zephyr: Support RSA, and ECDSA P-256 signing
Make it clear in the top-level Makefile how to configure mcuboot for
Zephyr for a particular signing algorithm. Currently supported, are the
RSA signatures, and ECDSA with the P-256 curve. These configuration
lines will select the code built in the bootloader, as well as which
public key gets included with the image.
This also adds a demo public key for the P-256 signatures.
diff --git a/boot/zephyr/include/config-asn1.h b/boot/zephyr/include/config-asn1.h
new file mode 100644
index 0000000..ba5b97c
--- /dev/null
+++ b/boot/zephyr/include/config-asn1.h
@@ -0,0 +1,47 @@
+/*
+ * Configuration of mbedTLS containing only the ASN.1 parser.
+ *
+ * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Copyright (C) 2016, Linaro Ltd
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * Minimal configuration for using TLS in the bootloader
+ *
+ * - RSA or ECDSA signature verification
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+
+/* mbed TLS modules */
+#define MBEDTLS_ASN1_PARSE_C
+// #define MBEDTLS_ASN1_WRITE_C
+// #define MBEDTLS_BIGNUM_C
+// #define MBEDTLS_MD_C
+// #define MBEDTLS_OID_C
+#define MBEDTLS_SHA256_C
+
+#include "mbedtls/check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */