TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / 0f869bbea42ae7870970f3d64b221398cbb60881^! / . / docs / user_guides
commit0f869bbea42ae7870970f3d64b221398cbb60881[log] [tgz]
authorKevin Townsend <kevin.townsend@linaro.org>Thu Aug 01 21:06:48 2019 +0200
committerTamas Ban <tamas.ban@arm.com>Tue Sep 10 14:55:25 2019 +0000
treefd3a1dbfaf954b83a75f9c58bbddb7bb7373c7f1
parent6fd21f14138d055cbf4b278b5e3370d0d08a99d7 [diff]
Boot: Migrate from pycrypto to cryptography

This commit migrates imgtool -- specifically
imgtool_lib/keys.py -- from Pycrypto, which hasn't been
updated in many years, to the actively maintained
Cryptography module.

Aside from active development, generally meaning a
lower risk of unaddressed security issues, this migration
has a number of secondary benefits:

- It moves imgtool closer to the upstream mcuboot,
  which recently removed Pycrypto usage as well.
- It allows the possibility of migrating to a more
  secure key format, due to support for PKCS8, etc.
- It allows TF-M binaries to be signed with the
  Zephyr SDK (tested on 0.10.1) with no additional
  dependencies.

Author: Kevin Townsend <kevin.townsend@linaro.org>
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
Change-Id: I4f520fb3491831d9f83fe6b163b230b591bf4a8a

diff --git a/docs/user_guides/tfm_sw_requirement.rst b/docs/user_guides/tfm_sw_requirement.rst
index 26d359e..4434dda 100644
--- a/docs/user_guides/tfm_sw_requirement.rst
+++ b/docs/user_guides/tfm_sw_requirement.rst

@@ -18,7 +18,7 @@
    "yaml",,"Firmware"
    "pyasn1",,"Firmware"
    "jinja2",,"Firmware"
-   "pycrypto",,"Firmware"
+   "cryptography",,"Firmware"
    "Doxygen",">1.8","Reference manual"
    "Sphinx",">1.4","User Guide"
    "sphinxcontrib-plantuml",,"User Guide"
@@ -33,7 +33,7 @@
 Dependency chain:
 
 .. uml::
-   
+
    @startuml
     skinparam state {
       BackgroundColor #92AEE0
@@ -64,15 +64,15 @@
     fw --> c_comp
     fw --> CMake
     CMake --> gmake
-    fw --> pycrypto
+    fw --> cryptography
     fw --> pyasn1
     fw --> yaml
     fw --> jinja2
-    pycrypto --> Python3
+    cryptography --> Python3
     pyasn1 --> Python3
     yaml --> Python3
     jinja2 --> Python3
-    
+
     [*] --> u_guide
     u_guide --> Sphinx
     Sphinx --> m2r
@@ -86,7 +86,7 @@
     PlantUML --> gwiz
     Sphinx --> LaTex
     LaTex --> PdfLaTex
-    
+
     [*] --> refman
     refman --> Doxygen
     Doxygen --> PlantUML
@@ -112,7 +112,7 @@
 possible.
 
 The following environments are supported:
-    
+
     - Windows 10 x64 + Cygwin x64 (example configuration is provided for
       this Windows setup only).
     - Windows 10 x64 + msys2 x64.
@@ -181,7 +181,7 @@
 available from the official repository of your distribution.
 
 On Windows the following binaries are supported:
-    
+
     - GNU make v4.2.1 executable from Cygwin
     - GNU make v4.2.1 executable from msys2
     - GNU make v4.2 executable from DS5 |DS5_VERSION| (see <DS5 directory>/bin)
@@ -207,7 +207,7 @@
 - CMake (see the "Supported CMake versions" chapter)
 - GNU Make (see the "Supported make versions" chapter)
 - Python3, with the following libraries:
-- pycrypto
+- cryptography
 - pyasn1
 - yaml
 - jinja2 v2.10
@@ -259,7 +259,7 @@
 - Python3 `(native Windows
   version) <https://www.python.org/downloads/>`__, with the following
   libraries:
-- pycryptodome (pip3 install --user pycryptodome)
+- cryptography (pip3 install --user cryptography)
 - pyasn1 (pip3 install --user pyasn1)
 - pyyaml (pip3 install --user pyyaml)
 - jinja2 (pip3 install --user jinja2)