rsa: rename FIT_RSASSA_PSS to RSASSA_PSS and move symbols under lib/rsa

This renames FIT_RSASSA_PSS symbols to drop the FIT_ prefix to avoid
potential confusion since there's nothing FIT specific to those symbols.

It also isn't really related to booting, so boot/Kconfig is an odd place
for them to live. Since they make sense only in relation with RSA,
simply move them to lib/rsa where it makes more sense for them to
reside.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>

boot/Kconfig

@@ -116,13 +116,6 @@ config FIT_SIGNATURE_MAX_SIZE
 	  device memory. Assure this size does not extend past expected storage
 	  space.
 
-config FIT_RSASSA_PSS
-	bool "Support rsassa-pss signature scheme"
-	depends on RSA_VERIFY
-	help
-	  Enable this to support the pss padding algorithm as described
-	  in the rfc8017 (https://tools.ietf.org/html/rfc8017).
-
 config FIT_CIPHER
 	bool "Enable ciphering data in a FIT uImages"
 	depends on DM
@@ -212,13 +205,6 @@ config SPL_FIT_SIGNATURE_MAX_SIZE
 	  device memory. Assure this size does not extend past expected storage
 	  space.
 
-config SPL_FIT_RSASSA_PSS
-	bool "Support rsassa-pss signature scheme in SPL"
-	depends on SPL_RSA_VERIFY
-	help
-	  Enable this to support the pss padding algorithm as described
-	  in the rfc8017 (https://tools.ietf.org/html/rfc8017) in SPL.
-
 config SPL_LOAD_FIT
 	bool "Enable SPL loading U-Boot as a FIT (basic fitImage features)"
 	depends on SPL

configs/sandbox_defconfig

@@ -18,7 +18,6 @@ CONFIG_EFI_CAPSULE_AUTHENTICATE=y
 CONFIG_EFI_CAPSULE_CRT_FILE="board/sandbox/capsule_pub_key_good.crt"
 CONFIG_BUTTON_CMD=y
 CONFIG_FIT=y
-CONFIG_FIT_RSASSA_PSS=y
 CONFIG_FIT_CIPHER=y
 CONFIG_FIT_VERBOSE=y
 CONFIG_BOOTMETH_ANDROID=y
@@ -383,6 +382,7 @@ CONFIG_MBEDTLS_LIB=y
 CONFIG_HKDF_MBEDTLS=y
 CONFIG_ECDSA=y
 CONFIG_ECDSA_VERIFY=y
+CONFIG_RSASSA_PSS=y
 CONFIG_TPM=y
 CONFIG_ERRNO_STR=y
 CONFIG_GETOPT=y

lib/rsa/Kconfig

@@ -67,6 +67,20 @@ config SPL_RSA_VERIFY_WITH_PKEY
 	  key properties will be calculated on the fly in verification code
 	  in the SPL.
 
+config RSASSA_PSS
+	bool "Support rsassa-pss signature scheme"
+	depends on RSA_VERIFY
+	help
+	  Enable this to support the pss padding algorithm as described
+	  in the rfc8017 (https://tools.ietf.org/html/rfc8017).
+
+config SPL_RSASSA_PSS
+	bool "Support rsassa-pss signature scheme within SPL"
+	depends on SPL_RSA_VERIFY
+	help
+	  Enable this to support the pss padding algorithm as described
+	  in the rfc8017 (https://tools.ietf.org/html/rfc8017) within SPL.
+
 config RSA_SOFTWARE_EXP
 	bool "Enable driver for RSA Modular Exponentiation in software"
 	depends on DM

lib/rsa/rsa-sign.c

@@ -421,7 +421,7 @@ static int rsa_sign_with_key(EVP_PKEY *pkey, struct padding_algo *padding_algo,
 		goto err_sign;
 	}
 
-	if (CONFIG_IS_ENABLED(FIT_RSASSA_PSS) && padding_algo &&
+	if (CONFIG_IS_ENABLED(RSASSA_PSS) && padding_algo &&
 	    !strcmp(padding_algo->name, "pss")) {
 		if (EVP_PKEY_CTX_set_rsa_padding(ckey,
 						 RSA_PKCS1_PSS_PADDING) <= 0) {

lib/rsa/rsa-verify.c

@@ -89,7 +89,7 @@ U_BOOT_PADDING_ALGO(pkcs_15) = {
 };
 #endif
 
-#if CONFIG_IS_ENABLED(FIT_RSASSA_PSS)
+#if CONFIG_IS_ENABLED(RSASSA_PSS)
 static void u32_i2osp(uint32_t val, uint8_t *buf)
 {
 	buf[0] = (uint8_t)((val >> 24) & 0xff);

tools/Kconfig

@@ -55,7 +55,7 @@ config TOOLS_FIT_PRINT
 	help
 	  Print the content of the FIT verbosely in the tools builds
 
-config TOOLS_FIT_RSASSA_PSS
+config TOOLS_RSASSA_PSS
 	def_bool y
 	help
 	  Support the rsassa-pss signature scheme in the tools builds