[EXTERNAL] Re: [PATCH v2 6/6] test: dm: Add test for ECDSA UCLASS support
Tom Rini
trini at konsulko.com
Sat Apr 24 15:30:28 CEST 2021
On Fri, Apr 23, 2021 at 01:03:25PM -0400, Tim Romanski wrote:
> Update on ECDSA verification progress, I've forked Alex's repo and have
> included my changes in the 'ecdsa-vrf-1' branch [1]. This includes the
> isolated OpenSSL code for verification, and I split up the
> lib/ecdsa/ecdsa-libcrypto.c file into lib/ecdsa/ecdsa-sign.c and
> lib/ecdsa/ecdsa-verify.c. I've also included unit tests under
> test/py/tests/test_vboot_ecdsa.py, which test ECDSA with the sha1 and sha256
> digest algos. There are some outstanding changes to be made before it's
> ready for review, mainly cleaning up the OpenSSL code as it has redundant
> code still included though it works without any additional dependencies, and
> better integration with U-Boot's build system. Currently I've added a new
> Kconfig setting to turn on ECDSA signing/verification called
> "CONFIG_FIT_SIGNATURE_ECDSA" in common/Kconfig.boot which sets config
> options "CONFIG_ECDSA" and "CONFIG_ECDSA_VERIFY". This is done mainly to
> replicate how the RSA config was setup, though creating
> "CONFIG_FIT_SIGNATURE_ECDSA" separate from "CONFIG_FIT_SIGNATURE" feels
> messy, there's probably a better approach.
>
> Today is also my last day at my internship. Deskin, a team member of mine at
> Microsoft who was keeping an eye on the project, will be the main point of
> contact from here (deskinm at linux.microsoft.com) though I can also be reached
> at timromanski at gmail.com (CC'd) and will be responsive if there are any
> questions.
>
> All the best,
Thanks for all your effort on this!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20210424/7033f20e/attachment.sig>
More information about the U-Boot
mailing list