From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alex G. <mr.nuke.me@gmail.com>
Date: Thu, 14 Jan 2021 09:48:39 -0600
Subject: [PATCH v3 3/6] lib: Add support for ECDSA image signing
In-Reply-To: <CAPnjgZ196YMTdpveF=kvH_B-Eg9hjW+HPqv_waH3Y7SRB7zSdQ@mail.gmail.com>
References: <20210107223341.517268-1-mr.nuke.me@gmail.com>
 <20210107223341.517268-4-mr.nuke.me@gmail.com>
 <CAPnjgZ196YMTdpveF=kvH_B-Eg9hjW+HPqv_waH3Y7SRB7zSdQ@mail.gmail.com>
Message-ID: <cef8b45e-6545-934b-afd5-7a0b1045b320@gmail.com>
List-Id: <u-boot.lists.denx.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: u-boot@lists.denx.de



On 1/13/21 10:10 AM, Simon Glass wrote:
> On Thu, 7 Jan 2021 at 15:34, Alexandru Gagniuc <mr.nuke.me@gmail.com> wrote:
>>
>> mkimage supports rsa2048, and rsa4096 signatures. With newer silicon
>> now supporting hardware-accelerated ECDSA, it makes sense to expand
>> signing support to elliptic curves.
>>
>> Implement host-side ECDSA signing and verification with libcrypto.
>> Device-side implementation of signature verification is beyond the
>> scope of this patch.
>>
>> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
>> ---
>>   common/image-sig.c          |  11 +-
>>   include/image.h             |   3 +
>>   include/u-boot/ecdsa.h      |  94 +++++++++++
>>   lib/ecdsa/ecdsa-libcrypto.c | 306 ++++++++++++++++++++++++++++++++++++
>>   tools/Makefile              |   3 +
>>   5 files changed, 415 insertions(+), 2 deletions(-)
>>   create mode 100644 include/u-boot/ecdsa.h
>>   create mode 100644 lib/ecdsa/ecdsa-libcrypto.c
> 
> Reviewed-by: Simon Glass <sjg@chromium.org>
> 
> But you should check the return value of do_sign(). Why do you call
> ecdsa_check_signature() afterwards? Can you not trust the library?

You are right that it's a redundant step. It's an automatic test for the 
ecdsa_sig_encode_raw()/ecdsa_sig_from_raw() pair.

Alex

> Regards,
> Simon
>