Commit d12c6888 authored by Jamie McCrae's avatar Jamie McCrae Committed by Henrik Brix Andersen
Browse files

mgmt: mcumgr: grp: img_mgmt: Add support for SHA512 in images



Adds support for images signed with SHA512.

Signed-off-by: default avatarDominik Ermel <dominik.ermel@nordicsemi.no>
Signed-off-by: default avatarJamie McCrae <jamie.mccrae@nordicsemi.no>
parent 7e92b704
Loading
Loading
Loading
Loading
+8 −0
Original line number Diff line number Diff line
@@ -18,6 +18,14 @@
extern "C" {
#endif

#ifdef CONFIG_MCUBOOT_BOOTLOADER_USES_SHA512
#define IMAGE_TLV_SHA		IMAGE_TLV_SHA512
#define IMAGE_SHA_LEN		64
#else
#define IMAGE_TLV_SHA		IMAGE_TLV_SHA256
#define IMAGE_SHA_LEN		32
#endif

/**
 * @brief Ensures the spare slot (slot 1) is fully erased.
 *
+6 −6
Original line number Diff line number Diff line
@@ -322,7 +322,7 @@ int img_mgmt_read_info(int image_slot, struct image_version *ver, uint8_t *hash,
		if (tlv.it_type == 0xff && tlv.it_len == 0xffff) {
			return IMG_MGMT_ERR_INVALID_TLV;
		}
		if (tlv.it_type != IMAGE_TLV_SHA256 || tlv.it_len != IMAGE_HASH_LEN) {
		if (tlv.it_type != IMAGE_TLV_SHA || tlv.it_len != IMAGE_SHA_LEN) {
			/* Non-hash TLV.  Skip it. */
			data_off += sizeof(tlv) + tlv.it_len;
			continue;
@@ -336,10 +336,10 @@ int img_mgmt_read_info(int image_slot, struct image_version *ver, uint8_t *hash,

		data_off += sizeof(tlv);
		if (hash != NULL) {
			if (data_off + IMAGE_HASH_LEN > data_end) {
			if (data_off + IMAGE_SHA_LEN > data_end) {
				return IMG_MGMT_ERR_TLV_INVALID_SIZE;
			}
			rc = img_mgmt_read(image_slot, data_off, hash, IMAGE_HASH_LEN);
			rc = img_mgmt_read(image_slot, data_off, hash, IMAGE_SHA_LEN);
			if (rc != 0) {
				return rc;
			}
@@ -382,13 +382,13 @@ int
img_mgmt_find_by_hash(uint8_t *find, struct image_version *ver)
{
	int i;
	uint8_t hash[IMAGE_HASH_LEN];
	uint8_t hash[IMAGE_SHA_LEN];

	for (i = 0; i < SLOTS_PER_IMAGE * CONFIG_MCUMGR_GRP_IMG_UPDATABLE_IMAGE_NUMBER; i++) {
		if (img_mgmt_read_info(i, ver, hash, NULL) != 0) {
			continue;
		}
		if (!memcmp(hash, find, IMAGE_HASH_LEN)) {
		if (!memcmp(hash, find, IMAGE_SHA_LEN)) {
			return i;
		}
	}
@@ -698,7 +698,7 @@ img_mgmt_upload_good_rsp(struct smp_streamer *ctxt)
static int
img_mgmt_upload_log(bool is_first, bool is_last, int status)
{
	uint8_t hash[IMAGE_HASH_LEN];
	uint8_t hash[IMAGE_SHA_LEN];
	const uint8_t *hashp;
	int rc;

+7 −4
Original line number Diff line number Diff line
@@ -435,8 +435,11 @@ static bool img_mgmt_state_encode_slot(struct smp_streamer *ctxt, uint32_t slot,
	zcbor_state_t *zse = ctxt->writer->zs;
	uint32_t flags;
	char vers_str[IMG_MGMT_VER_MAX_STR_LEN];
	uint8_t hash[IMAGE_HASH_LEN]; /* SHA256 hash */
	struct zcbor_string zhash = { .value = hash, .len = IMAGE_HASH_LEN };
	uint8_t hash[IMAGE_SHA_LEN];
	struct zcbor_string zhash = {
		.value = hash,
		.len = IMAGE_SHA_LEN,
	};
	struct image_version ver;
	bool ok;
	int rc = img_mgmt_read_info(slot, &ver, hash, &flags);
@@ -780,14 +783,14 @@ img_mgmt_state_write(struct smp_streamer *ctxt)
					     IMG_MGMT_ERR_INVALID_HASH);
			goto end;
		}
	} else if (zhash.len != IMAGE_HASH_LEN) {
	} else if (zhash.len != IMAGE_SHA_LEN) {
		/* The img_mgmt_find_by_hash does exact length compare
		 * so just fail here.
		 */
		ok = smp_add_cmd_err(zse, MGMT_GROUP_ID_IMAGE, IMG_MGMT_ERR_INVALID_HASH);
		goto end;
	} else {
		uint8_t hash[IMAGE_HASH_LEN];
		uint8_t hash[IMAGE_SHA_LEN];

		memcpy(hash, zhash.value, zhash.len);