On Wed, Oct 29, 2025 at 12:28:53PM +0100, Quentin Schulz wrote: > From: Quentin Schulz <[email protected]> > > One could very well want to verify signed files which aren't a FIT > image (e.g. via rsa_verify_hash() when $(PHASE_)RSA_VERIFY_WITH_PKEY=y) > but that is currently only possible if the FIT_SIGNATURE symbol is > enabled for the stage this signed file needs to be verified. > > While we could remove the dependency on FIT_SIGNATURE and find a better > name for the symbol, let's simply always build support for PSS padding > when RSA is enabled, like we currently do for pkcs-1.5 padding. > > When $(PHASE_)RSA_VERIFY is enabled on PX30 Ringneck, the difference is > an additional 904B for the SPL (spl/u-boot-spl.bin) and 1000B for U-Boot > proper (u-boot-nodtb.bin). > > Signed-off-by: Quentin Schulz <[email protected]> > --- > Another option is to remove the FIT_SIGNATURE dependency. For context, I > have a system where U-Boot proper verifies the signature of a few > binaries thanks to rsa_verify_hash() (see CONFIG_RSA_VERIFY_WITH_PKEY) > with an embedded public key. We do not use FIT images in proper and I > would like to avoid building code we don't use to limit the attack > surface, so I was looking at ways to remove the FIT support in proper > and this dependency makes it impossible as we use PSS padding. > > The cost of always building all RSA paddings may be too high though, I > don't know where we should draw the line.
I think the cost of ~900 bytes in SPL for 120 platforms is on the high side. How about a different symbol? Or would you want this enabled by default on rockhip and so changing those 120 platforms anyways? -- Tom
signature.asc
Description: PGP signature
