TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / 81daed09f847bf5fadea36fe081c0af3d3818699^! / . / bl2 / ext / mcuboot / bootutil / src
commit81daed09f847bf5fadea36fe081c0af3d3818699[log] [tgz]
authorTamas Ban <tamas.ban@arm.com>Mon May 20 15:05:22 2019 +0100
committerTamas Ban <tamas.ban@arm.com>Fri May 24 12:26:06 2019 +0000
treebd49b2f47d93578f51f5e0d59afa72c0394f76e2
parent7801ed4dcba33a5412ed5c9bcbded0ee6d48dd52 [diff]
Boot: Add RSA-3072 support to MCUBoot

PSA TBSA-M recommends to use RSA signature for firmware
authentication with at least 3072 bits length key size.
This patch introduces:
- add an example RSA-3072 key
- add configurable RSA-3072 support (RSA-2048 still available)
- set RSA-3072 to default

This change is based on:
https://github.com/JuulLabs-OSS/mcuboot/pull/476
authored by Fabio Utzig <utzig@apache.org>

Change-Id: Ic8d188f64d0dbe54aebf28c2778fb932e1afeeb9
Signed-off-by: Tamas Ban <tamas.ban@arm.com>

diff --git a/bl2/ext/mcuboot/bootutil/src/image_rsa.c b/bl2/ext/mcuboot/bootutil/src/image_rsa.c
index 3ab03ce..a9f2393 100644
--- a/bl2/ext/mcuboot/bootutil/src/image_rsa.c
+++ b/bl2/ext/mcuboot/bootutil/src/image_rsa.c

@@ -38,13 +38,13 @@
 
 /*
  * Constants for this particular constrained implementation of
- * RSA-PSS.  In particular, we support RSA 2048, with a SHA256 hash,
- * and a 32-byte salt.  A signature with different parameters will be
+ * RSA-PSS.  In particular, we support RSA 2048 and RSA 3072, with a SHA256
+ * hash, and a 32-byte salt.  A signature with different parameters will be
  * rejected as invalid.
  */
 
 /* The size, in octets, of the message. */
-#define PSS_EMLEN 256
+#define PSS_EMLEN (MCUBOOT_SIGN_RSA_LEN / 8)
 
 /* The size of the hash function.  For SHA256, this is 32 bytes. */
 #define PSS_HLEN 32
@@ -53,7 +53,7 @@
 #define PSS_SLEN 32
 
 /* The length of the mask: emLen - hLen - 1. */
-#define PSS_MASK_LEN (256 - PSS_HLEN - 1)
+#define PSS_MASK_LEN (PSS_EMLEN - PSS_HLEN - 1)
 
 #define PSS_HASH_OFFSET PSS_MASK_LEN
 

diff --git a/bl2/ext/mcuboot/bootutil/src/image_validate.c b/bl2/ext/mcuboot/bootutil/src/image_validate.c
index b9db6de..036d242 100644
--- a/bl2/ext/mcuboot/bootutil/src/image_validate.c
+++ b/bl2/ext/mcuboot/bootutil/src/image_validate.c

@@ -106,9 +106,19 @@
  * call.  List the type of TLV we are expecting.  If we aren't
  * configured for any signature, don't define this macro.
  */
+
 #if defined(MCUBOOT_SIGN_RSA)
-#    define EXPECTED_SIG_TLV IMAGE_TLV_RSA2048_PSS
-#    define EXPECTED_SIG_LEN(x) ((x) == 256) /* 2048 bits */
+#    if MCUBOOT_SIGN_RSA_LEN == 2048
+#        define EXPECTED_SIG_TLV IMAGE_TLV_RSA2048_PSS
+#    elif MCUBOOT_SIGN_RSA_LEN == 3072
+#        define EXPECTED_SIG_TLV IMAGE_TLV_RSA3072_PSS
+#    else
+#        error "Unsupported RSA signature length"
+#    endif
+#    define SIG_BUF_SIZE (MCUBOOT_SIGN_RSA_LEN / 8)
+#    define EXPECTED_SIG_LEN(x) ((x) == SIG_BUF_SIZE)
+#else
+#    define SIG_BUF_SIZE 32 /* no signing, sha256 digest only */
 #endif
 
 #ifdef EXPECTED_SIG_TLV
@@ -320,7 +330,7 @@
     int key_id = -1;
 #endif
     struct image_tlv tlv;
-    uint8_t buf[256];
+    uint8_t buf[SIG_BUF_SIZE];
     uint8_t hash[32] = {0};
     uint32_t security_cnt;
     uint32_t img_security_cnt;