Re: [U-Boot] [PATCH 3/9] [v3] DM: crypto/rsa: Add rsa Modular Exponentiation DM driver

Mon, 29 Dec 2014 12:25:05 -0800 

Hi Ruchika,

On 28 December 2014 at 20:53, Ruchika Gupta <ruchika.gu...@freescale.com> wrote:
> Re-sending as delivery to uboot mailing list failed last time...
>
> Hi Simon,
>
> Thanks for the review comments.
>
>> -----Original Message-----
>> From: s...@google.com [mailto:s...@google.com] On Behalf Of Simon Glass
>> Sent: Wednesday, December 24, 2014 6:19 AM
>> To: Gupta Ruchika-R66431
>> Cc: U-Boot Mailing List; Sun York-R58495
>> Subject: Re: [PATCH 3/9] [v3] DM: crypto/rsa: Add rsa Modular
>> Exponentiation DM driver
>>
>> Hi Ruchika,
>>
>> On 23 December 2014 at 04:32, Ruchika Gupta
>> <ruchika.gu...@freescale.com>
>> wrote:
>> > Add a new rsa uclass for performing modular exponentiation and
>> > implement the software driver basing on this uclass.
>> >
>> > Signed-off-by: Ruchika Gupta <ruchika.gu...@freescale.com>
>> > CC: Simon Glass <s...@chromium.org>
>> > ---
>> > Changes in v3:
>> > New patch with driver model for RSA UCLASS
>> >
>> >  drivers/crypto/Kconfig          |  1 +
>> >  drivers/crypto/Makefile         |  1 +
>> >  drivers/crypto/rsa/Kconfig      |  5 +++++
>> >  drivers/crypto/rsa/Makefile     |  8 ++++++++
>> >  drivers/crypto/rsa/rsa_sw.c     | 39
>> +++++++++++++++++++++++++++++++++++++++
>> >  drivers/crypto/rsa/rsa_uclass.c | 31 +++++++++++++++++++++++++++++++
>> >  include/dm/uclass-id.h          |  1 +
>> >  include/u-boot/rsa-mod-exp.h    | 40
>> ++++++++++++++++++++++++++++++++++++++++
>> >  8 files changed, 126 insertions(+)
>> >  create mode 100644 drivers/crypto/rsa/Kconfig  create mode 100644
>> > drivers/crypto/rsa/Makefile  create mode 100644
>> > drivers/crypto/rsa/rsa_sw.c  create mode 100644
>> > drivers/crypto/rsa/rsa_uclass.c
>> >
>> > diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index
>> > e69de29..75f3479 100644
>> > --- a/drivers/crypto/Kconfig
>> > +++ b/drivers/crypto/Kconfig
>> > @@ -0,0 +1 @@
>> > +source drivers/crypto/rsa/Kconfig
>> > diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile index
>> > 7b79237..a2f30fc 100644
>> > --- a/drivers/crypto/Makefile
>> > +++ b/drivers/crypto/Makefile
>> > @@ -6,4 +6,5 @@
>> >  #
>> >
>> >  obj-$(CONFIG_EXYNOS_ACE_SHA)   += ace_sha.o
>> > +obj-y += rsa/
>> >  obj-y += fsl/
>> > diff --git a/drivers/crypto/rsa/Kconfig b/drivers/crypto/rsa/Kconfig
>> > new file mode 100644 index 0000000..7eb90a1
>> > --- /dev/null
>> > +++ b/drivers/crypto/rsa/Kconfig
>> > @@ -0,0 +1,5 @@
>> > +config DM_RSA
>> > +       bool "Enable Driver Model for RSA "
>> > +       depends on DM
>> > +       help
>> > +         If you want to use driver model for RSA Modular
>> > +Exponentiation,
>> say Y.
>>
>> Can you send a new patch (later if you prefer) which removes this
>> option altogether? It should be the default. In other words, RSA
>> should always use driver model.
>
> If we make it mandatory for RSA to use driver model, all platforms would need 
> to use DM by default in their defconfig. Would that be acceptable ?
> Secondly if I force select DM and DM_RSA when CONFIG_RSA is selected, this 
> may result in duplication of CONFIG_DM with platforms having it defined 
> already.
> Please suggest.

