Re: [U-Boot] [PATCH 3/9] [v4] DM: crypto/rsa: Add rsa Modular Exponentiation DM driver

6 Jan 2015

Hi Ruchika,
On 6 January 2015 at 02:37, Ruchika Gupta ruchika.gupta@freescale.com
wrote:
...
Hi Simon,
...
-----Original Message-----
From: sjg@google.com [mailto:sjg@google.com] On Behalf Of Simon Glass
Sent: Saturday, January 03, 2015 3:54 AM
To: Gupta Ruchika-R66431
Cc: U-Boot Mailing List; Sun York-R58495
Subject: Re: [PATCH 3/9] [v4] DM: crypto/rsa: Add rsa Modular
Exponentiation
...
DM driver
Hi Ruchika,
On 30 December 2014 at 02:30, Ruchika Gupta <ruchika.gupta@freescale.com
wrote:
...
Add a new rsa uclass for performing modular exponentiation and
implement the software driver basing on this uclass.
Signed-off-by: Ruchika Gupta ruchika.gupta@freescale.com
CC: Simon Glass sjg@chromium.org

Changes in v4:
Removed Kconfig option for DM_RSA
Corrected driver name for sw rsa driver Updated the rsa_mod_exp
operation to have output length
Changes in v3:
New patch with driver model for RSA UCLASS
drivers/crypto/Makefile         |  1 +
 drivers/crypto/rsa/Makefile     |  7 +++++++
 drivers/crypto/rsa/rsa_sw.c     | 39
+++++++++++++++++++++++++++++++++++++++
...
drivers/crypto/rsa/rsa_uclass.c | 31 +++++++++++++++++++++++++++++++
 include/dm/uclass-id.h          |  1 +
 include/u-boot/rsa-mod-exp.h    | 37
+++++++++++++++++++++++++++++++++++++
...
...
6 files changed, 116 insertions(+)
 create mode 100644 drivers/crypto/rsa/Makefile  create mode 100644
drivers/crypto/rsa/rsa_sw.c  create mode 100644
drivers/crypto/rsa/rsa_uclass.c
Again I'm a bit worried we are going off into the weeds.
Is this an RSA driver or a modular exponentiation driver? It seems like
the
...
latter to me. If so, the uclass should be UCLASS_MOD_EXP, not
UCLASS_RSA, and
...
the files and directories should be renames also. Some hardware will
implement the entire RSA algorithm, which would be a true RSA uclass.
Here I
...
think you are only doing part of it.
I did this to introduce a generic class for RSA which has mod_exp
implementation for now and can be extended to have sign or any other algo
added later.For now I will change it to UCLASS_MOD_EXP as you have
suggested.
...
From what I understand the RSA API consists of two functions:
rsa_sign()
rsa_verify()
These are defined in rsa.h.
So if you are planning to implement an RSA uclass it should support these
two. In your case it seems like you are implementing a part of RSA, i.e.
lower-level functionality. That's why I'm saying it doesn't look like an
RSA uclass to me.
...
...
Other than that rename the code looks fine.
Minor point: again I don't see the value of returning the same value as
sig_len, so you may as well drop those last two args to mod_exp() -
unless I
...
am missing something.
I will do that and revert back to earlier implementation with uint8_t *out.
...
...

diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile index
7b79237..a2f30fc 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -6,4 +6,5 @@
 #
obj-$(CONFIG_EXYNOS_ACE_SHA)   += ace_sha.o
+obj-y += rsa/
 obj-y += fsl/
diff --git a/drivers/crypto/rsa/Makefile b/drivers/crypto/rsa/Makefile
new file mode 100644 index 0000000..927c5bd
--- /dev/null
+++ b/drivers/crypto/rsa/Makefile
@@ -0,0 +1,7 @@
+#
+# (C) Copyright 2014 Freescale Semiconductor, Inc.
+#
+# SPDX-License-Identifier:     GPL-2.0+
+#



+obj-$(CONFIG_RSA) += rsa_uclass.o rsa_sw.o
diff --git a/drivers/crypto/rsa/rsa_sw.c b/drivers/crypto/rsa/rsa_sw.c
new file mode 100644 index 0000000..3dcd512
--- /dev/null
+++ b/drivers/crypto/rsa/rsa_sw.c
@@ -0,0 +1,39 @@
+/*


(C) Copyright 2014 Freescale Semiconductor, Inc.



