Commit 4395b809 authored by David Vincze's avatar David Vincze Committed by Dávid Vincze
Browse files

boot: Restore and extend the usage of 0x22 TLV (ECDSA256) 



The IMAGE_TLV_ECDSA256 TLV has been put out of use by
commit 63d2346d.
This commit reverts this part of that patch and at the
same time it extends the usage of this TLV to cover all types
of curves (replacing the newly introduced 0x25 TLV type)
while retaining its value (0x22) for backward compatibility.
Rename IMAGE_TLV_ECDSA256 to IMAGE_TLV_ECDSA_SIG.

Change-Id: I904f292db775c38f26a5e9a87c5f414165efc173
Signed-off-by: default avatarDavid Vincze <david.vincze@arm.com>
parent 67693442

boot/bootutil/include/bootutil/image.h

+1 −2
Original line number Diff line number Diff line
@@ -86,10 +86,9 @@ struct flash_area; 
#define IMAGE_TLV_SHA256            0x10   /* SHA256 of image hdr and body */

#define IMAGE_TLV_RSA2048_PSS       0x20   /* RSA2048 of hash output */

#define IMAGE_TLV_ECDSA224          0x21   /* ECDSA of hash output - Not supported anymore */

#define IMAGE_TLV_ECDSA256          0x22   /* ECDSA of hash output - Not supported anymore */

#define IMAGE_TLV_ECDSA_SIG         0x22   /* ECDSA of hash output */

#define IMAGE_TLV_RSA3072_PSS       0x23   /* RSA3072 of hash output */

#define IMAGE_TLV_ED25519           0x24   /* ed25519 of hash output */

#define IMAGE_TLV_ECDSA_SIG         0x25   /* ECDSA of hash output */

#define IMAGE_TLV_ENC_RSA2048       0x30   /* Key encrypted with RSA-OAEP-2048 */

#define IMAGE_TLV_ENC_KW            0x31   /* Key encrypted with AES-KW 128 or 256*/

#define IMAGE_TLV_ENC_EC256         0x32   /* Key encrypted with ECIES-EC256 */

docs/design.md

+1 −2
Original line number Diff line number Diff line
@@ -108,10 +108,9 @@ struct image_tlv { 
#define IMAGE_TLV_SHA256            0x10   /* SHA256 of image hdr and body */

#define IMAGE_TLV_RSA2048_PSS       0x20   /* RSA2048 of hash output */

#define IMAGE_TLV_ECDSA224          0x21   /* ECDSA of hash output - Not supported anymore */

#define IMAGE_TLV_ECDSA256          0x22   /* ECDSA of hash output - Not supported anymore */

#define IMAGE_TLV_ECDSA_SIG         0x22   /* ECDSA of hash output */

#define IMAGE_TLV_RSA3072_PSS       0x23   /* RSA3072 of hash output */

#define IMAGE_TLV_ED25519           0x24   /* ED25519 of hash output */

#define IMAGE_TLV_ECDSA_SIG         0x25   /* ECDSA of hash output */

#define IMAGE_TLV_ENC_RSA2048       0x30   /* Key encrypted with RSA-OAEP-2048 */

#define IMAGE_TLV_ENC_KW            0x31   /* Key encrypted with AES-KW-128 or

                                              256 */

docs/release-notes.d/ecdsa-tlv-p384.md

+2 −2
Original line number Diff line number Diff line 
- Add generic ECDSA TLV, remove the ECDSA256 and ECDSA224 curve TLVs.

- Add P384 support to imgtool.
 
- Make the ECDSA256 TLV curve agnostic and rename it to ECDSA_SIG.

- imgtool: add P384 support along with SHA384.

scripts/imgtool/image.py

+1 −2
Original line number Diff line number Diff line
@@ -64,10 +64,9 @@ TLV_VALUES = { 
        'SHA256': 0x10,

        'SHA384': 0x11,

        'RSA2048': 0x20,

        'ECDSA256': 0x22,

        'ECDSASIG': 0x22,

        'RSA3072': 0x23,

        'ED25519': 0x24,

        'ECDSASIG': 0x25,

        'ENCRSA2048': 0x30,

        'ENCKW': 0x31,

        'ENCEC256': 0x32,

sim/src/tlv.rs

+1 −1
Original line number Diff line number Diff line
@@ -51,9 +51,9 @@ pub enum TlvKinds { 
    KEYHASH = 0x01,

    SHA256 = 0x10,

    RSA2048 = 0x20,

    ECDSASIG = 0x22,

    RSA3072 = 0x23,

    ED25519 = 0x24,

    ECDSASIG = 0x25,

    ENCRSA2048 = 0x30,

    ENCKW = 0x31,

    ENCEC256 = 0x32,

CRA Git | Maintained and supported by SUSTech CRA and CCSE