Yes that is correct, all platforms with RSA can use DM. As far as I
know they do, but if not we can add a patch to fix that.

>
>>
>> > diff --git a/drivers/crypto/rsa/Makefile
>> > b/drivers/crypto/rsa/Makefile new file mode 100644 index
>> > 0000000..fae4f8c
>> > --- /dev/null
>> > +++ b/drivers/crypto/rsa/Makefile
>> > @@ -0,0 +1,8 @@
>> > +#
>> > +# (C) Copyright 2014 Freescale Semiconductor, Inc.
>> > +#
>> > +# SPDX-License-Identifier:     GPL-2.0+
>> > +#
>> > +
>> > +obj-$(CONFIG_DM_RSA) += rsa_uclass.o
>> > +obj-$(CONFIG_RSA_SW) += rsa_sw.o
>> > diff --git a/drivers/crypto/rsa/rsa_sw.c
>> > b/drivers/crypto/rsa/rsa_sw.c new file mode 100644 index
>> > 0000000..5d94754
>> > --- /dev/null
>> > +++ b/drivers/crypto/rsa/rsa_sw.c
>> > @@ -0,0 +1,39 @@
>> > +/*
>> > + * (C) Copyright 2014 Freescale Semiconductor, Inc.
>> > + * Author: Ruchika Gupta <ruchika.gu...@freescale.com>
>> > + *
>> > + * SPDX-License-Identifier:    GPL-2.0+
>> > + */
>> > +
>> > +#include <config.h>
>> > +#include <common.h>
>> > +#include <dm.h>
>> > +#include <u-boot/rsa-mod-exp.h>
>> > +
>> > +int mod_exp_sw(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
>> > +               struct key_prop *prop, uint8_t *out) {
>> > +       int ret = 0;
>> > +
>> > +       ret = rsa_mod_exp_sw(sig, sig_len, prop, out);
>> > +
>> > +       if (ret) {
>> > +               debug("%s: RSA failed to verify: %d\n", __func__, ret);
>> > +               return ret;
>> > +       }
>> > +       return 0;
>> > +}
>> > +
>> > +static const struct rsa_ops rsa_ops_sw = {
>> > +       .get_mod_exp    = mod_exp_sw,
>> > +};
>> > +
>> > +U_BOOT_DRIVER(fsl_rsa) = {
>> > +       .name   = "rsa_sw",
>> > +       .id     = UCLASS_RSA,
>> > +       .ops    = &rsa_ops_sw,
>> > +};
>> > +
>> > +U_BOOT_DEVICE(rsa_sw) = {
>> > +       .name = "rsa_sw",
>> > +};
>> > diff --git a/drivers/crypto/rsa/rsa_uclass.c
>> > b/drivers/crypto/rsa/rsa_uclass.c new file mode 100644 index
>> > 0000000..f4f4f39
>> > --- /dev/null
>> > +++ b/drivers/crypto/rsa/rsa_uclass.c
>> > @@ -0,0 +1,31 @@
>> > +/*
>> > + * (C) Copyright 2014 Freescale Semiconductor, Inc
>> > + * Author: Ruchika Gupta <ruchika.gu...@freescale.com>
>> > + *
>> > + * SPDX-License-Identifier:    GPL-2.0+
>> > + */
>> > +
>> > +#include <common.h>
>> > +#include <dm.h>
>> > +#include <u-boot/rsa-mod-exp.h>
>> > +#include <errno.h>
>> > +#include <fdtdec.h>
>> > +#include <malloc.h>
>> > +#include <asm/io.h>
>> > +#include <linux/list.h>
>> > +
>> > +int rsa_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
>> > +               struct key_prop *node, uint8_t *out) {
>> > +       const struct rsa_ops *ops = device_get_ops(dev);
>> > +
>> > +       if (!ops->get_mod_exp)
>> > +               return -ENOSYS;
>> > +
>> > +       return ops->get_mod_exp(dev, sig, sig_len, node, out); }
>> > +
>> > +UCLASS_DRIVER(rsa) = {
>> > +       .id             = UCLASS_RSA,
>> > +       .name           = "rsa",
>> > +};
>> > diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h index
>> > f17c3c2..659369e 100644
>> > --- a/include/dm/uclass-id.h
>> > +++ b/include/dm/uclass-id.h
>> > @@ -33,6 +33,7 @@ enum uclass_id {
>> >         UCLASS_I2C,             /* I2C bus */
>> >         UCLASS_I2C_GENERIC,     /* Generic I2C device */
>> >         UCLASS_I2C_EEPROM,      /* I2C EEPROM device */
>> > +       UCLASS_RSA      ,       /* RSA Mod Exp device */
>>
>> Funny spacing here.
> Sorry, I will correct that.
>>
>> >
>> >         UCLASS_COUNT,
>> >         UCLASS_INVALID = -1,
>> > diff --git a/include/u-boot/rsa-mod-exp.h
>> > b/include/u-boot/rsa-mod-exp.h index 59cd9ea..7f7e196 100644
>> > --- a/include/u-boot/rsa-mod-exp.h
>> > +++ b/include/u-boot/rsa-mod-exp.h
>> > @@ -40,4 +40,44 @@ struct key_prop {  int rsa_mod_exp_sw(const
>> > uint8_t *sig, uint32_t sig_len,
>> >                 struct key_prop *node, uint8_t *out);
>> >
>> > +/**
>> > + * rsa_mod_exp - Perform RSA Modular Exponentiation
>> > + *
>> > + * Operation: out[] = sig ^ exponent % modulus
>> > + *
>> > + * @udev:      RSA Device
>> > + * @sig:       RSA PKCS1.5 signature
>> > + * @sig_len:   Length of signature in number of bytes
>> > + * @node:      Node with RSA key elements like modulus, exponent, R^2,
>> n0inv
>> > + * @out:       Result in form of byte array
>>
>> How big is this array?
> Thanks for pointing out. In next set of patch, I will change it to uint8_t 
> **out and introduce a uin32_t *out_len also. Ideally the implemntor of this 
> function should allocate out as per length required and return back the 
> pointer and the allocated length. This will also require change in patch 1 of 
> this series. I will change and float next version.

