Modify rsa_verify to use the rsa driver of DM library available.The tools and the configurations which don't use Driver Model, will continue to use the same RSA sw library. The software implementation of RSA Modular Exponentation is now compiled if RSA_MOD_EXP_SW is selected.
Kconfig options are also added for rsa library. Signed-off-by: Ruchika Gupta <ruchika.gu...@freescale.com> CC: Simon Glass <s...@chromium.org> --- Changes in v3: New patch include/configs/am335x_evm.h | 1 + lib/Kconfig | 6 +----- lib/rsa/Kconfig | 31 +++++++++++++++++++++++++++++++ lib/rsa/Makefile | 3 ++- lib/rsa/rsa-verify.c | 18 ++++++++++++++++++ 5 files changed, 53 insertions(+), 6 deletions(-) create mode 100644 lib/rsa/Kconfig diff --git a/include/configs/am335x_evm.h b/include/configs/am335x_evm.h index cc36985..aa79841 100644 --- a/include/configs/am335x_evm.h +++ b/include/configs/am335x_evm.h @@ -25,6 +25,7 @@ # ifdef CONFIG_ENABLE_VBOOT # define CONFIG_FIT_SIGNATURE # define CONFIG_RSA +# define CONFIG_RSA_MOD_EXP_SW # endif #endif diff --git a/lib/Kconfig b/lib/Kconfig index 602dd37..a1f30a2 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -27,10 +27,6 @@ config SYS_HZ get_timer() must operate in milliseconds and this option must be set to 1000. -config RSA - bool "Use RSA Library" - help - RSA support.This enables the RSA algorithm used for FIT image - verification in U-Boot. +source lib/rsa/Kconfig endmenu diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig new file mode 100644 index 0000000..8f9aa44 --- /dev/null +++ b/lib/rsa/Kconfig @@ -0,0 +1,31 @@ +config RSA + bool "Use RSA Library" + select RSA_MOD_EXP_SW if !DM + select DM_RSA if DM + help + RSA support.This enables the RSA algorithm used for FIT image + verification in U-Boot. + See doc/uImage.FIT/signature.txt for more details. + +if RSA && DM_RSA + +config RSA_SW + bool "User driver Model for RSA Modular Exponentiation in software" + depends on DM && DM_RSA && RSA + select RSA_MOD_EXP_SW + default y + help + Enables driver for modular exponentiation in software. This is a RSA + algorithm used in FIT image verification. It required RSA Key as + input. + See doc/uImage.FIT/signature.txt for more details. + +endif + +config RSA_MOD_EXP_SW + bool + default n + help + Library for SW implementation of RSA Modular Exponentiation. This + library is used by the mkimage tool(not selected through this option) + as well as by the RSA driver model with SW implementation. diff --git a/lib/rsa/Makefile b/lib/rsa/Makefile index cc25b3c..ccc6060 100644 --- a/lib/rsa/Makefile +++ b/lib/rsa/Makefile @@ -7,4 +7,5 @@ # SPDX-License-Identifier: GPL-2.0+ # -obj-$(CONFIG_FIT_SIGNATURE) += rsa-verify.o rsa-checksum.o rsa-mod-exp.o +obj-$(CONFIG_FIT_SIGNATURE) += rsa-verify.o rsa-checksum.o +obj-$(CONFIG_RSA_MOD_EXP_SW) += rsa-mod-exp.o diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index f8bc086..27f10ef 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -12,6 +12,7 @@ #include <asm/errno.h> #include <asm/types.h> #include <asm/unaligned.h> +#include <dm.h> #else #include "fdt_host.h" #include "mkimage.h" @@ -43,6 +44,9 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig, const uint8_t *padding; int pad_len; int ret; +#if defined(CONFIG_DM_RSA) && !defined(USE_HOSTCC) + struct udevice *rsa_dev; +#endif if (!prop || !sig || !hash || !algo) return -EIO; @@ -63,11 +67,25 @@ static int rsa_verify_key(struct key_prop *prop, const uint8_t *sig, uint8_t buf[sig_len]; +#if defined(CONFIG_DM_RSA) && !defined(USE_HOSTCC) + ret = uclass_get_device(UCLASS_RSA, 0, &rsa_dev); + if (!ret) { + ret = rsa_mod_exp(rsa_dev, sig, sig_len, prop, buf); + if (ret) { + debug("Error in Modular exponentation\n"); + return ret; + } + } else { + printf("RSA: Can't find Mod Exp implemnetation\n"); + return -EINVAL; + } +#else ret = rsa_mod_exp_sw(sig, sig_len, prop, buf); if (ret) { debug("Error in Modular exponentation\n"); return ret; } +#endif padding = algo->rsa_padding; pad_len = algo->pad_len - algo->checksum_len; -- 1.8.1.4 _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot