[RFC PATCH v1] lib: rsa: introduce RSA_SOFTWARE_EXP_TINY

16 Apr 2021

From: Igor Opaniuk igor.opaniuk@foundries.io
Introduce RSA_SOFTWARE_EXP_TINY Kconfig option, which does not require
DM to be enabled. This can be handy on devices, where SPL + signed
U-Boot FIT image setup is used, where it isn't possible to enable SPL_DM
mainly due to SRAM size constraits.
For example, on iMX8MM with this option enabled and SPL_DM disabled
it's possible to save almost 11Kb:
With RSA_SOFTWARE_EXP_TINY enabled:
spl/u-boot-spl-nodtb.bin 99824
Without:
spl/u-boot-spl-nodtb.bin 111088
Signed-off-by: Igor Opaniuk igor.opaniuk@foundries.io
---
lib/rsa/Kconfig      | 11 ++++++++++-
 lib/rsa/rsa-verify.c |  8 ++++----
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig
index a90d67e5a8..03692b73bb 100644
--- a/lib/rsa/Kconfig
+++ b/lib/rsa/Kconfig
@@ -1,7 +1,8 @@
 config RSA
    bool "Use RSA Library"
    select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX6 && !ARCH_MX5
-	select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP
+	select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP && DM
+	select RSA_SOFTWARE_EXP_TINY if !RSA_FREESCALE_EXP && !DM
    help
      RSA support. This enables the RSA algorithm used for FIT image
      verification in U-Boot.
@@ -45,6 +46,14 @@ config RSA_VERIFY_WITH_PKEY
      directly specified in image_sign_info, where all the necessary
      key properties will be calculated on the fly in verification code.
+config RSA_SOFTWARE_EXP_TINY
+	bool "Enable non-DM RSA Modular Exponentiation software implementation"
+	help
+	  Enable modular exponentiation implementation in software, which
+	  does not require Driver Model to be enabled. This is a RSA algorithm
+	  used in FIT image verification. It required RSA Key as input.
+	  See doc/uImage.FIT/signature.txt for more details.
+
 config RSA_SOFTWARE_EXP
    bool "Enable driver for RSA Modular Exponentiation in software"
    depends on DM
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index aee76f42d5..0162253636 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -319,7 +319,7 @@ static int rsa_verify_key(struct image_sign_info *info,
    		  const uint32_t key_len)
 {
    int ret;
-#if !defined(USE_HOSTCC)
+#if !(defined(USE_HOSTCC) || defined(RSA_SOFTWARE_EXP_TINY))
    struct udevice *mod_exp_dev;
 #endif
    struct checksum_algo *checksum = info->checksum;
@@ -346,7 +346,9 @@ static int rsa_verify_key(struct image_sign_info *info,
    uint8_t buf[sig_len];
    hash_len = checksum->checksum_len;
-#if !defined(USE_HOSTCC)
+#if defined(USE_HOSTCC) || defined(RSA_SOFTWARE_EXP_TINY)
+	ret = rsa_mod_exp_sw(sig, sig_len, prop, buf);
+#else
    ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
    if (ret) {
    	printf("RSA: Can't find Modular Exp implementation\n");
@@ -354,8 +356,6 @@ static int rsa_verify_key(struct image_sign_info *info,
    }
ret = rsa_mod_exp(mod_exp_dev, sig, sig_len, prop, buf);
-#else
-	ret = rsa_mod_exp_sw(sig, sig_len, prop, buf);
 #endif
    if (ret) {
    	debug("Error in Modular exponentation\n");
-- 
2.25.1


    