[PATCH v3 0/3] aspeed: ast2700: Add Caliptra ECDSA driver
Chia-Wei Wang
chiawei_wang at aspeedtech.com
Mon Oct 14 11:56:17 CEST 2024
Aspeed AST2700 SoCs integrates the Caliptra secure IP, where an ECDSA384
signature verification HW interface is exported for SoC crypto needs.
This patch series firstly extends the FIT image signing/verify common
code to support the ECDSA384 algorithm. For better convenience, the
device tree for ECDSA public key storage is also revised by referring
to RSA implementations.
After the FIT common code revision, the driver is implemented for
AST2700 to leverage the Caliptra ECDSA384 signature verification.
These are verified by signed FIT images with the algorithm "sha384,ecdsa384".
v3 change:
- rebase on master branch and drop "[PATCH v2 2/4] lib: ecdsa: Create device
tree node automatically" due to the duplicate change.
v2 change:
- revise the commit message of padding check removal for better explanation
- remove redundant check in static function
- revise errno and error message as suggested by Simon
- collect Reviewed-by tags
Chia-Wei Wang (3):
lib: ecdsa: Add ECDSA384 support
image-fit-sig: Remove padding check
drivers/crypto: aspeed: Add Caliptra ECDSA384 support
boot/image-fit-sig.c | 2 +-
drivers/crypto/aspeed/Kconfig | 10 ++
drivers/crypto/aspeed/Makefile | 1 +
drivers/crypto/aspeed/cptra_ecdsa.c | 184 ++++++++++++++++++++++++++++
include/u-boot/ecdsa.h | 1 +
lib/ecdsa/ecdsa-verify.c | 14 ++-
tools/image-sig-host.c | 7 ++
7 files changed, 215 insertions(+), 4 deletions(-)
create mode 100644 drivers/crypto/aspeed/cptra_ecdsa.c
--
2.25.1
More information about the U-Boot
mailing list