Hi Alex, On Fri, 14 May 2021 at 15:17, Alex G. <mr.nuke...@gmail.com> wrote: > > > > On 5/14/21 3:44 PM, Simon Glass wrote: > > Hi Alex, > > > > On Fri, 14 May 2021 at 14:38, Alex G. <mr.nuke...@gmail.com> wrote: > >> > >> > >> > >> On 5/6/21 9:24 AM, Simon Glass wrote: > >>> Add host Kconfigs for FIT_SIGN and RSA_VERIFY. With these we can > >>> use CONFIG_IS_ENABLED() directly in the host build, so drop the > >>> unnecessary indirections IMAGE_ENABLE_SIGN and HOST_RSA_VERIFY. > >>> Also drop FIT_IMAGE_ENABLE_VERIFY which is not actually used. > >>> > >>> Leave IMAGE_ENABLE_VERIFY_ECDSA along since this feature is > >>> incomplete and needs to be integrated with RSA. > >>> > >>> Signed-off-by: Simon Glass <s...@chromium.org> --- > >>> > >>> (no changes since v1) > >>> > >>> common/image-fit.c | 6 +++--- common/image-sig.c | 10 > >>> +++++----- include/image.h | 13 ++----------- > >>> include/u-boot/ecdsa.h | 2 +- include/u-boot/rsa.h | 4 ++-- > >>> tools/Kconfig | 10 ++++++++++ tools/image-host.c | > >>> 4 ++-- 7 files changed, 25 insertions(+), 24 deletions(-) > >>> > >>> diff --git a/common/image-fit.c b/common/image-fit.c index > >>> c13ff6bba24..e81a0858dc1 100644 --- a/common/image-fit.c +++ > >>> b/common/image-fit.c @@ -1301,7 +1301,7 @@ int > >>> fit_image_verify_with_data(const void *fit, int image_noffset, > >>> int ret; > >>> > >>> /* Verify all required signatures */ - if > >>> (FIT_IMAGE_ENABLE_VERIFY && + if > >>> (CONFIG_IS_ENABLED(RSA_VERIFY) && > >> > >> NAK. Having verification depend directly on CONFIG_RSA_VERIFY will > >> make adding ECDSA support that much more convoluted. > > > > Let me counter-NAK. > > > > The ECDSA needs to be integrated into the RSA stuff, as we have done > > with hashing. E.g. CONFIG_VERIFY that enables the feature, with a > > driver to select which methods are supported. > > Then why not add a CONFIG_(SPL_)VERIFY to this patch instead of > replacing a common define with an algo-secific CONFIG?
That would be a separate series. CONFIG_RSA_VERIFY is not new and adding an SPL / host version of it is the goal here. > > > I think I mentioned that in the original review. > > You did. Integrating ECDSA with RSA is orthogonal to ECDSA verification. > I like the motivation behind this cosmetic series, but it is > creating unnecessary complications to adding the ECDSA features. RSA and ECDSA should have a common API on the board, with a linker list. The sooner that happens (even with an dummy ECDSA impl), the better. > > "It is relatively straightforward to add new algorithms if required. > [...] If another algorithm is needed (such as DSA) then it can be > placed alongside rsa.c, and its functions added to the table in > image-sig.c also." > > That's from doc/uImage.FIT/signature.txt. Seems like we're changing goal > posts as the balls are already in the air. I want to tone down this > series, pick a few patches that I really like, combine them with some of > my changes and submit a co-authored series with the uncontroversial changes. > > I posted a parallel series which eliminates IMAGE_ENABLE_VERIFY_ECDSA, > and is far less intrusive. I was already trying to combine it with some > patches in this series. Let's see how that goes See above. The goal of my series is to remove #ifdefs from image code. If your approach can do that, or some combination, that is fine with me. Regards, SImon