From: Alexandru Gagniuc <mr.nuke.me@gmail.com>
To: u-boot@lists.denx.de
Subject: [PATCH v2 1/6] dm: crypto: Define UCLASS API for ECDSA signature verification
Date: Mon, 15 Mar 2021 19:24:27 -0500 [thread overview]
Message-ID: <20210316002432.2581891-2-mr.nuke.me@gmail.com> (raw)
In-Reply-To: <20210316002432.2581891-1-mr.nuke.me@gmail.com>
Define a UCLASS API for verifying ECDSA signatures. Unlike
UCLASS_MOD_EXP, which focuses strictly on modular exponentiation,
the ECDSA class focuses on verification. This is done so that it
better aligns with mach-specific implementations, such as stm32mp.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
---
include/crypto/ecdsa-uclass.h | 39 +++++++++++++++++++++++++++++++++++
include/dm/uclass-id.h | 1 +
2 files changed, 40 insertions(+)
create mode 100644 include/crypto/ecdsa-uclass.h
diff --git a/include/crypto/ecdsa-uclass.h b/include/crypto/ecdsa-uclass.h
new file mode 100644
index 0000000000..189843820a
--- /dev/null
+++ b/include/crypto/ecdsa-uclass.h
@@ -0,0 +1,39 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright (c) 2020, Alexandru Gagniuc <mr.nuke.me@gmail.com>
+ */
+
+#include <dm/device.h>
+
+/**
+ * struct ecdsa_public_key - ECDSA public key properties
+ *
+ * The struct has pointers to the (x, y) curve coordinates to an ECDSA public
+ * key, as well as the name of the ECDSA curve. The size of the key is inferred
+ * from the 'curve_name'
+ */
+struct ecdsa_public_key {
+ const char *curve_name; /* Name of curve, e.g. "prime256v1" */
+ const void *x; /* x coordinate of public key */
+ const void *y; /* y coordinate of public key */
+ unsigned int size_bits; /* key size in bits, derived from curve name */
+};
+
+struct ecdsa_ops {
+ /**
+ * Verify signature of hash against given public key
+ *
+ * @dev: ECDSA Device
+ * @pubkey: ECDSA public key
+ * @hash: Hash of binary image
+ * @hash_len: Length of hash in bytes
+ * @signature: Signature in a raw (R, S) point pair
+ * @sig_len: Length of signature in bytes
+ *
+ * This function verifies that the 'signature' of the given 'hash' was
+ * signed by the private key corresponding to 'pubkey'.
+ */
+ int (*verify)(struct udevice *dev, const struct ecdsa_public_key *pubkey,
+ const void *hash, size_t hash_len,
+ const void *signature, size_t sig_len);
+};
diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h
index d75de368c5..f335f4e5a4 100644
--- a/include/dm/uclass-id.h
+++ b/include/dm/uclass-id.h
@@ -47,6 +47,7 @@ enum uclass_id {
UCLASS_DSI_HOST, /* Display Serial Interface host */
UCLASS_DMA, /* Direct Memory Access */
UCLASS_DSA, /* Distributed (Ethernet) Switch Architecture */
+ UCLASS_ECDSA, /* Elliptic curve cryptographic device */
UCLASS_EFI, /* EFI managed devices */
UCLASS_ETH, /* Ethernet device */
UCLASS_ETH_PHY, /* Ethernet PHY device */
--
2.26.2
next prev parent reply other threads:[~2021-03-16 0:24 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-16 0:24 [PATCH v2 0/6] Enable ECDSA FIT verification for stm32mp Alexandru Gagniuc
2021-03-16 0:24 ` Alexandru Gagniuc [this message]
2021-03-29 7:43 ` [PATCH v2 1/6] dm: crypto: Define UCLASS API for ECDSA signature verification Simon Glass
2021-03-29 23:03 ` Alex G.
2021-03-16 0:24 ` [PATCH v2 2/6] lib: ecdsa: Add skeleton to implement ecdsa verification in u-boot Alexandru Gagniuc
2021-03-29 7:43 ` Simon Glass
2021-03-16 0:24 ` [PATCH v2 3/6] lib: ecdsa: Implement signature verification for crypto_algo API Alexandru Gagniuc
2021-03-16 0:24 ` [PATCH v2 4/6] arm: stm32mp1: Implement ECDSA signature verification Alexandru Gagniuc
2021-03-16 0:24 ` [PATCH v2 5/6] Kconfig: FIT_SIGNATURE should not select RSA_VERIFY Alexandru Gagniuc
2021-03-16 0:24 ` [PATCH v2 6/6] test: dm: Add test for ECDSA UCLASS support Alexandru Gagniuc
2021-03-29 7:43 ` Simon Glass
2021-03-29 18:42 ` Alex G.
2021-03-30 18:27 ` [EXTERNAL] " Tim Romanski
2021-04-07 17:29 ` Tim Romanski
2021-04-07 20:03 ` Alex G.
2021-04-08 16:56 ` Tim Romanski
2021-04-08 17:05 ` Alex G.
2021-04-23 17:03 ` Tim Romanski
2021-04-24 13:30 ` Tom Rini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210316002432.2581891-2-mr.nuke.me@gmail.com \
--to=mr.nuke.me@gmail.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.