OK.

>
>>
>> > + */
>> > +int rsa_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
>> > +               struct key_prop *node, uint8_t *out);
>> > +
>> > +/**
>> > + * struct struct rsa_ops - Driver model for RSA operations
>> > + *
>> > + * The uclass interface is implemented by all crypto devices which
>> > +use
>> > + * driver model.
>> > + */
>> > +struct rsa_ops {
>> > +       /**
>> > +        * Perform Modular Exponentiation
>> > +        *
>> > +        * Operation: out[] = sig ^ exponent % modulus
>> > +        *
>> > +        * @dev:        RSA Device
>> > +        * @sig:        RSA PKCS1.5 signature
>> > +        * @sig_len:    Length of signature in number of bytes
>> > +        * @node:       Node with RSA key elements like modulus, exponent,
>> > +        *              R^2, n0inv
>> > +        * @out:        Result in form of byte array
>>
>> How big is this array?
> Same as above, I will change it to **outp and add a pointer for length
>>
>> > +        * Returns: 0 if exponentiation is succesful, or a negative
>> > + value
>>
>> successful
> Ok
>>
>> > +        * if it wasn't.
>> > +        */
>> > +       int (*get_mod_exp)(struct udevice *dev, const uint8_t *sig,
>>
>> mod_exp() is better I think, since it matches your function above.
> Ok. I will change it.
>>
>> > +                          uint32_t sig_len, struct key_prop *node,
>> > +                          uint8_t *out); };
>> > +
>> >  #endif
>> > --
>> > 1.8.1.4
>> >
>>

Regards,
Simon
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot

Reply via email to