From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alex G. <mr.nuke.me@gmail.com>
Date: Thu, 7 Jan 2021 12:44:17 -0600
Subject: [PATCH RFC v2 5/5] test/py: ecdsa: Add test for mkimage ECDSA
 signing
In-Reply-To: <CAPnjgZ35k-1AmhjbjM6UquPuE+FoMkMZMN9rdNb1J_HDEQFqFA@mail.gmail.com>
References: <20201230210028.4065824-1-mr.nuke.me@gmail.com>
 <20201230210028.4065824-6-mr.nuke.me@gmail.com>
 <CAPnjgZ1xaws_s99A=bKZCzu2z_0qqHKYYjeiw=z=O03vKROqcQ@mail.gmail.com>
 <d982915d-6839-0796-0237-8aeb466c063a@gmail.com>
 <CAPnjgZ35k-1AmhjbjM6UquPuE+FoMkMZMN9rdNb1J_HDEQFqFA@mail.gmail.com>
Message-ID: <85673082-07b8-79b1-9e8e-6a0f61bf94be@gmail.com>
List-Id: <u-boot.lists.denx.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: u-boot@lists.denx.de

On 1/7/21 11:31 AM, Simon Glass wrote:
> Hi Alex,
> 
> On Thu, 7 Jan 2021 at 09:44, Alex G. <mr.nuke.me@gmail.com> wrote:
>>
>>
>>
>> On 1/7/21 6:35 AM, Simon Glass wrote:
>>> Hi Alexandru,
>>>
>>> On Wed, 30 Dec 2020 at 14:00, Alexandru Gagniuc <mr.nuke.me@gmail.com> wrote:
>>>>
>>>> Add a test to make sure that the ECDSA signatures generated by
>>>> mkimage can be verified successfully. pyCryptodomex was chosen as the
>>>> crypto library because it integrates much better with python code.
>>>> Using openssl would have been unnecessarily painful.
>>>>
>>>> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
>>>> ---
>>>>    test/py/tests/test_fit_ecdsa.py | 111 ++++++++++++++++++++++++++++++++
>>>>    1 file changed, 111 insertions(+)
>>>>    create mode 100644 test/py/tests/test_fit_ecdsa.py
>>>>
>>>
>>> This test looks fine but the functions need full comments. I do think
>>> it might be worth putting the code in test_vboot, particularly when
>>> you get to the sandbox implementation.
>>
>> test_vboot seems to be testing the bootm command, while with this test
> 
> It also runs fit_check_sign to check the signature.

Hmm, it backends on tools/check_fit_sign. Would be an interesting 
execrise to extend it ecdsa signatures, but that would take 
significantly more effort than the simple test I am proposing here.

>> I'm only looking to test the host-side (mkimage). In the next series, I
>> won't have a software implementation of ECDSA, like RSA_MOD_EXP. I will
>> use the ROM on the stm32mp. So there won't be somthing testable in the
>> sandbox.
> 
> I'm not sure that is a good idea. With driver model you'll end up
> creating a ECDSA driver I suppose, so implementing it for sandbox
> should be possible. Is it a complicated algorithm? 

A software implementation of ECDSA is outside the scope of my project.

> Without that, I'm not even sure how fit_check_sign could work?

It uses the ops->verify in ecdsa-libcrypto, does it not?

> 
> [..]
> 
> Regards,
> Simon
>