diff options
| author | Alexandru Gagniuc <mr.nuke.me@gmail.com> | 2021-07-29 19:47:15 +0300 |
|---|---|---|
| committer | Patrice Chotard <patrice.chotard@foss.st.com> | 2021-08-16 11:49:35 +0300 |
| commit | 1d54af1392513c09927b97981356acadfa626d63 (patch) | |
| tree | 1b0a7947c48436c6716aba4a619eb3c39ff11a57 | |
| parent | 59f6eb477e053355718fa25b3bce956991f016b8 (diff) | |
| download | u-boot-1d54af1392513c09927b97981356acadfa626d63.tar.xz | |
dm: crypto: Define UCLASS API for ECDSA signature verification
Define a UCLASS API for verifying ECDSA signatures. Unlike
UCLASS_MOD_EXP, which focuses strictly on modular exponentiation,
the ECDSA class focuses on verification. This is done so that it
better aligns with mach-specific implementations, such as stm32mp.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
| -rw-r--r-- | include/crypto/ecdsa-uclass.h | 39 | ||||
| -rw-r--r-- | include/dm/uclass-id.h | 1 |
2 files changed, 40 insertions, 0 deletions
diff --git a/include/crypto/ecdsa-uclass.h b/include/crypto/ecdsa-uclass.h new file mode 100644 index 0000000000..189843820a --- /dev/null +++ b/include/crypto/ecdsa-uclass.h @@ -0,0 +1,39 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright (c) 2020, Alexandru Gagniuc <mr.nuke.me@gmail.com> + */ + +#include <dm/device.h> + +/** + * struct ecdsa_public_key - ECDSA public key properties + * + * The struct has pointers to the (x, y) curve coordinates to an ECDSA public + * key, as well as the name of the ECDSA curve. The size of the key is inferred + * from the 'curve_name' + */ +struct ecdsa_public_key { + const char *curve_name; /* Name of curve, e.g. "prime256v1" */ + const void *x; /* x coordinate of public key */ + const void *y; /* y coordinate of public key */ + unsigned int size_bits; /* key size in bits, derived from curve name */ +}; + +struct ecdsa_ops { + /** + * Verify signature of hash against given public key + * + * @dev: ECDSA Device + * @pubkey: ECDSA public key + * @hash: Hash of binary image + * @hash_len: Length of hash in bytes + * @signature: Signature in a raw (R, S) point pair + * @sig_len: Length of signature in bytes + * + * This function verifies that the 'signature' of the given 'hash' was + * signed by the private key corresponding to 'pubkey'. + */ + int (*verify)(struct udevice *dev, const struct ecdsa_public_key *pubkey, + const void *hash, size_t hash_len, + const void *signature, size_t sig_len); +}; diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h index 9d474533ba..e7edd409f3 100644 --- a/include/dm/uclass-id.h +++ b/include/dm/uclass-id.h @@ -47,6 +47,7 @@ enum uclass_id { UCLASS_DSI_HOST, /* Display Serial Interface host */ UCLASS_DMA, /* Direct Memory Access */ UCLASS_DSA, /* Distributed (Ethernet) Switch Architecture */ + UCLASS_ECDSA, /* Elliptic curve cryptographic device */ UCLASS_EFI, /* EFI managed devices */ UCLASS_ETH, /* Ethernet device */ UCLASS_ETH_PHY, /* Ethernet PHY device */ |