From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 82B11C433EF for ; Thu, 25 Nov 2021 00:18:27 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 6AA37837CC; Thu, 25 Nov 2021 01:17:36 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.b="kLKvSh1K"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 5672D836E8; Thu, 25 Nov 2021 01:13:57 +0100 (CET) Received: from mail-ot1-x329.google.com (mail-ot1-x329.google.com [IPv6:2607:f8b0:4864:20::329]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id B008982F89 for ; Thu, 25 Nov 2021 01:13:49 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=sjg@google.com Received: by mail-ot1-x329.google.com with SMTP id u18-20020a9d7212000000b00560cb1dc10bso6796004otj.11 for ; Wed, 24 Nov 2021 16:13:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mPG9ClcP1Mzy33VA6BaCoEDpCpLj/BZaERiAQiG4Xh8=; b=kLKvSh1KqimAHK0Y3a0gycuVv1gqqgUKve3aqyKJL0L7m23WvWfipre5Qn6s4YABbM Nl1JfxOIRVxDCUwOrLYVlW5Umiqj2p6ttGVKZ6152Q7WRHfrmrGNzwRhJyFWS29oY+/d pg+TvVBCk27Vn088tOe2bWNOrvHtGA2hvVkI4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mPG9ClcP1Mzy33VA6BaCoEDpCpLj/BZaERiAQiG4Xh8=; b=w0Vh7WTJzifqdh0ZuzBsj+cLHnuMKIr00uWJbz5WHmHSoQfS0EPby0CWoQP4DpnbJg TwQyPikUZfv/Ach7LM48GQJi6eJpGGx3lHXuNx2nQAvAiuQetXvx0NVCwKYkDQHkCwkD gbc71x0aIdceCAALPmKfX11+0TkdFIVJkTheZ7WvyfVXiV152YZ8mPaYggQbetsu/skv rhblugDs9c51YzRqnQDfqKyR/IaASSr1/aZx1dCvrt8L7rUXgBfUY/u//Biuyt6B9P5K kAWW+ioGteUy3Z+HUh6llM4yLifLC+qv3i8tj1Jz+r38JY+vRb8TR4tByJu9ci0hROeO fPtA== X-Gm-Message-State: AOAM532lwHrRDGbzEC/HhtRUJ4ucqn4trT09VGE/emyHBM1XhGFXVi+X 8I6k0X2zKGxPDzi2pX0spaGRmtI4oDLAm6LQUns0ag== X-Google-Smtp-Source: ABdhPJxkGpv27wyFgr9z1XO7vgvq/7bkkGWJD42fwWrVi0iQMqZaKur8q3F1s3IM8pmjy73wUvuwLJ70Su8JB08Uwz8= X-Received: by 2002:a9d:17c5:: with SMTP id j63mr17385607otj.191.1637799227963; Wed, 24 Nov 2021 16:13:47 -0800 (PST) MIME-Version: 1.0 References: <20211117175215.24262-1-philippe.reynes@softathome.com> <20211117175215.24262-3-philippe.reynes@softathome.com> In-Reply-To: <20211117175215.24262-3-philippe.reynes@softathome.com> From: Simon Glass Date: Wed, 24 Nov 2021 17:12:50 -0700 Message-ID: Subject: Re: [RFC PATCH v3 2/8] lib: crypto: allow to build crypyo in SPL To: Philippe Reynes Cc: mr.nuke.me@gmail.com, joel.peshkin@broadcom.com, u-boot@lists.denx.de Content-Type: text/plain; charset="UTF-8" X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.37 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean On Wed, 17 Nov 2021 at 10:52, Philippe Reynes wrote: > > This commit adds the options: > - SPL_ASYMMETRIC_KEY_TYPE > - SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE > - SPL_RSA_PUBLIC_KEY_PARSER > > Signed-off-by: Philippe Reynes > --- > lib/Makefile | 2 +- > lib/crypto/Kconfig | 15 +++++++++++++++ > lib/crypto/Makefile | 19 +++++++++++++------ > 3 files changed, 29 insertions(+), 7 deletions(-) > Please add in the help. > diff --git a/lib/Makefile b/lib/Makefile > index 900e684d62..df70917b49 100644 > --- a/lib/Makefile > +++ b/lib/Makefile > @@ -17,7 +17,6 @@ obj-$(CONFIG_OF_LIVE) += of_live.o > obj-$(CONFIG_CMD_DHRYSTONE) += dhry/ > obj-$(CONFIG_ARCH_AT91) += at91/ > obj-$(CONFIG_OPTEE_LIB) += optee/ > -obj-y += crypto/ > > obj-$(CONFIG_AES) += aes.o > obj-$(CONFIG_AES) += aes/ > @@ -57,6 +56,7 @@ obj-$(CONFIG_TPM_V1) += tpm-v1.o > obj-$(CONFIG_TPM_V2) += tpm-v2.o > endif > > +obj-y += crypto/ > obj-$(CONFIG_$(SPL_)ACPIGEN) += acpi/ > obj-$(CONFIG_$(SPL_)MD5) += md5.o > obj-$(CONFIG_ECDSA) += ecdsa/ > diff --git a/lib/crypto/Kconfig b/lib/crypto/Kconfig > index 6369bafac0..9351865f2c 100644 > --- a/lib/crypto/Kconfig > +++ b/lib/crypto/Kconfig > @@ -8,6 +8,10 @@ menuconfig ASYMMETRIC_KEY_TYPE > > if ASYMMETRIC_KEY_TYPE > > +config SPL_ASYMMETRIC_KEY_TYPE > + bool "Asymmetric (public-key cryptographic) key Support within SPL" > + depends on SPL > + > config ASYMMETRIC_PUBLIC_KEY_SUBTYPE > bool "Asymmetric public-key crypto algorithm subtype" > help > @@ -16,6 +20,10 @@ config ASYMMETRIC_PUBLIC_KEY_SUBTYPE > appropriate hash algorithms (such as SHA-1) must be available. > ENOPKG will be reported if the requisite algorithm is unavailable. > > +config SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE > + bool "Asymmetric public-key crypto algorithm subtype within SPL" > + depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE > + > config RSA_PUBLIC_KEY_PARSER > bool "RSA public key parser" > depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE > @@ -27,6 +35,13 @@ config RSA_PUBLIC_KEY_PARSER > public key data and provides the ability to instantiate a public > key. > > +config SPL_RSA_PUBLIC_KEY_PARSER > + bool "RSA public key parser within SPL" > + depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE > + select SPL_ASN1_DECODER > + select ASN1_COMPILER > + select SPL_OID_REGISTRY > + > config X509_CERTIFICATE_PARSER > bool "X.509 certificate parser" > depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE > diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile > index f3a414525d..6792b1d4f0 100644 > --- a/lib/crypto/Makefile > +++ b/lib/crypto/Makefile > @@ -3,27 +3,34 @@ > # Makefile for asymmetric cryptographic keys > # > > -obj-$(CONFIG_ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o > +obj-$(CONFIG_$(SPL_)ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o > > asymmetric_keys-y := asymmetric_type.o > > -obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o > +obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o > > # > # RSA public key parser > # > -obj-$(CONFIG_RSA_PUBLIC_KEY_PARSER) += rsa_public_key.o > +obj-$(CONFIG_$(SPL_)RSA_PUBLIC_KEY_PARSER) += rsa_public_key.o > rsa_public_key-y := \ > rsapubkey.asn1.o \ > rsa_helper.o > > $(obj)/rsapubkey.asn1.o: $(obj)/rsapubkey.asn1.c $(obj)/rsapubkey.asn1.h > +ifdef CONFIG_SPL_BUILD > +CFLAGS_rsapubkey.asn1.o += -I$(obj) > +endif > + > $(obj)/rsa_helper.o: $(obj)/rsapubkey.asn1.h > +ifdef CONFIG_SPL_BUILD > +CFLAGS_rsa_helper.o += -I$(obj) > +endif > > # > # X.509 Certificate handling > # > -obj-$(CONFIG_X509_CERTIFICATE_PARSER) += x509_key_parser.o > +obj-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER) += x509_key_parser.o > x509_key_parser-y := \ > x509.asn1.o \ > x509_akid.asn1.o \ > @@ -40,11 +47,11 @@ $(obj)/x509_akid.asn1.o: $(obj)/x509_akid.asn1.c $(obj)/x509_akid.asn1.h > # > # PKCS#7 message handling > # > -obj-$(CONFIG_PKCS7_MESSAGE_PARSER) += pkcs7_message.o > +obj-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += pkcs7_message.o > pkcs7_message-y := \ > pkcs7.asn1.o \ > pkcs7_parser.o > -obj-$(CONFIG_PKCS7_VERIFY) += pkcs7_verify.o > +obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o > > $(obj)/pkcs7_parser.o: $(obj)/pkcs7.asn1.h > $(obj)/pkcs7.asn1.o: $(obj)/pkcs7.asn1.c $(obj)/pkcs7.asn1.h > -- > 2.17.1 >