[PATCH v3 00/17] TLV-Signature and keyrings

[Jonas Rebmann <jre@pengutronix.de>]

This series introduces everything needed for the use of signed TLVs in
barebox. This allows for signed TLVs to be part of a secure boot chain,
if CONFIG_TLV_SIGNATURE is enabled, keys are configured and the decoder
is configured to require signature.

As TLV signature verification uses the public_keys list, propagated by
keytoc.c with the public keys selected in CONFIG_CRYPTO_PUBLIC_KEYS, the
keyring feature was introduced to allow separate keys for separate
concerns.

The existing fitimage verification now only verifies against keys in the
"fit" keyring. To require a valid signature of TLVs, specify a
tlv_decoder::signature_keyring in the decoder. No signature verification
is performed if signature_keyring is NULL for a decoder matched to the
TLV magic.

A new builtin decoder was added to common/tlv/barebox.c with the magic
0x61bb95f3 and .signature_keyring = "tlv". Consequently
CONFIG_CRYPTO_BUILTIN_DEVELOPMENT_KEYS now adds the insecure development
keys to both the "tlv" and the "fit" keyring. This allows for quick
testing and debugging of decoders requiring signature.

For the creation of signed TLVs, bareboxtlv-generator.py was updated
with --sign and --verify options for TLV binary encoding and decoding
respectively.

Changes to the TLV format and -tool usage as well as the breaking
changes to the keyspec syntax are documented in Documentation/.

Signed-off-by: Jonas Rebmann <jre@pengutronix.de>
---
Changes in v3:
- To zero length_sig field, operate on a copy of the tlv in
  tlv_verify_try_key (Thanks, Sascha)
- Correctly check error of digest_init() in tlv_verify_try_key()
  (Thanks, Sascha)
- Move tlv_decoder::signature_keyring declaration to the patch that
  first uses it (Thanks, Sascha)
- Rebase to next
- Move migration documentation to 2025.12 (Thanks, Sascha)
- Link to v2: https://lore.barebox.org/barebox/20251028-tlv-signature-v2-0-3bafce636ad7@pengutronix.de

Changes in v2:
- Update usage message in keytoc
- Update kconfig help text for CONFIG_CRYPTO_PUBLIC_KEYS
- Separate migration doc and user doc patches correctly
- Warn about skipping verification when TLV is signed but no keyring
  selected in decoder
- Have config TLV_SIGNATURE depend on TLV (Thanks, Ahmad)
- Move pr_fmt before all includes in tlv/parser.c (Thanks, Ahmad)
- Style impromenets (Thanks, Ahmad)
- Pass down error code from public_key_verify() (Thanks, Ahmad)
- Rename keyring for barebox_tlv_v1_signed to "tlv-generic" (Thanks, Ahmad)
- Append cert and private key of 'builtin development keys' and name
  them "snakeoil" rather than fit (Thanks, Ahmad)
- Rebase to next, adapt to const public keys list
- To avoid CI failure due to -Werror=dangling-else, include a fix for
  the dangling else issue in idr_for_each_entry
- Link to v1: https://lore.barebox.org/barebox/20251014-tlv-signature-v1-0-7a8aaf95081c@pengutronix.de

---
Jonas Rebmann (17):
      lib: idr: avoid dangling else in idr_for_each_entry()
      common: clean up TLV code
      crypto: Add support for keyrings
      fit: only accept keys from "fit"-keyring
      crypto: keytoc: Rename "hint" to "fit-hint" and do not use it in identifiers
      commands: keys: update output format to include keyring
      commands: tlv: Error out on invalid TLVs
      scripts: bareboxtlv-generator: Implement signature
      scripts: bareboxtlv-generator: Increase max_size in example schema
      common: tlv: Add TLV-Signature support
      common: tlv: default decoder for signed TLV
      crypto: Use "development" keys for "fit" and "tlv" keyring
      test: py: add signature to TLV integration tests
      ci: pytest: Add kconfig fragment for TLV signature integration tests
      crypto: concatenate fit development certificate with private key
      doc/barebox-tlv: Update documentation regarding TLV-Signature
      Documentation: migration-2025.12.0: List changes to CONFIG_CRYPTO_PUBLIC_KEYS

 .github/workflows/test-labgrid-pytest.yml          |   1 +
 .../devicetree/bindings/nvmem/barebox,tlv.yaml     |   1 +
 .../migration-guides/migration-2025.12.0.rst       |  15 +
 Documentation/user/barebox-tlv.rst                 |  49 +++-
 commands/keys.c                                    |   8 +-
 commands/tlv.c                                     |   2 +-
 common/Kconfig                                     |   5 +
 .../boards/configs/enable_tlv_sig_testing.config   |  13 +
 common/image-fit.c                                 |  13 +-
 common/tlv/barebox.c                               |  25 +-
 common/tlv/parser.c                                | 107 ++++++-
 crypto/Kconfig                                     |  37 ++-
 crypto/Makefile                                    |   6 +-
 crypto/fit-4096-development.crt                    |  33 ---
 crypto/public-keys.c                               |  13 +-
 crypto/rsa.c                                       |   1 +
 crypto/snakeoil-4096-development.pem               |  84 ++++++
 ...elopment.crt => snakeoil-ecdsa-development.pem} |   5 +
 include/crypto/public_key.h                        |  22 +-
 include/linux/idr.h                                |   2 +-
 include/tlv/format.h                               |  29 +-
 include/tlv/tlv.h                                  |   1 +
 .../bareboxtlv-generator/bareboxtlv-generator.py   | 243 ++++++++++++++--
 scripts/bareboxtlv-generator/requirements.txt      |   1 +
 scripts/bareboxtlv-generator/schema-example.yaml   |   2 +-
 scripts/include/linux/overflow.h                   | 312 +++++++++++++++++++++
 scripts/keytoc.c                                   | 259 +++++++++++------
 test/py/test_tlv.py                                | 206 +++++++++++---
 28 files changed, 1264 insertions(+), 231 deletions(-)
---
base-commit: 7ce5c14e883d08c71af12a02c66dc2ae7191a7d7
change-id: 20251014-tlv-signature-2673b1a24445

Best regards,
--  
Jonas Rebmann <jre@pengutronix.de>