[U-Boot] [RFC 0/9] import x509/pkcs7 parsers from linux

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

From: AKASHI Takahiro <takahiro.akashi@linaro.org>
To: u-boot@lists.denx.de
Subject: [U-Boot] [RFC 0/9] import x509/pkcs7 parsers from linux
Date: Thu, 3 Oct 2019 14:51:41 +0900	[thread overview]
Message-ID: <20191003055140.GH18778@linaro.org> (raw)
In-Reply-To: <20190903054246.32258-1-takahiro.akashi@linaro.org>

Ping.

Does anybody have any comments on this patch set?
Happy or unhappy with my approach here?

Thanks,
-Takahiro Akashi

On Tue, Sep 03, 2019 at 02:42:37PM +0900, AKASHI Takahiro wrote:
> Asn1 parsers of x509 certificates and pkcs7 messages are required
> to implement image authentication and variable authentication as
> part of UEFI secure boot feature.
> 
> As we discussed before in the thread[1], most people insisted that
> we should re-use corresponding source code from Linux repository
> for this purpose.
> 
> Here is my attempt to import all the necessary files from Linux; Those
> will eventually be part of UEFI secure boot implementation, but I'd like
> to get early feedback from other peoples before submitting the whole
> patchset so that they will be better formatted for merging.
> 
> My approach here is
> * files from Linux 5.0
>   (will be updated to the latest when I will submit them as finalized
>    patches.)
> * modify files as little as possible
> * mark/protect unavoidable changes with "#if(n)def __UBOOT__"
> so that future fixes/differences in Linux repository will easily
> be applied to U-Boot.
> 
> Please note that checkpatch.pl will complain with a bunch of
> warnings/errors but I intentionally left them unchanged for the sake
> of better maintainability I said above.
> 
> Any comments will be appreciated.
> -Takahiro Akashi
> 
> [1] https://lists.denx.de/pipermail/u-boot/2019-April/366423.html
> 
> AKASHI Takahiro (9):
>   cmd: add asn1_compiler
>   Makefile: add build script for asn1 parsers
>   lib: add asn1 decoder
>   lib: add oid registry utility
>   lib: crypto: add public key utility
>   lib: crypto: add public_key_verify_signature()
>   lib: crypto: add x509 parser
>   lib: crypto: add pkcs7 message parser
>   lib: crypto: add rsa public key parser
> 
>  cmd/Kconfig                       |    3 +
>  include/crypto/internal/rsa.h     |   62 ++
>  include/crypto/pkcs7.h            |   51 +
>  include/crypto/public_key.h       |   89 ++
>  include/keys/asymmetric-type.h    |   92 ++
>  include/linux/asn1.h              |   69 ++
>  include/linux/asn1_ber_bytecode.h |   93 ++
>  include/linux/asn1_decoder.h      |   24 +
>  include/linux/oid_registry.h      |  103 ++
>  lib/Kconfig                       |   12 +
>  lib/Makefile                      |   18 +
>  lib/asn1_decoder.c                |  520 ++++++++++
>  lib/build_OID_registry            |  207 ++++
>  lib/crypto/Kconfig                |   38 +
>  lib/crypto/Makefile               |   46 +
>  lib/crypto/asymmetric_type.c      |  655 ++++++++++++
>  lib/crypto/pkcs7.asn1             |  135 +++
>  lib/crypto/pkcs7_parser.c         |  690 ++++++++++++
>  lib/crypto/pkcs7_parser.h         |   69 ++
>  lib/crypto/public_key.c           |  344 ++++++
>  lib/crypto/public_key_local.c     |   69 ++
>  lib/crypto/rsa_helper.c           |   81 ++
>  lib/crypto/rsapubkey.asn1         |    4 +
>  lib/crypto/x509.asn1              |   60 ++
>  lib/crypto/x509_akid.asn1         |   35 +
>  lib/crypto/x509_cert_parser.c     |  644 ++++++++++++
>  lib/crypto/x509_parser.h          |   61 ++
>  lib/crypto/x509_public_key.c      |  284 +++++
>  lib/oid_registry.c                |  178 ++++
>  scripts/Makefile                  |    3 +
>  scripts/Makefile.build            |    2 +-
>  scripts/asn1_compiler.c           | 1615 +++++++++++++++++++++++++++++
>  32 files changed, 6355 insertions(+), 1 deletion(-)
>  create mode 100644 include/crypto/internal/rsa.h
>  create mode 100644 include/crypto/pkcs7.h
>  create mode 100644 include/crypto/public_key.h
>  create mode 100644 include/keys/asymmetric-type.h
>  create mode 100644 include/linux/asn1.h
>  create mode 100644 include/linux/asn1_ber_bytecode.h
>  create mode 100644 include/linux/asn1_decoder.h
>  create mode 100644 include/linux/oid_registry.h
>  create mode 100644 lib/asn1_decoder.c
>  create mode 100755 lib/build_OID_registry
>  create mode 100644 lib/crypto/Kconfig
>  create mode 100644 lib/crypto/Makefile
>  create mode 100644 lib/crypto/asymmetric_type.c
>  create mode 100644 lib/crypto/pkcs7.asn1
>  create mode 100644 lib/crypto/pkcs7_parser.c
>  create mode 100644 lib/crypto/pkcs7_parser.h
>  create mode 100644 lib/crypto/public_key.c
>  create mode 100644 lib/crypto/public_key_local.c
>  create mode 100644 lib/crypto/rsa_helper.c
>  create mode 100644 lib/crypto/rsapubkey.asn1
>  create mode 100644 lib/crypto/x509.asn1
>  create mode 100644 lib/crypto/x509_akid.asn1
>  create mode 100644 lib/crypto/x509_cert_parser.c
>  create mode 100644 lib/crypto/x509_parser.h
>  create mode 100644 lib/crypto/x509_public_key.c
>  create mode 100644 lib/oid_registry.c
>  create mode 100644 scripts/asn1_compiler.c
> 
> -- 
> 2.21.0
>

     prev parent reply	other threads:[~2019-10-03  5:51 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-03  5:42 [U-Boot] [RFC 0/9] import x509/pkcs7 parsers from linux AKASHI Takahiro
2019-09-03  5:42 ` [U-Boot] [RFC 1/9] cmd: add asn1_compiler AKASHI Takahiro
2019-09-03  5:42 ` [U-Boot] [RFC 2/9] Makefile: add build script for asn1 parsers AKASHI Takahiro
2019-09-03  5:42 ` [U-Boot] [RFC 3/9] lib: add asn1 decoder AKASHI Takahiro
2019-09-03  5:42 ` [U-Boot] [RFC 4/9] lib: add oid registry utility AKASHI Takahiro
2019-09-03  5:42 ` [U-Boot] [RFC 5/9] lib: crypto: add public key utility AKASHI Takahiro
2019-09-03  5:42 ` [U-Boot] [RFC 6/9] lib: crypto: add public_key_verify_signature() AKASHI Takahiro
2019-09-03  5:42 ` [U-Boot] [RFC 7/9] lib: crypto: add x509 parser AKASHI Takahiro
2019-09-03  5:42 ` [U-Boot] [RFC 8/9] lib: crypto: add pkcs7 message parser AKASHI Takahiro
2019-09-03  5:42 ` [U-Boot] [RFC 9/9] lib: crypto: add rsa public key parser AKASHI Takahiro
2019-10-03  5:51 ` AKASHI Takahiro [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191003055140.GH18778@linaro.org \
    --to=takahiro.akashi@linaro.org \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox