Commit 63d2346d authored by Roland Mikhel's avatar Roland Mikhel Committed by Dávid Vincze
Browse files

bootutil: Remove curve specific ECDSA TLVs 



Remove those TLVs that are tied to a specific curve and update
the image validation logic to look for the new generic TLV

Signed-off-by: default avatarRoland Mikhel <roland.mikhel@arm.com>
Change-Id: I924f2742424bc255fbed1b0941648baa88f60147
parent b08e77e0

boot/bootutil/include/bootutil/image.h

+2 −2
Original line number Diff line number Diff line
@@ -86,10 +86,10 @@ struct flash_area; 
#define IMAGE_TLV_SHA256            0x10   /* SHA256 of image hdr and body */

#define IMAGE_TLV_RSA2048_PSS       0x20   /* RSA2048 of hash output */

#define IMAGE_TLV_ECDSA224          0x21   /* ECDSA of hash output - Not supported anymore */

#define IMAGE_TLV_ECDSA256          0x22   /* ECDSA of hash output */

#define IMAGE_TLV_ECDSA256          0x22   /* ECDSA of hash output - Not supported anymore */

#define IMAGE_TLV_RSA3072_PSS       0x23   /* RSA3072 of hash output */

#define IMAGE_TLV_ED25519           0x24   /* ed25519 of hash output */

#define IMAGE_TLV_ECDSA_SIG         0x25   /* generic ECDSA signature */

#define IMAGE_TLV_ECDSA_SIG         0x25   /* ECDSA of hash output */

#define IMAGE_TLV_ENC_RSA2048       0x30   /* Key encrypted with RSA-OAEP-2048 */

#define IMAGE_TLV_ENC_KW            0x31   /* Key encrypted with AES-KW 128 or 256*/

#define IMAGE_TLV_ENC_EC256         0x32   /* Key encrypted with ECIES-EC256 */

boot/bootutil/src/image_validate.c

+4 −3
Original line number Diff line number Diff line
@@ -184,8 +184,9 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index, 
#    endif

#    define SIG_BUF_SIZE (MCUBOOT_SIGN_RSA_LEN / 8)

#    define EXPECTED_SIG_LEN(x) ((x) == SIG_BUF_SIZE) /* 2048 bits */

#elif defined(MCUBOOT_SIGN_EC256)

#    define EXPECTED_SIG_TLV IMAGE_TLV_ECDSA256

#elif defined(MCUBOOT_SIGN_EC256) || \

      defined(MCUBOOT_SIGN_EC)

#    define EXPECTED_SIG_TLV IMAGE_TLV_ECDSA_SIG

#    define SIG_BUF_SIZE 128

#    define EXPECTED_SIG_LEN(x) (1) /* always true, ASN.1 will validate */

#elif defined(MCUBOOT_SIGN_ED25519)

docs/design.md

+2 −1
Original line number Diff line number Diff line
@@ -108,9 +108,10 @@ struct image_tlv { 
#define IMAGE_TLV_SHA256            0x10   /* SHA256 of image hdr and body */

#define IMAGE_TLV_RSA2048_PSS       0x20   /* RSA2048 of hash output */

#define IMAGE_TLV_ECDSA224          0x21   /* ECDSA of hash output - Not supported anymore */

#define IMAGE_TLV_ECDSA256          0x22   /* ECDSA of hash output */

#define IMAGE_TLV_ECDSA256          0x22   /* ECDSA of hash output - Not supported anymore */

#define IMAGE_TLV_RSA3072_PSS       0x23   /* RSA3072 of hash output */

#define IMAGE_TLV_ED25519           0x24   /* ED25519 of hash output */

#define IMAGE_TLV_ECDSA_SIG         0x25   /* ECDSA of hash output */

#define IMAGE_TLV_ENC_RSA2048       0x30   /* Key encrypted with RSA-OAEP-2048 */

#define IMAGE_TLV_ENC_KW            0x31   /* Key encrypted with AES-KW-128 or

                                              256 */

CRA Git | Maintained and supported by SUSTech CRA and CCSE