drivers/crypto: aspeed: Add Caliptra ECDSA384 support Aspeed AST27xx SoCs integrate the CPTRA 1.0 secure IP, which export an ECDSA384_SIGNATURE_VERIFY mailbox command service for SoC to use. This patch is verified by the FIT signature verification using the "sha384,ecdsa384" algorithm. Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com> Reviewed-by: Simon Glass <sjg@chromium.org>

commit: 3477d922c9e8394bfd7c1d25d3b7552896a8a13c [log] [tgz]
author: Chia-Wei Wang <chiawei_wang@aspeedtech.com> Mon Oct 14 17:56:20 2024 +0800
committer: Tom Rini <trini@konsulko.com> Mon Oct 21 17:52:52 2024 -0600
tree: abd52427462a11a6460a047b6e71995d85f605b5
parent: 1bc4222ba6dd2b35aad3e0dedd29dfab17b83411 [diff] [blame]
diff --git a/drivers/crypto/aspeed/Kconfig b/drivers/crypto/aspeed/Kconfig
index 473e3e5..6efcd7d 100644
--- a/drivers/crypto/aspeed/Kconfig
+++ b/drivers/crypto/aspeed/Kconfig

@@ -28,3 +28,13 @@
 
 	  Enabling this allows the use of SHA operations in hardware. Note that only
 	  SHA384 and SHA512 are supported by Caliptra 1.0.
+
+config ASPEED_CPTRA_ECDSA
+	bool "Caliptra ECDSA384 signature verifier for Aspeed SoCs"
+	depends on ECDSA_VERIFY || SPL_ECDSA_VERIFY
+	help
+	  Select this option to enable a driver for using the ECDSA384_SIGNATURE_VERIFY
+	  feature of Caliptra, which is integrated in AST27xx BMC SoCs.
+
+	  Enabling this allows the use of ECDSA384 signature verification in hardware.
+	  Note that only ECDSA384 is supported by Caliptra.
commit	3477d922c9e8394bfd7c1d25d3b7552896a8a13c	[log] [tgz]
author	Chia-Wei Wang <chiawei_wang@aspeedtech.com>	Mon Oct 14 17:56:20 2024 +0800
committer	Tom Rini <trini@konsulko.com>	Mon Oct 21 17:52:52 2024 -0600
tree	abd52427462a11a6460a047b6e71995d85f605b5
parent	1bc4222ba6dd2b35aad3e0dedd29dfab17b83411 [diff] [blame]