[PATCH v4 2/6] rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config

Fri Jan 17 03:24:01 CET 2020

On Tue, Jan 14, 2020 at 12:43:40PM +0100, Heinrich Schuchardt wrote:
> On 1/14/20 8:45 AM, AKASHI Takahiro wrote:
> >On Wed, Jan 08, 2020 at 01:35:13PM +0100, Heinrich Schuchardt wrote:
> >>On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
> >>>In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY,
> >>>rsa_verify() will be extended to be able to perform RSA decryption without
> >>>additional RSA key properties from FIT image, i.e. rr and n0inv.
> >>>
> >>>Signed-off-by: AKASHI Takahiro <takahiro.akashi at linaro.org>
> >>>Reviewed-by: Simon Glass <sjg at chromium.org>
> >>
> >>The patch series does not build for some configurations.
> >>
> >>>---
> >>>  lib/rsa/Kconfig | 14 ++++++++++++++
> >>>  1 file changed, 14 insertions(+)
> >>>
> >>>diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig
> >>>index 03ffa2969048..71e4c06bf883 100644
> >>>--- a/lib/rsa/Kconfig
> >>>+++ b/lib/rsa/Kconfig
> >>>@@ -30,6 +30,20 @@ config RSA_VERIFY
> >>>  	help
> >>>  	  Add RSA signature verification support.
> >>>
> >>>+config RSA_VERIFY_WITH_PKEY
> >>
> >>For CONFIG_RSA_VERIFY_WITH_PKEY=y and CONFIG_RSA_PUBLIC_KEY_PARSER=n
> >>I get an error:
> >
> >This error is inevitable as both RSA_VERIFY_WITH_PKEY and
> >RSA_PUBLIC_KEY_PARSER are "select"able configurations with
> >visible prompts and then
> 
> No, it is not inevitbable. Just ensure that in the Makefiles all modules
> are selected that you need for your configuration.

How?
Can you please show me a simple solution?

Thanks,
-Takahiro Akashi

> >we should generally avoid potential illegal configurations;
> 
> Yes, we want to avoid potentially illegal configurations everywhere.
> This is why we have a randconfig build target.
> 
> Best regards
> 
> Heinrich
> 
> >The one should NOT forcibly select the other as the kernel kconfig
> >document suggests.
> >
> >#  Note:
> >#        select should be used with care. select will force
> >#        a symbol to a value without visiting the dependencies.
> >#        By abusing select you are able to select a symbol FOO even
> >#        if FOO depends on BAR that is not set.
> >#        In general use select only for non-visible symbols
> >#        (no prompts anywhere) and for symbols with no dependencies.
> >#        That will limit the usefulness but on the other hand avoid
> >#        the illegal configurations all over.
> >
> >-Takahiro Akashi
> >
> >
> >>lib/rsa/rsa-keyprop.c:669: undefined reference to `rsa_parse_pub_key'
> >>
> >>RSA_PUBLIC_KEY_PARSER depends on
> >>ASYMMETRIC_KEY_TYPE [=n] && ASYMMETRIC_PUBLIC_KEY_SUBTYPE [=n]
> >>
> >>Please, fix the dependencies.
> >>
> >>Best regards
> >>
> >>Heinrich
> >>
> >>>+	bool "Execute RSA verification without key parameters from FDT"
> >>>+	depends on RSA
> >>>+	help
> >>>+	  The standard RSA-signature verification code (FIT_SIGNATURE) uses
> >>>+	  pre-calculated key properties, that are stored in fdt blob, in
> >>>+	  decrypting a signature.
> >>>+	  This does not suit the use case where there is no way defined to
> >>>+	  provide such additional key properties in standardized form,
> >>>+	  particularly UEFI secure boot.
> >>>+	  This options enables RSA signature verification with a public key
> >>>+	  directly specified in image_sign_info, where all the necessary
> >>>+	  key properties will be calculated on the fly in verification code.
> >>>+
> >>>  config RSA_SOFTWARE_EXP
> >>>  	bool "Enable driver for RSA Modular Exponentiation in software"
> >>>  	depends on DM
> >>>
> >
> 