[U-Boot] [PATCH 3/9] [v4] DM: crypto/rsa: Add rsa Modular Exponentiation DM driver

Simon Glass sjg at chromium.org
Fri Jan 2 23:24:16 CET 2015


Hi Ruchika,

On 30 December 2014 at 02:30, Ruchika Gupta <ruchika.gupta at freescale.com> wrote:
> Add a new rsa uclass for performing modular exponentiation and implement
> the software driver basing on this uclass.
>
> Signed-off-by: Ruchika Gupta <ruchika.gupta at freescale.com>
> CC: Simon Glass <sjg at chromium.org>
> ---
> Changes in v4:
> Removed Kconfig option for DM_RSA
> Corrected driver name for sw rsa driver
> Updated the rsa_mod_exp operation to have output length
>
> Changes in v3:
> New patch with driver model for RSA UCLASS
>
>  drivers/crypto/Makefile         |  1 +
>  drivers/crypto/rsa/Makefile     |  7 +++++++
>  drivers/crypto/rsa/rsa_sw.c     | 39 +++++++++++++++++++++++++++++++++++++++
>  drivers/crypto/rsa/rsa_uclass.c | 31 +++++++++++++++++++++++++++++++
>  include/dm/uclass-id.h          |  1 +
>  include/u-boot/rsa-mod-exp.h    | 37 +++++++++++++++++++++++++++++++++++++
>  6 files changed, 116 insertions(+)
>  create mode 100644 drivers/crypto/rsa/Makefile
>  create mode 100644 drivers/crypto/rsa/rsa_sw.c
>  create mode 100644 drivers/crypto/rsa/rsa_uclass.c

Again I'm a bit worried we are going off into the weeds.

Is this an RSA driver or a modular exponentiation driver? It seems
like the latter to me. If so, the uclass should be UCLASS_MOD_EXP, not
UCLASS_RSA, and the files and directories should be renames also. Some
hardware will implement the entire RSA algorithm, which would be a
true RSA uclass. Here I think you are only doing part of it.

Other than that rename the code looks fine.

Minor point: again I don't see the value of returning the same value
as sig_len, so you may as well drop those last two args to mod_exp() -
unless I am missing something.

