From patchwork Fri Jan 23 10:31:54 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ruchika Gupta X-Patchwork-Id: 432130 X-Patchwork-Delegate: sjg@chromium.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from theia.denx.de (theia.denx.de [85.214.87.163]) by ozlabs.org (Postfix) with ESMTP id 8518D1402AE for ; Fri, 23 Jan 2015 21:35:25 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 0B1844B64D; Fri, 23 Jan 2015 11:35:21 +0100 (CET) Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W9pLaGnbPaYe; Fri, 23 Jan 2015 11:35:20 +0100 (CET) Received: from theia.denx.de (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 20AE94B62C; Fri, 23 Jan 2015 11:35:20 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 367614B612 for ; Fri, 23 Jan 2015 11:35:15 +0100 (CET) Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JN2vwlaqpyjh for ; Fri, 23 Jan 2015 11:35:15 +0100 (CET) X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 (only DNSBL check requested) Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0138.outbound.protection.outlook.com [157.56.111.138]) by theia.denx.de (Postfix) with ESMTPS id 9FA0A4B610 for ; Fri, 23 Jan 2015 11:35:11 +0100 (CET) Received: from BN3PR0301CA0007.namprd03.prod.outlook.com (25.160.180.145) by BN3PR0301MB1283.namprd03.prod.outlook.com (25.161.210.147) with Microsoft SMTP Server (TLS) id 15.1.65.19; Fri, 23 Jan 2015 10:35:09 +0000 Received: from BL2FFO11FD053.protection.gbl (2a01:111:f400:7c09::100) by BN3PR0301CA0007.outlook.office365.com (2a01:111:e400:4000::17) with Microsoft SMTP Server (TLS) id 15.1.59.20 via Frontend Transport; Fri, 23 Jan 2015 10:35:09 +0000 Received: from tx30smr01.am.freescale.net (192.88.168.50) by BL2FFO11FD053.mail.protection.outlook.com (10.173.161.181) with Microsoft SMTP Server (TLS) id 15.1.75.11 via Frontend Transport; Fri, 23 Jan 2015 10:35:09 +0000 Received: from perf-idc04.ap.freescale.net (perf-idc04.ap.freescale.net [10.232.14.49]) by tx30smr01.am.freescale.net (8.14.3/8.14.0) with ESMTP id t0NAXxgh009406; Fri, 23 Jan 2015 03:35:07 -0700 From: Ruchika Gupta To: Date: Fri, 23 Jan 2015 16:01:54 +0530 Message-ID: <1422009119-533-5-git-send-email-ruchika.gupta@freescale.com> X-Mailer: git-send-email 1.8.1.4 In-Reply-To: <1422009119-533-1-git-send-email-ruchika.gupta@freescale.com> References: <1422009119-533-1-git-send-email-ruchika.gupta@freescale.com> X-EOPAttributedMessage: 0 Received-SPF: Fail (protection.outlook.com: domain of freescale.com does not designate 192.88.168.50 as permitted sender) receiver=protection.outlook.com; client-ip=192.88.168.50; helo=tx30smr01.am.freescale.net; Authentication-Results: spf=fail (sender IP is 192.88.168.50) smtp.mailfrom=ruchika.gupta@freescale.com; chromium.org; dkim=none (message not signed) header.d=none;chromium.org; dmarc=permerror action=none header.from=freescale.com; X-Forefront-Antispam-Report: CIP:192.88.168.50; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(86362001)(50986999)(46102003)(62966003)(575784001)(76176999)(36756003)(2950100001)(77156002)(85426001)(92566002)(77096005)(50466002)(110136001)(2351001)(229853001)(50226001)(19580405001)(105606002)(47776003)(19580395003)(6806004)(104016003)(106466001)(33646002)(48376002)(87936001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR0301MB1283; H:tx30smr01.am.freescale.net; FPR:; SPF:None; MLV:sfv; LANG:en; MIME-Version: 1.0 X-DmarcAction-Test: None X-Microsoft-Antispam: UriScan:; X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:(3005004);SRVR:BN3PR0301MB1283; X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004); SRVR:BN3PR0301MB1283; X-Forefront-PRVS: 0465429B7F X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:; SRVR:BN3PR0301MB1283; X-OriginatorOrg: freescale.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2015 10:35:09.2393 (UTC) X-MS-Exchange-CrossTenant-Id: 710a03f5-10f6-4d38-9ff4-a80b81da590d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=710a03f5-10f6-4d38-9ff4-a80b81da590d; Ip=[192.88.168.50] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0301MB1283 Cc: Ruchika Gupta Subject: [U-Boot] [PATCH 05/10][v6] lib/rsa: Modify rsa to use DM driver X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.13 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: u-boot-bounces@lists.denx.de Errors-To: u-boot-bounces@lists.denx.de Modify rsa_verify to use the rsa driver of DM library .The tools will continue to use the same RSA sw library. CONFIG_RSA is now dependent on CONFIG_DM. All configurations which enable FIT based signatures have been modified to enable CONFIG_DM by default. Signed-off-by: Ruchika Gupta CC: Simon Glass Acked-by: Simon Glass --- Changes in v6: No Changes Changes in v5: Added signature option in am335x_boneblack_vboot_defconfig Made changes in rsa-verify.c as suggested by Simon Changes in v4: Make CONFIG_RSA always depenedent on Driver Model. Add CONFIG_DM in defconfigs of the platforms which enable CONFIG_FIT_SIGNATURE Changes in v3: New patch README | 7 ++++++- configs/am335x_boneblack_vboot_defconfig | 4 ++++ configs/ids8313_defconfig | 1 + configs/sandbox_defconfig | 1 + configs/zynq_microzed_defconfig | 1 + configs/zynq_zc70x_defconfig | 1 + configs/zynq_zc770_xm010_defconfig | 1 + configs/zynq_zc770_xm012_defconfig | 1 + configs/zynq_zc770_xm013_defconfig | 1 + configs/zynq_zed_defconfig | 1 + configs/zynq_zybo_defconfig | 1 + include/configs/am335x_evm.h | 6 ++---- include/configs/sandbox.h | 1 - lib/rsa/rsa-verify.c | 14 ++++++++++++++ 14 files changed, 35 insertions(+), 6 deletions(-) diff --git a/README b/README index fefa71c..cac7978 100644 --- a/README +++ b/README @@ -3176,8 +3176,13 @@ CBFS (Coreboot Filesystem) support This enables the RSA algorithm used for FIT image verification in U-Boot. See doc/uImage.FIT/signature.txt for more information. + The Modular Exponentiation algorithm in RSA is implemented using + driver model. So CONFIG_DM needs to be enabled by default for this + library to function. + The signing part is build into mkimage regardless of this - option. + option. The software based modular exponentiation is built into + mkimage irrespective of this option. - bootcount support: CONFIG_BOOTCOUNT_LIMIT diff --git a/configs/am335x_boneblack_vboot_defconfig b/configs/am335x_boneblack_vboot_defconfig index 5837a0a..51bf370 100644 --- a/configs/am335x_boneblack_vboot_defconfig +++ b/configs/am335x_boneblack_vboot_defconfig @@ -4,3 +4,7 @@ CONFIG_SYS_EXTRA_OPTIONS="EMMC_BOOT,ENABLE_VBOOT" +S:CONFIG_TARGET_AM335X_EVM=y CONFIG_OF_CONTROL=y CONFIG_DEFAULT_DEVICE_TREE="am335x-boneblack" +CONFIG_FIT=y +CONFIG_FIT_VERBOSE=y +CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/ids8313_defconfig b/configs/ids8313_defconfig index 8479cd4..0950ec8 100644 --- a/configs/ids8313_defconfig +++ b/configs/ids8313_defconfig @@ -4,3 +4,4 @@ CONFIG_MPC83xx=y CONFIG_FIT=y CONFIG_FIT_SIGNATURE=y CONFIG_TARGET_IDS8313=y +CONFIG_DM=y diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig index 0111f25..660063e 100644 --- a/configs/sandbox_defconfig +++ b/configs/sandbox_defconfig @@ -3,4 +3,5 @@ CONFIG_OF_HOSTFILE=y CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y CONFIG_DEFAULT_DEVICE_TREE="sandbox" diff --git a/configs/zynq_microzed_defconfig b/configs/zynq_microzed_defconfig index b9a6fe5..8b985fe 100644 --- a/configs/zynq_microzed_defconfig +++ b/configs/zynq_microzed_defconfig @@ -6,4 +6,5 @@ CONFIG_OF_CONTROL=y CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y CONFIG_DEFAULT_DEVICE_TREE="zynq-microzed" diff --git a/configs/zynq_zc70x_defconfig b/configs/zynq_zc70x_defconfig index dc8aa84..cceb321 100644 --- a/configs/zynq_zc70x_defconfig +++ b/configs/zynq_zc70x_defconfig @@ -7,3 +7,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zc702" CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/zynq_zc770_xm010_defconfig b/configs/zynq_zc770_xm010_defconfig index 2f5fa8c..2935c0d 100644 --- a/configs/zynq_zc770_xm010_defconfig +++ b/configs/zynq_zc770_xm010_defconfig @@ -8,3 +8,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zc770-xm010" CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/zynq_zc770_xm012_defconfig b/configs/zynq_zc770_xm012_defconfig index a92d495..0401739 100644 --- a/configs/zynq_zc770_xm012_defconfig +++ b/configs/zynq_zc770_xm012_defconfig @@ -8,3 +8,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zc770-xm012" CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/zynq_zc770_xm013_defconfig b/configs/zynq_zc770_xm013_defconfig index 3a02f75..a95970a 100644 --- a/configs/zynq_zc770_xm013_defconfig +++ b/configs/zynq_zc770_xm013_defconfig @@ -8,3 +8,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zc770-xm013" CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/zynq_zed_defconfig b/configs/zynq_zed_defconfig index 1d816f6..0fbc41a 100644 --- a/configs/zynq_zed_defconfig +++ b/configs/zynq_zed_defconfig @@ -7,3 +7,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zed" CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/zynq_zybo_defconfig b/configs/zynq_zybo_defconfig index 9183629..4e66760 100644 --- a/configs/zynq_zybo_defconfig +++ b/configs/zynq_zybo_defconfig @@ -7,3 +7,4 @@ CONFIG_DEFAULT_DEVICE_TREE="zynq-zybo" CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/include/configs/am335x_evm.h b/include/configs/am335x_evm.h index f9bc23b..76ce7de 100644 --- a/include/configs/am335x_evm.h +++ b/include/configs/am335x_evm.h @@ -19,13 +19,11 @@ #include #ifndef CONFIG_SPL_BUILD +#ifndef CONFIG_FIT # define CONFIG_FIT +#endif # define CONFIG_TIMESTAMP # define CONFIG_LZO -# ifdef CONFIG_ENABLE_VBOOT -# define CONFIG_FIT_SIGNATURE -# define CONFIG_RSA -# endif #endif #define CONFIG_SYS_BOOTM_LEN (16 << 20) diff --git a/include/configs/sandbox.h b/include/configs/sandbox.h index 6fd29b9..e9d3f32 100644 --- a/include/configs/sandbox.h +++ b/include/configs/sandbox.h @@ -23,7 +23,6 @@ #define CONFIG_BOOTSTAGE #define CONFIG_BOOTSTAGE_REPORT -#define CONFIG_DM #define CONFIG_CMD_DEMO #define CONFIG_CMD_DM #define CONFIG_DM_DEMO diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index f8bc086..da45daf 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -12,6 +12,7 @@ #include #include #include +#include #else #include "fdt_host.h" #include "mkimage.h" @@ -43,6 +44,9 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig, const uint8_t *padding; int pad_len; int ret; +#if !defined(USE_HOSTCC) + struct udevice *mod_exp_dev; +#endif if (!prop || !sig || !hash || !algo) return -EIO; @@ -63,7 +67,17 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig, uint8_t buf[sig_len]; +#if !defined(USE_HOSTCC) + ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev); + if (ret) { + printf("RSA: Can't find Modular Exp implementation\n"); + return -EINVAL; + } + + ret = rsa_mod_exp(mod_exp_dev, sig, sig_len, prop, buf); +#else ret = rsa_mod_exp_sw(sig, sig_len, prop, buf); +#endif if (ret) { debug("Error in Modular exponentation\n"); return ret;