mail archive of the barebox mailing list
 help / color / mirror / Atom feed
From: Sascha Hauer <s.hauer@pengutronix.de>
To: Ahmad Fatoum <a.fatoum@pengutronix.de>
Cc: Barebox List <barebox@lists.infradead.org>
Subject: Re: [PATCH v4 09/16] crypto: rsa: encapsulate rsa keys in public keys struct
Date: Fri, 27 Sep 2024 13:11:10 +0200	[thread overview]
Message-ID: <ZvaSzgjYTN6JWIKx@pengutronix.de> (raw)
In-Reply-To: <e5fabaa7-10e7-435b-b2f4-380fdca30cdf@pengutronix.de>

On Fri, Sep 27, 2024 at 10:02:08AM +0200, Ahmad Fatoum wrote:
> On 13.09.24 09:59, Sascha Hauer wrote:
> > This encapsulates struct rsa_public_key into a struct public_key. So far
> > RSA keys are the only supported key type. With adding ECDSA keys we need
> > a container struct so that we can add ECDSA keys using the same
> > mechanisms.
> > 
> > Also we rename CONFIG_CRYPTO_RSA_KEY to CONFIG_CRYPTO_PUBLIC_KEYS and
> > CONFIG_CRYPTO_RSA_BUILTIN_KEYS to CONFIG_CRYPTO_BUILTIN_KEYS as these
> > variables will be used for all types of keys, not only RSA keys.
> > 
> > Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
> 
> Reviewed-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
> 
> But two comments below.
> 
> > diff --git a/crypto/public-keys.c b/crypto/public-keys.c
> > new file mode 100644
> > index 0000000000..a3ef3bafc8
> > --- /dev/null
> > +++ b/crypto/public-keys.c
> > @@ -0,0 +1,39 @@
> 
> add a pr_fmt?
> 
> > +#include <common.h>
> > +#include <crypto/public_key.h>
> > +#include <rsa.h>
> > +
> > +extern const struct public_key * const __public_keys_start;
> > +extern const struct public_key * const __public_keys_end;
> > +
> > +static int init_public_keys(void)
> > +{
> > +	const struct public_key * const *iter;
> > +	int ret;
> > +
> > +	for (iter = &__public_keys_start; iter != &__public_keys_end; iter++) {
> > +		struct rsa_public_key *rsa_key;
> > +
> > +		switch ((*iter)->type) {
> > +		case PUBLIC_KEY_TYPE_RSA:
> > +			rsa_key = rsa_key_dup((*iter)->rsa);
> > +			if (!rsa_key)
> > +				continue;
> > +
> > +			ret = rsa_key_add(rsa_key);
> > +			if (ret)
> > +				pr_err("Cannot add rsa key: %pe\n", ERR_PTR(ret));
> > +			break;
> > +		default:
> > +			pr_err("Ignoring unknown key type %u\n", (*iter)->type);
> > +		}
> > +
> > +	}
> > +
> > +	return 0;
> > +}
> > +
> > +device_initcall(init_public_keys);
> > +
> 
> > -extern const struct rsa_public_key * const __rsa_keys_start;
> > -extern const struct rsa_public_key * const __rsa_keys_end;
> 
> I know you are just moving these around, but defining
> these with [] is way less confusing IMO.

This is changed in 12/16.

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |



  reply	other threads:[~2024-09-27 11:11 UTC|newest]

Thread overview: 33+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-09-13  7:59 [PATCH v4 00/16] Add ECDSA support for FIT image verification Sascha Hauer
2024-09-13  7:59 ` [PATCH v4 01/16] keytoc: remove ECDSA dts support Sascha Hauer
2024-09-25  8:53   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 02/16] keytoc: fail in case gen_key() fails Sascha Hauer
2024-09-25  8:53   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 03/16] keytoc: fix ECDSA endianess problems Sascha Hauer
2024-09-27  8:11   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 04/16] keytoc: remove duplicate __ENV__ check Sascha Hauer
2024-09-27  6:59   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 05/16] crypto: Makefile: make simpler Sascha Hauer
2024-09-27  7:01   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 06/16] crypto/Makefile: Drop unnecessary dependencies Sascha Hauer
2024-09-27  7:03   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 07/16] keytoc: make key name hint optional Sascha Hauer
2024-09-27  8:18   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 08/16] crypto: rsa: include key name hint into CONFIG_CRYPTO_RSA_KEY Sascha Hauer
2024-09-27  7:55   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 09/16] crypto: rsa: encapsulate rsa keys in public keys struct Sascha Hauer
2024-09-27  8:02   ` Ahmad Fatoum
2024-09-27 11:11     ` Sascha Hauer [this message]
2024-09-13  7:59 ` [PATCH v4 10/16] crypto: add public_key functions Sascha Hauer
2024-09-27  8:20   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 11/16] crypto: builtin_keys: Allow to specify multiple keys in CONFIG_CRYPTO_PUBLIC_KEYS Sascha Hauer
2024-09-25  8:22   ` Sascha Hauer
2024-09-13  7:59 ` [PATCH v4 12/16] crypto: public-keys: use array of public_keys Sascha Hauer
2024-09-13  7:59 ` [PATCH v4 13/16] crypto: rsa: create static inline wrapper for rsa_verify() Sascha Hauer
2024-09-27  8:09   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 14/16] Add elliptic curve cryptography (ECC) helper functions Sascha Hauer
2024-09-13  7:59 ` [PATCH v4 15/16] crypto: add ECDSA support Sascha Hauer
2024-09-27  8:07   ` Ahmad Fatoum
2024-09-13  7:59 ` [PATCH v4 16/16] crypto: make RSA a visible option Sascha Hauer
2024-09-27 11:23 ` [PATCH v4 00/16] Add ECDSA support for FIT image verification Sascha Hauer
2024-09-27 11:23   ` Sascha Hauer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZvaSzgjYTN6JWIKx@pengutronix.de \
    --to=s.hauer@pengutronix.de \
    --cc=a.fatoum@pengutronix.de \
    --cc=barebox@lists.infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox