On 06.09.24 12:40, Sascha Hauer wrote: > This series implements ECDSA signature verification for FIT images. > The ECDSA code itself is taken from the Kernel. Currently only supported > way to specify a ECDSA key is to compile it into the binary using > CONFIG_CRYPTO_ECDSA_KEY, taking it from a device tree is not yet > supported. The series is missing my Reviewed-by's. I am not sure if it's because all commits have changed so much. To avoid reviewing code I already looked at before, I have only done a brief check. Cheers, Ahmad > > Changes since v2: > - fix endianess problems when ECDSA keys are built for a machine with > different endianess > - add struct public_key as a container for different key types > - make FIT image code use generic public key functions > - drop ECDSA dts snippet support (not needed, doesn't work) > - pass NULL to EVP_PKEY_get_utf8_string_param() > > Sascha Hauer (15): > keytoc: remove ECDSA dts support > keytoc: fail in case gen_key() fails > keytoc: fix ECDSA endianess problems > keytoc: remove duplicate __ENV__ check > crypto: Makefile: make simpler > keytoc: make key name hint optional > crypto: rsa: include key name hint into CONFIG_CRYPTO_RSA_KEY > crypto: rsa: encapsulate rsa keys in public keys struct > crypto: add public_key functions > crypto: builtin_keys: Allow to specify multiple keys in > CONFIG_CRYPTO_PUBLIC_KEYS > crypto: public-keys: use array of public_keys > crypto: rsa: create static inline wrapper for rsa_verify() > Add elliptic curve cryptography (ECC) helper functions > crypto: add ECDSA support > crypto: make RSA a visible option > > common/Kconfig | 1 - > common/image-fit.c | 20 +- > crypto/Kconfig | 37 +- > crypto/Makefile | 20 +- > crypto/ecc.c | 1661 +++++++++++++++++++++++++++++ > crypto/ecc_curve_defs.h | 155 +++ > crypto/ecdsa.c | 140 +++ > crypto/public-keys.c | 107 ++ > crypto/rsa.c | 95 +- > include/asm-generic/barebox.lds.h | 10 +- > include/crypto/ecc_curve.h | 62 ++ > include/crypto/ecdh.h | 83 ++ > include/crypto/internal/ecc.h | 278 +++++ > include/crypto/public_key.h | 36 + > include/ecdsa.h | 42 + > include/rsa.h | 35 +- > scripts/Makefile.lib | 2 +- > scripts/keytoc.c | 119 ++- > 18 files changed, 2718 insertions(+), 185 deletions(-) > create mode 100644 crypto/ecc.c > create mode 100644 crypto/ecc_curve_defs.h > create mode 100644 crypto/ecdsa.c > create mode 100644 crypto/public-keys.c > create mode 100644 include/crypto/ecc_curve.h > create mode 100644 include/crypto/ecdh.h > create mode 100644 include/crypto/internal/ecc.h > create mode 100644 include/crypto/public_key.h > create mode 100644 include/ecdsa.h > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