>
> diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
> index 7b79237..a2f30fc 100644
> --- a/drivers/crypto/Makefile
> +++ b/drivers/crypto/Makefile
> @@ -6,4 +6,5 @@
>  #
>
>  obj-$(CONFIG_EXYNOS_ACE_SHA)   += ace_sha.o
> +obj-y += rsa/
>  obj-y += fsl/
> diff --git a/drivers/crypto/rsa/Makefile b/drivers/crypto/rsa/Makefile
> new file mode 100644
> index 0000000..927c5bd
> --- /dev/null
> +++ b/drivers/crypto/rsa/Makefile
> @@ -0,0 +1,7 @@
> +#
> +# (C) Copyright 2014 Freescale Semiconductor, Inc.
> +#
> +# SPDX-License-Identifier:     GPL-2.0+
> +#
> +
> +obj-$(CONFIG_RSA) += rsa_uclass.o rsa_sw.o
> diff --git a/drivers/crypto/rsa/rsa_sw.c b/drivers/crypto/rsa/rsa_sw.c
> new file mode 100644
> index 0000000..3dcd512
> --- /dev/null
> +++ b/drivers/crypto/rsa/rsa_sw.c
> @@ -0,0 +1,39 @@
> +/*
> + * (C) Copyright 2014 Freescale Semiconductor, Inc.
> + * Author: Ruchika Gupta <ruchika.gupta at freescale.com>
> + *
> + * SPDX-License-Identifier:    GPL-2.0+
> + */
> +
> +#include <config.h>
> +#include <common.h>
> +#include <dm.h>
> +#include <u-boot/rsa-mod-exp.h>
> +
> +int mod_exp_sw(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
> +               struct key_prop *prop, uint8_t **outp, uint32_t *out_len)
> +{
> +       int ret = 0;
> +
> +       ret = rsa_mod_exp_sw(sig, sig_len, prop, outp, out_len);
> +       if (ret) {
> +               debug("%s: RSA failed to verify: %d\n", __func__, ret);
> +               return ret;
> +       }
> +
> +       return 0;
> +}
> +
> +static const struct rsa_ops rsa_ops_sw = {
> +       .mod_exp        = mod_exp_sw,
> +};
> +
> +U_BOOT_DRIVER(rsa_sw) = {
> +       .name   = "rsa_sw",
> +       .id     = UCLASS_RSA,
> +       .ops    = &rsa_ops_sw,
> +};
> +
> +U_BOOT_DEVICE(rsa_sw) = {
> +       .name = "rsa_sw",
> +};
> diff --git a/drivers/crypto/rsa/rsa_uclass.c b/drivers/crypto/rsa/rsa_uclass.c
> new file mode 100644
> index 0000000..4d52dcc
> --- /dev/null
> +++ b/drivers/crypto/rsa/rsa_uclass.c
> @@ -0,0 +1,31 @@
> +/*
> + * (C) Copyright 2014 Freescale Semiconductor, Inc
> + * Author: Ruchika Gupta <ruchika.gupta at freescale.com>
> + *
> + * SPDX-License-Identifier:    GPL-2.0+
> + */
> +
> +#include <common.h>
> +#include <dm.h>
> +#include <u-boot/rsa-mod-exp.h>
> +#include <errno.h>
> +#include <fdtdec.h>
> +#include <malloc.h>
> +#include <asm/io.h>
> +#include <linux/list.h>
> +
> +int rsa_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
> +               struct key_prop *node, uint8_t **out, uint32_t *out_len)
> +{
> +       const struct rsa_ops *ops = device_get_ops(dev);
> +
> +       if (!ops->mod_exp)
> +               return -ENOSYS;
> +
> +       return ops->mod_exp(dev, sig, sig_len, node, out, out_len);
> +}
> +
> +UCLASS_DRIVER(rsa) = {
> +       .id             = UCLASS_RSA,
> +       .name           = "rsa",
> +};
> diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h
> index f17c3c2..823e43c 100644
> --- a/include/dm/uclass-id.h
> +++ b/include/dm/uclass-id.h
> @@ -33,6 +33,7 @@ enum uclass_id {
>         UCLASS_I2C,             /* I2C bus */
>         UCLASS_I2C_GENERIC,     /* Generic I2C device */
>         UCLASS_I2C_EEPROM,      /* I2C EEPROM device */
> +       UCLASS_RSA,             /* RSA Mod Exp device */
>
>         UCLASS_COUNT,
>         UCLASS_INVALID = -1,
> diff --git a/include/u-boot/rsa-mod-exp.h b/include/u-boot/rsa-mod-exp.h
> index 7b74f3c..417e468 100644
> --- a/include/u-boot/rsa-mod-exp.h
> +++ b/include/u-boot/rsa-mod-exp.h
> @@ -46,4 +46,41 @@ struct key_prop {
>  int rsa_mod_exp_sw(const uint8_t *sig, uint32_t sig_len,
>                 struct key_prop *node, uint8_t **outp, uint32_t *out_len);
>
> +int rsa_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
> +               struct key_prop *node, uint8_t **outp, uint32_t *out_len);
> +
> +/**
> + * struct struct rsa_ops - Driver model for RSA operations
> + *
> + * The uclass interface is implemented by all crypto devices which use
> + * driver model.
> + */
> +struct rsa_ops {
> +       /**
> +        * Perform Modular Exponentiation
> +        *
> +        * Operation: out[] = sig ^ exponent % modulus
> +        *
> +        * @dev:        RSA Device
> +        * @sig:        RSA PKCS1.5 signature
> +        * @sig_len:    Length of signature in number of bytes
> +        * @node:       Node with RSA key elements like modulus, exponent,
> +        *              R^2, n0inv
> +        * @outp:       Set to an allocated buffer holding the output hash
> +        * @out_len:    Set to length of hash(outp) calculated after
> +        *              exponentiation.
> +        *
> +        * This computes exponentiation over the signature. Resulting
> +        * hash value is placed in an allocated buffer, the pointer is
> +        * returned as *outp. The length of calulated hash is returned via
> +        * the out_len pointer argument. The caller should free *outp
> +        *
> +        * Returns: 0 if exponentiation is successful, or a negative value
> +        * if it wasn't.
> +        */
> +       int (*mod_exp)(struct udevice *dev, const uint8_t *sig,
> +                          uint32_t sig_len, struct key_prop *node,
> +                          uint8_t **outp, uint32_t *len);
> +};
> +
>  #endif
> --
> 1.8.1.4
>


More information about the U-Boot mailing list