[RFC PATCH v3 2/8] lib: crypto: allow to build crypyo in SPL

Simon Glass sjg at chromium.org
Thu Nov 25 01:12:50 CET 2021


On Wed, 17 Nov 2021 at 10:52, Philippe Reynes
<philippe.reynes at softathome.com> wrote:
>
> This commit adds the options:
> - SPL_ASYMMETRIC_KEY_TYPE
> - SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> - SPL_RSA_PUBLIC_KEY_PARSER
>
> Signed-off-by: Philippe Reynes <philippe.reynes at softathome.com>
> ---
>  lib/Makefile        |  2 +-
>  lib/crypto/Kconfig  | 15 +++++++++++++++
>  lib/crypto/Makefile | 19 +++++++++++++------
>  3 files changed, 29 insertions(+), 7 deletions(-)
>

Please add in the help.


> diff --git a/lib/Makefile b/lib/Makefile
> index 900e684d62..df70917b49 100644
> --- a/lib/Makefile
> +++ b/lib/Makefile
> @@ -17,7 +17,6 @@ obj-$(CONFIG_OF_LIVE) += of_live.o
>  obj-$(CONFIG_CMD_DHRYSTONE) += dhry/
>  obj-$(CONFIG_ARCH_AT91) += at91/
>  obj-$(CONFIG_OPTEE_LIB) += optee/
> -obj-y += crypto/
>
>  obj-$(CONFIG_AES) += aes.o
>  obj-$(CONFIG_AES) += aes/
> @@ -57,6 +56,7 @@ obj-$(CONFIG_TPM_V1) += tpm-v1.o
>  obj-$(CONFIG_TPM_V2) += tpm-v2.o
>  endif
>
> +obj-y += crypto/
>  obj-$(CONFIG_$(SPL_)ACPIGEN) += acpi/
>  obj-$(CONFIG_$(SPL_)MD5) += md5.o
>  obj-$(CONFIG_ECDSA) += ecdsa/
> diff --git a/lib/crypto/Kconfig b/lib/crypto/Kconfig
> index 6369bafac0..9351865f2c 100644
> --- a/lib/crypto/Kconfig
> +++ b/lib/crypto/Kconfig
> @@ -8,6 +8,10 @@ menuconfig ASYMMETRIC_KEY_TYPE
>
>  if ASYMMETRIC_KEY_TYPE
>
> +config SPL_ASYMMETRIC_KEY_TYPE
> +       bool "Asymmetric (public-key cryptographic) key Support within SPL"
> +       depends on SPL
> +
>  config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
>         bool "Asymmetric public-key crypto algorithm subtype"
>         help
> @@ -16,6 +20,10 @@ config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
>           appropriate hash algorithms (such as SHA-1) must be available.
>           ENOPKG will be reported if the requisite algorithm is unavailable.
>
> +config SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> +       bool "Asymmetric public-key crypto algorithm subtype within SPL"
> +       depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> +
>  config RSA_PUBLIC_KEY_PARSER
>         bool "RSA public key parser"
>         depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> @@ -27,6 +35,13 @@ config RSA_PUBLIC_KEY_PARSER
>           public key data and provides the ability to instantiate a public
>           key.
>
> +config SPL_RSA_PUBLIC_KEY_PARSER
> +       bool "RSA public key parser within SPL"
> +       depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> +       select SPL_ASN1_DECODER
> +       select ASN1_COMPILER
> +       select SPL_OID_REGISTRY
> +
>  config X509_CERTIFICATE_PARSER
>         bool "X.509 certificate parser"
>         depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
> index f3a414525d..6792b1d4f0 100644
> --- a/lib/crypto/Makefile
> +++ b/lib/crypto/Makefile
> @@ -3,27 +3,34 @@
>  # Makefile for asymmetric cryptographic keys
>  #
>
> -obj-$(CONFIG_ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o
> +obj-$(CONFIG_$(SPL_)ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o
>
>  asymmetric_keys-y := asymmetric_type.o
>
> -obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o
> +obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o
>
>  #
>  # RSA public key parser
>  #
> -obj-$(CONFIG_RSA_PUBLIC_KEY_PARSER) += rsa_public_key.o
> +obj-$(CONFIG_$(SPL_)RSA_PUBLIC_KEY_PARSER) += rsa_public_key.o
>  rsa_public_key-y := \
>         rsapubkey.asn1.o \
>         rsa_helper.o
>
>  $(obj)/rsapubkey.asn1.o: $(obj)/rsapubkey.asn1.c $(obj)/rsapubkey.asn1.h
> +ifdef CONFIG_SPL_BUILD
> +CFLAGS_rsapubkey.asn1.o += -I$(obj)
> +endif
> +
>  $(obj)/rsa_helper.o: $(obj)/rsapubkey.asn1.h
> +ifdef CONFIG_SPL_BUILD
> +CFLAGS_rsa_helper.o += -I$(obj)
> +endif
>
>  #
>  # X.509 Certificate handling
>  #
> -obj-$(CONFIG_X509_CERTIFICATE_PARSER) += x509_key_parser.o
> +obj-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER) += x509_key_parser.o
>  x509_key_parser-y := \
>         x509.asn1.o \
>         x509_akid.asn1.o \
> @@ -40,11 +47,11 @@ $(obj)/x509_akid.asn1.o: $(obj)/x509_akid.asn1.c $(obj)/x509_akid.asn1.h
>  #
>  # PKCS#7 message handling
>  #
> -obj-$(CONFIG_PKCS7_MESSAGE_PARSER) += pkcs7_message.o
> +obj-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += pkcs7_message.o
>  pkcs7_message-y := \
>         pkcs7.asn1.o \
>         pkcs7_parser.o
> -obj-$(CONFIG_PKCS7_VERIFY) += pkcs7_verify.o
> +obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
>
>  $(obj)/pkcs7_parser.o: $(obj)/pkcs7.asn1.h
>  $(obj)/pkcs7.asn1.o: $(obj)/pkcs7.asn1.c $(obj)/pkcs7.asn1.h
> --
> 2.17.1
>


More information about the U-Boot mailing list