bootutil: Replace hash with SHA384 when P384 is used
Currently all the hashing functionality is done with SHA256
but if we would like to use ECDSA-P384 that requires SHA384
as the hashing algorithm, but MCUboot is using SHA256
for image hashing and public key hashing. This commit modifies
the hashing operations to use SHA384 thus SHA256 can be omitted
which is beneficial from a code size standpoint.
Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I59230f76f88e0b42ad6383b2c9b71b73f33d7dd7
diff --git a/boot/bootutil/src/image_rsa.c b/boot/bootutil/src/image_rsa.c
index 34ee85b..37c35e0 100644
--- a/boot/bootutil/src/image_rsa.c
+++ b/boot/bootutil/src/image_rsa.c
@@ -43,7 +43,7 @@
*/
#if !defined(MCUBOOT_USE_PSA_CRYPTO)
-#include "bootutil/crypto/sha256.h"
+#include "bootutil/crypto/sha.h"
/*
* Constants for this particular constrained implementation of
@@ -86,17 +86,17 @@
static void
pss_mgf1(uint8_t *mask, const uint8_t *hash)
{
- bootutil_sha256_context ctx;
+ bootutil_sha_context ctx;
uint8_t counter[4] = { 0, 0, 0, 0 };
uint8_t htmp[PSS_HLEN];
int count = PSS_MASK_LEN;
int bytes;
while (count > 0) {
- bootutil_sha256_init(&ctx);
- bootutil_sha256_update(&ctx, hash, PSS_HLEN);
- bootutil_sha256_update(&ctx, counter, 4);
- bootutil_sha256_finish(&ctx, htmp);
+ bootutil_sha_init(&ctx);
+ bootutil_sha_update(&ctx, hash, PSS_HLEN);
+ bootutil_sha_update(&ctx, counter, 4);
+ bootutil_sha_finish(&ctx, htmp);
counter[3]++;
@@ -109,7 +109,7 @@
count -= bytes;
}
- bootutil_sha256_drop(&ctx);
+ bootutil_sha_drop(&ctx);
}
/*
@@ -121,7 +121,7 @@
bootutil_cmp_rsasig(bootutil_rsa_context *ctx, uint8_t *hash, uint32_t hlen,
uint8_t *sig, size_t slen)
{
- bootutil_sha256_context shactx;
+ bootutil_sha_context shactx;
uint8_t em[MBEDTLS_MPI_MAX_SIZE];
uint8_t db_mask[PSS_MASK_LEN];
uint8_t h2[PSS_HLEN];
@@ -221,12 +221,12 @@
/* Step 12. Let M' = 0x00 00 00 00 00 00 00 00 || mHash || salt; */
/* Step 13. Let H' = Hash(M') */
- bootutil_sha256_init(&shactx);
- bootutil_sha256_update(&shactx, pss_zeros, 8);
- bootutil_sha256_update(&shactx, hash, PSS_HLEN);
- bootutil_sha256_update(&shactx, &db_mask[PSS_MASK_SALT_POS], PSS_SLEN);
- bootutil_sha256_finish(&shactx, h2);
- bootutil_sha256_drop(&shactx);
+ bootutil_sha_init(&shactx);
+ bootutil_sha_update(&shactx, pss_zeros, 8);
+ bootutil_sha_update(&shactx, hash, PSS_HLEN);
+ bootutil_sha_update(&shactx, &db_mask[PSS_MASK_SALT_POS], PSS_SLEN);
+ bootutil_sha_finish(&shactx, h2);
+ bootutil_sha_drop(&shactx);
/* Step 14. If H = H', output "consistent". Otherwise, output
* "inconsistent". */