[PATCH v4 2/6] lib: ecdsa: Add skeleton to implement ecdsa verification in u-boot

Simon Glass sjg at chromium.org
Fri Apr 23 01:55:57 CEST 2021


Hi Alex,

On Thu, 22 Apr 2021 at 07:30, Alex G. <mr.nuke.me at gmail.com> wrote:
>
> On 4/21/21 2:15 AM, Simon Glass wrote:
> > Hi Alexandru,
> >
> > On Fri, 16 Apr 2021 at 08:07, Alexandru Gagniuc <mr.nuke.me at gmail.com> wrote:
> >>
> >> Prepare the source tree for accepting implementations of the ECDSA
> >> algorithm. This patch deals with the boring aspects of Makefiles and
> >> Kconfig files.
> >>
> >> Signed-off-by: Alexandru Gagniuc <mr.nuke.me at gmail.com>
> >> ---
> >>   include/image.h          | 10 +++++-----
> >>   include/u-boot/rsa.h     |  2 +-
> >>   lib/Kconfig              |  1 +
> >>   lib/Makefile             |  1 +
> >>   lib/ecdsa/Kconfig        | 23 +++++++++++++++++++++++
> >>   lib/ecdsa/Makefile       |  1 +
> >>   lib/ecdsa/ecdsa-verify.c | 13 +++++++++++++
> >>   7 files changed, 45 insertions(+), 6 deletions(-)
> >>   create mode 100644 lib/ecdsa/Kconfig
> >>   create mode 100644 lib/ecdsa/Makefile
> >>   create mode 100644 lib/ecdsa/ecdsa-verify.c
> >
> > Reviewed-by: Simon Glass <sjg at chromium.org>
> >
> > nit below
> >
> >>
> >> diff --git a/include/image.h b/include/image.h
> >> index 3ff3c035a7..9b95f6783b 100644
> >> --- a/include/image.h
> >> +++ b/include/image.h
> >> @@ -1224,20 +1224,20 @@ int calculate_hash(const void *data, int data_len, const char *algo,
> >>   #if defined(USE_HOSTCC)
> >>   # if defined(CONFIG_FIT_SIGNATURE)
> >>   #  define IMAGE_ENABLE_SIGN    1
> >> -#  define IMAGE_ENABLE_VERIFY  1
> >> +#  define IMAGE_ENABLE_VERIFY_RSA      1
> >>   #  define IMAGE_ENABLE_VERIFY_ECDSA    1
> >>   #  define FIT_IMAGE_ENABLE_VERIFY      1
> >>   #  include <openssl/evp.h>
> >>   # else
> >>   #  define IMAGE_ENABLE_SIGN    0
> >> -#  define IMAGE_ENABLE_VERIFY  0
> >> +#  define IMAGE_ENABLE_VERIFY_RSA      0
> >>   # define IMAGE_ENABLE_VERIFY_ECDSA     0
> >>   #  define FIT_IMAGE_ENABLE_VERIFY      0
> >>   # endif
> >>   #else
> >>   # define IMAGE_ENABLE_SIGN     0
> >> -# define IMAGE_ENABLE_VERIFY           CONFIG_IS_ENABLED(RSA_VERIFY)
> >> -# define IMAGE_ENABLE_VERIFY_ECDSA     0
> >> +# define IMAGE_ENABLE_VERIFY_RSA       CONFIG_IS_ENABLED(RSA_VERIFY)
> >> +# define IMAGE_ENABLE_VERIFY_ECDSA     CONFIG_IS_ENABLED(ECDSA_VERIFY)
> >
> > Since we are using Kconfig now, can we drop this IMAGE_... stuff and
> > just use CONFIG_IS_ENABLED() in the code?
>
> CONFIG_IS_ENABLED() doesn't work for host tools.

I wonder if that and IS_ENABLED() can be fixed?

Regards,
Simon


More information about the U-Boot mailing list