Author: Ruchika Gupta ruchika.gupta@freescale.com







SPDX-License-Identifier:    GPL-2.0+


*/


+#include <config.h>
+#include <common.h>
+#include <dm.h>
+#include <u-boot/rsa-mod-exp.h>



+int mod_exp_sw(struct udevice *dev, const uint8_t *sig, uint32_t
sig_len,
...
...

          struct key_prop *prop, uint8_t **outp, uint32_t



+*out_len) {

  int ret = 0;



  ret = rsa_mod_exp_sw(sig, sig_len, prop, outp, out_len);


  if (ret) {


          debug("%s: RSA failed to verify: %d\n", __func__, ret);


          return ret;


  }



  return 0;



+}



+static const struct rsa_ops rsa_ops_sw = {

  .mod_exp        = mod_exp_sw,



+};



+U_BOOT_DRIVER(rsa_sw) = {

  .name   = "rsa_sw",


  .id     = UCLASS_RSA,


  .ops    = &rsa_ops_sw,



+};



+U_BOOT_DEVICE(rsa_sw) = {

  .name = "rsa_sw",



+};
diff --git a/drivers/crypto/rsa/rsa_uclass.c
b/drivers/crypto/rsa/rsa_uclass.c new file mode 100644 index
0000000..4d52dcc
--- /dev/null
+++ b/drivers/crypto/rsa/rsa_uclass.c
@@ -0,0 +1,31 @@
+/*


(C) Copyright 2014 Freescale Semiconductor, Inc



Author: Ruchika Gupta ruchika.gupta@freescale.com







SPDX-License-Identifier:    GPL-2.0+


*/


+#include <common.h>
+#include <dm.h>
+#include <u-boot/rsa-mod-exp.h>
+#include <errno.h>
+#include <fdtdec.h>
+#include <malloc.h>
+#include <asm/io.h>
+#include <linux/list.h>



+int rsa_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t
sig_len,
...
...

          struct key_prop *node, uint8_t **out, uint32_t



+*out_len) {

  const struct rsa_ops *ops = device_get_ops(dev);



  if (!ops->mod_exp)


          return -ENOSYS;



  return ops->mod_exp(dev, sig, sig_len, node, out, out_len); }




+UCLASS_DRIVER(rsa) = {

  .id             = UCLASS_RSA,


  .name           = "rsa",



+};
diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h index
f17c3c2..823e43c 100644
--- a/include/dm/uclass-id.h
+++ b/include/dm/uclass-id.h
@@ -33,6 +33,7 @@ enum uclass_id {
        UCLASS_I2C,             /* I2C bus */
        UCLASS_I2C_GENERIC,     /* Generic I2C device */
        UCLASS_I2C_EEPROM,      /* I2C EEPROM device */

  UCLASS_RSA,             /* RSA Mod Exp device */

  UCLASS_COUNT,
  UCLASS_INVALID = -1,



diff --git a/include/u-boot/rsa-mod-exp.h
b/include/u-boot/rsa-mod-exp.h index 7b74f3c..417e468 100644
--- a/include/u-boot/rsa-mod-exp.h
+++ b/include/u-boot/rsa-mod-exp.h
@@ -46,4 +46,41 @@ struct key_prop {
 int rsa_mod_exp_sw(const uint8_t *sig, uint32_t sig_len,
                struct key_prop *node, uint8_t **outp, uint32_t
*out_len);
+int rsa_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t
sig_len,
...
...

          struct key_prop *node, uint8_t **outp, uint32_t



+*out_len);



+/**


struct struct rsa_ops - Driver model for RSA operations







The uclass interface is implemented by all crypto devices which



+use


driver model.


*/

+struct rsa_ops {

  /**


   * Perform Modular Exponentiation


   *


   * Operation: out[] = sig ^ exponent % modulus


   *


   * @dev:        RSA Device


   * @sig:        RSA PKCS1.5 signature


   * @sig_len:    Length of signature in number of bytes


   * @node:       Node with RSA key elements like modulus,



exponent,
...
...

   *              R^2, n0inv


   * @outp:       Set to an allocated buffer holding the output



hash
...
...

   * @out_len:    Set to length of hash(outp) calculated after


   *              exponentiation.


   *


   * This computes exponentiation over the signature. Resulting


   * hash value is placed in an allocated buffer, the pointer is


   * returned as *outp. The length of calulated hash is returned



via
...
...

   * the out_len pointer argument. The caller should free *outp


   *


   * Returns: 0 if exponentiation is successful, or a negative



value
...
...

   * if it wasn't.


   */


  int (*mod_exp)(struct udevice *dev, const uint8_t *sig,


                     uint32_t sig_len, struct key_prop *node,


                     uint8_t **outp, uint32_t *len); };




#endif
1.8.1.4
Regards,
Ruchika
Regards,
Simon

    

Simon Glass

#endif

tags (0)

participants (1)