ECDSA related PRs
Igor Opaniuk
igor.opaniuk at foundries.io
Wed Feb 28 20:51:52 CET 2024
Hi Bob,
On Wed, Feb 28, 2024 at 7:14 PM Bob Wolff <bob.wolff68 at gmail.com> wrote:
>
> Any thoughts on how to proceed with the issue mentioned about tinycrypt
> warnings/checks?
>
> Also, I'd like your advice - I was thinking for the larger patch that I'd
> do it in two commits. The first would be the addition of the tinycrypt
> files and the second is the actual changes and additions to support ecdsa
> verification. I doubt that's controversial. However when I run a trial
> `patman` against the tinycrypt commit, I geta huge number of issues:
> *checkpatch.pl <http://checkpatch.pl> found 186 error(s), 380
> warning(s), 481 checks(s)*
>
> What's your advice on this? I would tend to think we'd want to /not/ change
> the source files directly for such purposes so that updates could be
> brought in with greater ease.
I didn't form any opinion on that, hence asking.
Why not to backport existing ECC/ECDSA implementation from
Linux kernel (crypto/ecc.c, ./crypto/ecdsa.c), like it was already done
for RSA, X509 parser, ASN.1 decoder. Pulling the whole library into the
U-Boot source tree only just for ECDSA is a bit overkill IMO.
>
>
> On Thu, Feb 22, 2024 at 3:07 PM Bob Wolff <bob.wolff68 at gmail.com> wrote:
>
> > Peter,
> > Thanks for helping lead me down the right path here.
> >
> > WRT tinycrypt, the license is quite permissive.
> > https://github.com/intel/tinycrypt
> >
> > Also, I'd like your advice - I was thinking for the larger patch that I'd
> > do it in two commits. The first would be the addition of the tinycrypt
> > files and the second is the actual changes and additions to support ecdsa
> > verification. I doubt that's controversial. However when I run a trial
> > `patman` against the tinycrypt commit, I geta huge number of issues:
> > *checkpatch.pl <http://checkpatch.pl> found 186 error(s), 380
> > warning(s), 481 checks(s)*
> >
> > What's your advice on this? I would tend to think we'd want to /not/
> > change the source files directly for such purposes so that updates could be
> > brought in with greater ease.
> >
> > Let me know your thoughts.
> >
> > Thanks,
> > Bob Wolff
> >
> >
> >
> > On Wed, Feb 21, 2024 at 6:03 AM Peter Robinson <pbrobinson at gmail.com>
> > wrote:
> >
> >>
> >>
> >> On Wed, 21 Feb 2024, 11:30 Bob Wolff, <bob.wolff68 at gmail.com> wrote:
> >>
> >>> Hi there,
> >>> I have two separate but related pull requests I'd like to contribute.
> >>> They
> >>> both have to do with ECDSA support.
> >>> - The simple one is a lack of null-pointer check that can cause a crash
> >>> in
> >>> certain situations. Easy peasy.
> >>>
> >>
> >> Just send that one on it's own
> >>
> >> - The less simple one (and hopefully not too controversial) adds an ecdsa
> >>> verify driver (UCLASS_ECDSA) which utilizes tinycrypt to do the crypto
> >>> work.
> >>>
> >>
> >> Do we already use tiny crypt in the project, if not things like license
> >> need to be taken into account in the context of the GPLv2
> >>
> >> Please advise on how best to proceed. Happy to work within the confines of
> >>> what works best for the larger group.
> >>>
> >>> Thanks,
> >>> Bob Wolff
> >>>
> >>
--
Best regards - Freundliche Grüsse - Meilleures salutations
Igor Opaniuk
Senior Software Engineer, Embedded & Security
E: igor.opaniuk at foundries.io
W: www.foundries.io
More information about the U-Boot
mailing list