[RFC PATCH v2 4/9] drivers: crypto: add software ecdsa support
Philippe Reynes
philippe.reynes at softathome.com
Tue Mar 31 15:05:13 CEST 2026
Hi Raymond,
Le 20/02/2026 à 17:40, Raymond Mao a écrit :
> This Mail comes from Outside of SoftAtHome: Do not answer, click links or open attachments unless you recognize the sender and know the content is safe.
>
> Hi Philippe,
>
> On Thu, Feb 19, 2026 at 8:26 AM Philippe Reynes
> <philippe.reynes at softathome.com> wrote:
>> Add an software ecdsa driver so it is
>> now possible to use ecdsa signature on
>> board without ecdsa hardware support.
>>
>> Signed-off-by: Philippe Reynes <philippe.reynes at softathome.com>
>> ---
>> v2:
>> - no change
>>
>> drivers/crypto/Kconfig | 2 ++
>> drivers/crypto/Makefile | 1 +
>> drivers/crypto/ecdsa/Kconfig | 6 ++++++
>> drivers/crypto/ecdsa/Makefile | 6 ++++++
>> drivers/crypto/ecdsa/ecdsa-sw.c | 33 +++++++++++++++++++++++++++++++++
>> 5 files changed, 48 insertions(+)
>> create mode 100644 drivers/crypto/ecdsa/Kconfig
>> create mode 100644 drivers/crypto/ecdsa/Makefile
>> create mode 100644 drivers/crypto/ecdsa/ecdsa-sw.c
>>
>> diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
>> index 0d58e3910fe..cf49e5c0f7e 100644
>> --- a/drivers/crypto/Kconfig
>> +++ b/drivers/crypto/Kconfig
>> @@ -12,4 +12,6 @@ source "drivers/crypto/nuvoton/Kconfig"
>>
>> source "drivers/crypto/tegra/Kconfig"
>>
>> +source "drivers/crypto/ecdsa/Kconfig"
>> +
>> endmenu
>> diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
>> index e4a4482b7f3..8170e4cae9c 100644
>> --- a/drivers/crypto/Makefile
>> +++ b/drivers/crypto/Makefile
>> @@ -4,6 +4,7 @@
>> # http://www.samsung.com/
>>
>> obj-$(CONFIG_EXYNOS_ACE_SHA) += ace_sha.o
>> +obj-$(CONFIG_ECDSA) += ecdsa/
>> obj-y += aes/
>> obj-y += rsa_mod_exp/
>> obj-y += fsl/
>> diff --git a/drivers/crypto/ecdsa/Kconfig b/drivers/crypto/ecdsa/Kconfig
>> new file mode 100644
>> index 00000000000..308824d8421
>> --- /dev/null
>> +++ b/drivers/crypto/ecdsa/Kconfig
>> @@ -0,0 +1,6 @@
>> +config ECDSA_SW
>> + bool "Enable driver for ECDSA in software"
>> + depends on ECDSA_MBEDTLS
>> + help
>> + Enable driver for ECDSA operations in software. Currently
>> + it supports multiple ECDSA algorithm.
>
> Same comments as I placed in your patch [0/9], ECDSA_SW is not
> required and can be replaced by ECDSA_MBEDTLS.
I have discovered that this driver should also depend on ECDSA_VERIFY.
Otherwise we may define a driver (defined in this file) without a device
(defined in lib/ecdsa/ecdsa-verify.c),
and that leads to a crash à boot.
So I have kept this config in v3.
>
> Regards,
> Raymond
Regards,
Philippe
>
>> diff --git a/drivers/crypto/ecdsa/Makefile b/drivers/crypto/ecdsa/Makefile
>> new file mode 100644
>> index 00000000000..8f9e5a767f8
>> --- /dev/null
>> +++ b/drivers/crypto/ecdsa/Makefile
>> @@ -0,0 +1,6 @@
>> +# SPDX-License-Identifier: GPL-2.0+
>> +#
>> +# Copyright (C) 2026 Philippe Reynes <philippe.reynes at softathome.com>
>> +#
>> +
>> +obj-$(CONFIG_ECDSA_SW) += ecdsa-sw.o
>> diff --git a/drivers/crypto/ecdsa/ecdsa-sw.c b/drivers/crypto/ecdsa/ecdsa-sw.c
>> new file mode 100644
>> index 00000000000..0d526371ecb
>> --- /dev/null
>> +++ b/drivers/crypto/ecdsa/ecdsa-sw.c
>> @@ -0,0 +1,33 @@
>> +// SPDX-License-Identifier: GPL-2.0+
>> +/*
>> + * Copyright (C) 2026 Philippe Reynes <philippe.reynes at softathome.com>
>> + */
>> +#include <dm/device.h>
>> +#include <linux/types.h>
>> +#include <u-boot/ecdsa.h>
>> +#include <crypto/ecdsa-uclass.h>
>> +#include <dm/platdata.h>
>> +#include <crypto/internal/sw_ecdsa.h>
>> +
>> +static int ops_sw_ecdsa_verify(__always_unused struct udevice *dev,
>> + const struct ecdsa_public_key *pubkey,
>> + const void *hash, size_t hash_len,
>> + const void *signature, size_t sig_len)
>> +{
>> + return sw_ecdsa_verify(pubkey, hash, hash_len, signature, sig_len);
>> +}
>> +
>> +static const struct ecdsa_ops sw_ecdsa_ops = {
>> + .verify = ops_sw_ecdsa_verify,
>> +};
>> +
>> +U_BOOT_DRIVER(sw_ecdsa) = {
>> + .name = "sw_ecdsa",
>> + .id = UCLASS_ECDSA,
>> + .ops = &sw_ecdsa_ops,
>> + .flags = DM_FLAG_PRE_RELOC,
>> +};
>> +
>> +U_BOOT_DRVINFO(sw_ecdsa) = {
>> + .name = "sw_ecdsa",
>> +};
>> --
>> 2.43.0
>>
More information about the U-Boot
mailing list