[PATCH v7 01/15] ecdsa: fix support of secp521r1

Tom Rini trini at konsulko.com
Fri May 29 17:34:59 CEST 2026 

On Fri, May 29, 2026 at 02:16:55AM -0500, Simon Glass wrote:
> Hi Philippe,
> 
> On 2026-05-28T08:19:01, Philippe Reynes <philippe.reynes at softathome.com> wrote:
> > ecdsa: fix support of secp521r1
> >
> > Current implementation of ecdsa only supports key len aligned on
> > 8 bits. But the curve secp521r1 uses a key of 521 bits which is not
> > aligned on 8 bits. In this commit, we update the keys management
> > for ecdsa to support keys that are not aligned on 8 bits.
> >
> > Reviewed-by: Raymond Mao <raymondmaoca at gmail.com>
> > Signed-off-by: Philippe Reynes <philippe.reynes at softathome.com>
> >
> > lib/ecdsa/ecdsa-libcrypto.c | 65 +++++++++++++++++++++++++++++++++++++++++++--
> >  lib/ecdsa/ecdsa-verify.c    | 65 ++++++++++++++++++++++++++++++++++++++++++---
> >  lib/fdt-libcrypto.c         |  2 +-
> >  tools/image-sig-host.c      |  7 +++++
> >  4 files changed, 132 insertions(+), 7 deletions(-)
> 
> Reviewed-by: Simon Glass <sjg at chromium.org>
> 
> questions / nits below
> 
> > diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c
> > @@ -41,10 +43,26 @@ struct ecdsa_public_key {
> > +static char *memdup(char *buf, size_t size)
> > +{
> > +     char *dup;
> > +
> > +     dup = malloc(size);
> > +     if (dup)
> > +             memcpy(dup, buf, size);
> > +
> > +     return dup;
> > +}
> 
> Please match the U-Boot signature: void *memdup(const void *src,
> size_t len) (see include/linux/string.h). Making buf const lets the
> call sites lose the (char *) casts. Also note that fdt_get_key() now
> hands back malloc'd buffers - please spell out the caller's free
> responsibility in a function comment.

Simon, I've noticed of late that you're providing a lot of Reviewed-by
tags in the same email that you provide a lot of substantial and
non-trivial feedback. This would normally negate the Reviewed-by tag, so
can you please refrain from providing both the tag and feedback in the
same email? Thanks.

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20260529/4e6f94e0/attachment.sig>

More information about the U-Boot mailing list