Commit 10529d30 authored by Antonio de Angelis's avatar Antonio de Angelis Committed by Dávid Vincze
Browse files

bootutil/crypto: Have a single ECDSA verification module 



Remove the generic ECDSA verification module and keep the
existing one, just renaming it image_ecdsa.c. Make sure
that the abstraction layer is generically called ecdsa.h
and the abstraction names are not P256 specific.

Signed-off-by: default avatarAntonio de Angelis <Antonio.deAngelis@arm.com>
Change-Id: I6f78cfc1b1c2851cdad67efa91c6cb49498187bb
parent 966ac818

boot/bootutil/CMakeLists.txt

+1 −2
Original line number Diff line number Diff line
@@ -23,10 +23,9 @@ target_sources(bootutil 
        src/encrypted.c

        src/fault_injection_hardening.c

        src/fault_injection_hardening_delay_rng_mbedtls.c

        src/image_ec256.c

        src/image_ecdsa.c

        src/image_ed25519.c

        src/image_rsa.c

        src/image_ecdsa.c

        src/image_validate.c

        src/loader.c

        src/swap_misc.c

boot/bootutil/include/bootutil/crypto/ecdsa.h

+585 −214

File changed.

Preview size limit exceeded, changes collapsed.

boot/bootutil/include/bootutil/crypto/ecdsa_p256.h

deleted100644 → 0
+0 −580

File deleted.

Preview size limit exceeded, changes collapsed.

boot/bootutil/src/image_ec256.c

deleted100644 → 0
+0 −69
Original line number Diff line number Diff line 
/*

 * SPDX-License-Identifier: Apache-2.0

 *

 * Copyright (c) 2016-2019 JUUL Labs

 * Copyright (c) 2017 Linaro LTD

 * Copyright (C) 2021-2023 Arm Limited

 *

 * Original license:

 *

 * Licensed to the Apache Software Foundation (ASF) under one

 * or more contributor license agreements.  See the NOTICE file

 * distributed with this work for additional information

 * regarding copyright ownership.  The ASF licenses this file

 * to you under the Apache License, Version 2.0 (the

 * "License"); you may not use this file except in compliance

 * with the License.  You may obtain a copy of the License at

 *

 *  http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing,

 * software distributed under the License is distributed on an

 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

 * KIND, either express or implied.  See the License for the

 * specific language governing permissions and limitations

 * under the License.

 */



#include <string.h>



#include "mcuboot_config/mcuboot_config.h"



#ifdef MCUBOOT_SIGN_EC256



#include "bootutil_priv.h"

#include "bootutil/fault_injection_hardening.h"

#include "bootutil/crypto/ecdsa_p256.h"



fih_ret

bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, size_t slen,

                    uint8_t key_id)

{

    int rc;

    bootutil_ecdsa_p256_context ctx;

    FIH_DECLARE(fih_rc, FIH_FAILURE);

    uint8_t *pubkey;

    uint8_t *end;



    pubkey = (uint8_t *)bootutil_keys[key_id].key;

    end = pubkey + *bootutil_keys[key_id].len;

    bootutil_ecdsa_p256_init(&ctx);



    rc = bootutil_ecdsa_p256_parse_public_key(&ctx, &pubkey, end);

    if (rc) {

        goto out;

    }



    rc = bootutil_ecdsa_p256_verify(&ctx, pubkey, end-pubkey, hash, hlen, sig, slen);

    fih_rc = fih_ret_encode_zero_equality(rc);

    if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {

        FIH_SET(fih_rc, FIH_FAILURE);

    }



out:

    bootutil_ecdsa_p256_drop(&ctx);



    FIH_RET(fih_rc);

}



#endif /* MCUBOOT_SIGN_EC256 */

boot/bootutil/src/image_ecdsa.c

+69 −64

File changed.

Preview size limit exceeded, changes collapsed.

CRA Git | Maintained and supported by SUSTech CRA and CCSE