From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Rini Date: Tue, 21 Jan 2020 10:34:59 -0500 Subject: [PATCH v4 2/6] rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config In-Reply-To: <20200121042957.GB8146@linaro.org> References: <20191121001121.21854-1-takahiro.akashi@linaro.org> <20191121001121.21854-3-takahiro.akashi@linaro.org> <20200114074522.GF28530@linaro.org> <9812dbfc-1387-3b95-a742-f0caf1467880@gmx.de> <20200117022400.GK28530@linaro.org> <5aa66a6d-64ae-1e6b-8c62-2e8273799c3e@gmx.de> <20200121042957.GB8146@linaro.org> Message-ID: <20200121153459.GS8732@bill-the-cat> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On Tue, Jan 21, 2020 at 01:29:58PM +0900, AKASHI Takahiro wrote: > Tom, Simon, > > On Fri, Jan 17, 2020 at 06:59:44AM +0100, Heinrich Schuchardt wrote: > > On 1/17/20 3:24 AM, AKASHI Takahiro wrote: > > >On Tue, Jan 14, 2020 at 12:43:40PM +0100, Heinrich Schuchardt wrote: > > >>On 1/14/20 8:45 AM, AKASHI Takahiro wrote: > > >>>On Wed, Jan 08, 2020 at 01:35:13PM +0100, Heinrich Schuchardt wrote: > > >>>>On 11/21/19 1:11 AM, AKASHI Takahiro wrote: > > >>>>>In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, > > >>>>>rsa_verify() will be extended to be able to perform RSA decryption without > > >>>>>additional RSA key properties from FIT image, i.e. rr and n0inv. > > >>>>> > > >>>>>Signed-off-by: AKASHI Takahiro > > >>>>>Reviewed-by: Simon Glass > > >>>> > > >>>>The patch series does not build for some configurations. > > >>>> > > >>>>>--- > > >>>>> lib/rsa/Kconfig | 14 ++++++++++++++ > > >>>>> 1 file changed, 14 insertions(+) > > >>>>> > > >>>>>diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig > > >>>>>index 03ffa2969048..71e4c06bf883 100644 > > >>>>>--- a/lib/rsa/Kconfig > > >>>>>+++ b/lib/rsa/Kconfig > > >>>>>@@ -30,6 +30,20 @@ config RSA_VERIFY > > >>>>> help > > >>>>> Add RSA signature verification support. > > >>>>> > > >>>>>+config RSA_VERIFY_WITH_PKEY > > >>>> > > >>>>For CONFIG_RSA_VERIFY_WITH_PKEY=y and CONFIG_RSA_PUBLIC_KEY_PARSER=n > > >>>>I get an error: > > >>> > > >>>This error is inevitable as both RSA_VERIFY_WITH_PKEY and > > >>>RSA_PUBLIC_KEY_PARSER are "select"able configurations with > > >>>visible prompts and then > > >> > > >>No, it is not inevitbable. Just ensure that in the Makefiles all modules > > >>are selected that you need for your configuration. > > > > > >How? > > >Can you please show me a simple solution? > > > > Which is your choice as a maintainer/author of lib/rsa? > > In my opinion, > > > ifneq($(CONFIG_RSA_VERIFY_WITH_PKEY)$(CONFIG_RSA_PUBLIC_KEY_PARSER),) > > obj-y += foo.o > > endif > > I will take this by a process of elimination. > > > or > > > > config RSA_VERIFY_WITH_PKEY > > depends on RSA_PUBLIC_KEY_PARSER > > I normally use "depends on" to select a subset feature of the target. > > > or > > > > config RSA_VERIFY_WITH_PKEY > > select RSA_PUBLIC_KEY_PARSER > > Nak, as I said, because RSA_PUBLIC_KEY_PARSER is a visible configuration symbol. This is getting a bit complicated. So, if and only if RSA_VERIFY_WITH_PKEY and RSA_PUBLIC_KEY_PARSER can be functional without the other enabled: obj-$(CONFIG_RSA_VERIFY_WITH_PKEY) += verify-with-pkey.o common-thing.o obj-$(CONFIG_RSA_PUBLIC_KEY_PARSER) += public-key-parser.o common-thing.o and we don't need to do anything extra with depends/select. There's nothing wrong with listing an object multiple times, it gets sorted correctly. -- Tom -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: