[U-Boot] [PATCH v1 0/3] rsa: extend rsa_verify() for UEFI secure boot
Heinrich Schuchardt
xypron.glpk at gmx.de
Sun Oct 13 14:16:29 UTC 2019
On 10/9/19 7:30 AM, AKASHI Takahiro wrote:
> The current rsa_verify() requires five parameters for a RSA public key
> for efficiency while RSA, in theory, requires only two. In addition,
> those parameters are expected to come from FIT image.
>
> So this function won't fit very well when we want to use it for the purpose
> of implementing UEFI secure boot, in particular, image authentication
> as well as variable authentication, where the essential two parameters
> are set to be retrieved from one of X509 certificates in signature
> database.
>
> So, in this patch, additional three parameters will be calculated
> on the fly when rsa_verify() is called without fdt which should contain
> parameters above.
>
> This calculation heavily relies on "big-number (or multi-precision)
> library." Therefore some routines from BearSSL[1] under MIT license are
> imported in this implementation. See Patch#2.
> # Please let me know if this is not appropriate.
>
> # Checkpatch will complain with lots of warnings/errors, but
> # I intentionally don't fix them for maximum maintainability.
This patch series does not even compile:
https://travis-ci.org/xypron2/u-boot/builds/596983699
+common/image-sig.c:20:22: error: array type has incomplete element type
'struct checksum_algo'
+ struct checksum_algo checksum_algos[] = {
+ ^~~~~~~~~~~~~~
+common/image-sig.c:22:3: error: field name not in record or union
initializer
+ .name = "sha1",
+ ^
Before resubmitting, please, run the whole series through Travis CI or
Gitlab CI.
Best regards
Heinrich
>
> [1] https://bearssl.org/
>
> Changes in v1 (Oct 9, 2019)
> * fix a build error on pine64-lts_defconfig (reported by Heinrich)
> by defining FIT_IMAGE_ENABLE_VERIFY flag and adding
> SPL_RSA_VERIFY config (patch#1)
> * remove FIT-specific code from image-sig.c and put them to new
> image-fit-sig.c to allow us to disable CONFIG_FIT_SIGNATURE (patch#1)
> * compile rsa-keyprop.c only if necessary (i.e. if
> CONFIG_RSA_VERIFY_WITH_PKEY) (patch#2)
> * add SPDX license identifier in rsa-keyprop.c (patch#2)
> * include <common.h> instead of <stdio.h> (patch#2)
> * use U-Boot's byteorder helper functions instead of BearSSL's (patch#2)
>
> AKASHI Takahiro (3):
> lib: rsa: decouple rsa from FIT image verification
> lib: rsa: generate additional parameters for public key
> lib: rsa: add rsa_verify_with_pkey()
>
> Kconfig | 1 +
> common/Makefile | 3 +-
> common/image-fit-sig.c | 417 +++++++++++++++++++++++++
> common/image-fit.c | 6 +-
> common/image-sig.c | 396 ------------------------
> include/image.h | 14 +-
> include/u-boot/rsa-mod-exp.h | 3 +
> lib/rsa/Kconfig | 12 +
> lib/rsa/Makefile | 2 +-
> lib/rsa/rsa-keyprop.c | 585 +++++++++++++++++++++++++++++++++++
> lib/rsa/rsa-verify.c | 65 +++-
> tools/Makefile | 2 +-
> 12 files changed, 1095 insertions(+), 411 deletions(-)
> create mode 100644 common/image-fit-sig.c
> create mode 100644 lib/rsa/rsa-keyprop.c
>
More information about the U-Boot
mailing list