq(-ENODEV, ecdsa_verify(&info, NULL, 0, NULL, 0)); + + return 0; +} +DM_TEST(dm_test_ecdsa_verify, UT_TESTF_SCAN_PDATA | UT_TESTF_SCAN_FDT);