Asn1 parsers of x509 certificates and pkcs7 messages are required to implement image authentication and variable authentication as part of UEFI secure boot feature.
As we discussed before in the thread[1], most people insisted that we should re-use corresponding source code from Linux repository for this purpose. Here is my attempt to import all the necessary files from Linux; Those will eventually be part of UEFI secure boot implementation, but I'd like to get early feedback from other peoples before submitting the whole patchset so that they will be better formatted for merging. My approach here is * files from Linux 5.0 (will be updated to the latest when I will submit them as finalized patches.) * modify files as little as possible * mark/protect unavoidable changes with "#if(n)def __UBOOT__" so that future fixes/differences in Linux repository will easily be applied to U-Boot. Please note that checkpatch.pl will complain with a bunch of warnings/errors but I intentionally left them unchanged for the sake of better maintainability I said above. Any comments will be appreciated. -Takahiro Akashi [1] https://lists.denx.de/pipermail/u-boot/2019-April/366423.html AKASHI Takahiro (9): cmd: add asn1_compiler Makefile: add build script for asn1 parsers lib: add asn1 decoder lib: add oid registry utility lib: crypto: add public key utility lib: crypto: add public_key_verify_signature() lib: crypto: add x509 parser lib: crypto: add pkcs7 message parser lib: crypto: add rsa public key parser cmd/Kconfig | 3 + include/crypto/internal/rsa.h | 62 ++ include/crypto/pkcs7.h | 51 + include/crypto/public_key.h | 89 ++ include/keys/asymmetric-type.h | 92 ++ include/linux/asn1.h | 69 ++ include/linux/asn1_ber_bytecode.h | 93 ++ include/linux/asn1_decoder.h | 24 + include/linux/oid_registry.h | 103 ++ lib/Kconfig | 12 + lib/Makefile | 18 + lib/asn1_decoder.c | 520 ++++++++++ lib/build_OID_registry | 207 ++++ lib/crypto/Kconfig | 38 + lib/crypto/Makefile | 46 + lib/crypto/asymmetric_type.c | 655 ++++++++++++ lib/crypto/pkcs7.asn1 | 135 +++ lib/crypto/pkcs7_parser.c | 690 ++++++++++++ lib/crypto/pkcs7_parser.h | 69 ++ lib/crypto/public_key.c | 344 ++++++ lib/crypto/public_key_local.c | 69 ++ lib/crypto/rsa_helper.c | 81 ++ lib/crypto/rsapubkey.asn1 | 4 + lib/crypto/x509.asn1 | 60 ++ lib/crypto/x509_akid.asn1 | 35 + lib/crypto/x509_cert_parser.c | 644 ++++++++++++ lib/crypto/x509_parser.h | 61 ++ lib/crypto/x509_public_key.c | 284 +++++ lib/oid_registry.c | 178 ++++ scripts/Makefile | 3 + scripts/Makefile.build | 2 +- scripts/asn1_compiler.c | 1615 +++++++++++++++++++++++++++++ 32 files changed, 6355 insertions(+), 1 deletion(-) create mode 100644 include/crypto/internal/rsa.h create mode 100644 include/crypto/pkcs7.h create mode 100644 include/crypto/public_key.h create mode 100644 include/keys/asymmetric-type.h create mode 100644 include/linux/asn1.h create mode 100644 include/linux/asn1_ber_bytecode.h create mode 100644 include/linux/asn1_decoder.h create mode 100644 include/linux/oid_registry.h create mode 100644 lib/asn1_decoder.c create mode 100755 lib/build_OID_registry create mode 100644 lib/crypto/Kconfig create mode 100644 lib/crypto/Makefile create mode 100644 lib/crypto/asymmetric_type.c create mode 100644 lib/crypto/pkcs7.asn1 create mode 100644 lib/crypto/pkcs7_parser.c create mode 100644 lib/crypto/pkcs7_parser.h create mode 100644 lib/crypto/public_key.c create mode 100644 lib/crypto/public_key_local.c create mode 100644 lib/crypto/rsa_helper.c create mode 100644 lib/crypto/rsapubkey.asn1 create mode 100644 lib/crypto/x509.asn1 create mode 100644 lib/crypto/x509_akid.asn1 create mode 100644 lib/crypto/x509_cert_parser.c create mode 100644 lib/crypto/x509_parser.h create mode 100644 lib/crypto/x509_public_key.c create mode 100644 lib/oid_registry.c create mode 100644 scripts/asn1_compiler.c -- 2.21.0 _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
