TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / 6fdbf55756a9e59ddd624ca352495d6191ba4110 / . / sim / src / tlv.rs
blob: 8ccdb0afa7eebe859a88e176d15b3c34977e1dcb [file] [log] [blame]
David Browne2acfae2020-01-21 16:45:01 -0700[diff] [blame]1// Copyright (c) 2017-2020 Linaro LTD
2// Copyright (c) 2017-2020 JUUL Labs
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]3// Copyright (c) 2021 Arm Limited
David Browne2acfae2020-01-21 16:45:01 -0700[diff] [blame]4//
5// SPDX-License-Identifier: Apache-2.0
6
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]7//! TLV Support
8//!
9//! mcuboot images are followed immediately by a list of TLV items that contain integrity
10//! information about the image. Their generation is made a little complicated because the size of
11//! the TLV block is in the image header, which is included in the hash. Since some signatures can
12//! vary in size, we just make them the largest size possible.
13//!
14//! Because of this header, we have to make two passes. The first pass will compute the size of
15//! the TLV, and the second pass will build the data for the TLV.
16
David Brown91d68632019-07-29 14:32:13 -0600[diff] [blame]17use byteorder::{
18 LittleEndian, WriteBytesExt,
19};
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]20use crate::image::ImageVersion;
Fabio Utzige84f0ef2019-11-22 12:29:32 -0300[diff] [blame]21use log::info;
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]22use ring::{digest, rand, agreement, hkdf, hmac};
Fabio Utzige84f0ef2019-11-22 12:29:32 -0300[diff] [blame]23use ring::rand::SecureRandom;
Fabio Utzig05ab0142018-07-10 09:15:28 -0300[diff] [blame]24use ring::signature::{
25 RsaKeyPair,
26 RSA_PSS_SHA256,
27 EcdsaKeyPair,
28 ECDSA_P256_SHA256_ASN1_SIGNING,
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]29 Ed25519KeyPair,
Fabio Utzig05ab0142018-07-10 09:15:28 -0300[diff] [blame]30};
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]31use aes_ctr::{
32 Aes128Ctr,
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]33 Aes256Ctr,
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]34 stream_cipher::{
35 generic_array::GenericArray,
David Brown8a99adf2020-07-09 16:52:38 -0600[diff] [blame]36 NewStreamCipher,
37 SyncStreamCipher,
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]38 },
39};
Fabio Utzig80fde2f2017-12-05 09:25:31 -0200[diff] [blame]40use mcuboot_sys::c;
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]41use typenum::{U16, U32};
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]42
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]43#[repr(u16)]
David Brownc3898d62019-08-05 14:20:02 -0600[diff] [blame]44#[derive(Copy, Clone, Debug, PartialEq, Eq)]
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]45#[allow(dead_code)] // TODO: For now
46pub enum TlvKinds {
David Brown43cda332017-09-01 09:53:23 -0600[diff] [blame]47 KEYHASH = 0x01,
David Brown27648b82017-08-31 10:40:29 -0600[diff] [blame]48 SHA256 = 0x10,
49 RSA2048 = 0x20,
50 ECDSA224 = 0x21,
51 ECDSA256 = 0x22,
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]52 RSA3072 = 0x23,
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]53 ED25519 = 0x24,
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]54 ENCRSA2048 = 0x30,
Salome Thirot0f641972021-05-14 11:19:55 +0100[diff] [blame]55 ENCKW = 0x31,
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]56 ENCEC256 = 0x32,
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]57 ENCX25519 = 0x33,
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]58 DEPENDENCY = 0x40,
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]59}
60
61#[allow(dead_code, non_camel_case_types)]
62pub enum TlvFlags {
63 PIC = 0x01,
64 NON_BOOTABLE = 0x02,
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]65 ENCRYPTED_AES128 = 0x04,
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]66 RAM_LOAD = 0x20,
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]67 ENCRYPTED_AES256 = 0x08,
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]68}
69
David Brown43643dd2019-01-11 15:43:28 -0700[diff] [blame]70/// A generator for manifests. The format of the manifest can be either a
71/// traditional "TLV" or a SUIT-style manifest.
72pub trait ManifestGen {
David Brownac46e262019-01-11 15:46:18 -0700[diff] [blame]73 /// Retrieve the header magic value for this manifest type.
74 fn get_magic(&self) -> u32;
75
David Brown43643dd2019-01-11 15:43:28 -0700[diff] [blame]76 /// Retrieve the flags value for this particular manifest type.
77 fn get_flags(&self) -> u32;
78
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]79 /// Retrieve the number of bytes of this manifest that is "protected".
80 /// This field is stored in the outside image header instead of the
81 /// manifest header.
82 fn protect_size(&self) -> u16;
83
84 /// Add a dependency on another image.
85 fn add_dependency(&mut self, id: u8, version: &ImageVersion);
86
David Brown43643dd2019-01-11 15:43:28 -0700[diff] [blame]87 /// Add a sequence of bytes to the payload that the manifest is
88 /// protecting.
89 fn add_bytes(&mut self, bytes: &[u8]);
90
David Browne90b13f2019-12-06 15:04:00 -0700[diff] [blame]91 /// Set an internal flag indicating that the next `make_tlv` should
92 /// corrupt the signature.
93 fn corrupt_sig(&mut self);
94
David Brown43643dd2019-01-11 15:43:28 -0700[diff] [blame]95 /// Construct the manifest for this payload.
96 fn make_tlv(self: Box<Self>) -> Vec<u8>;
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]97
Fabio Utzige84f0ef2019-11-22 12:29:32 -0300[diff] [blame]98 /// Generate a new encryption random key
99 fn generate_enc_key(&mut self);
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]100
101 /// Return the current encryption key
102 fn get_enc_key(&self) -> Vec<u8>;
David Brown43643dd2019-01-11 15:43:28 -0700[diff] [blame]103}
104
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]105#[derive(Debug, Default)]
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]106pub struct TlvGen {
David Brown43cda332017-09-01 09:53:23 -0600[diff] [blame]107 flags: u32,
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]108 kinds: Vec<TlvKinds>,
David Brown4243ab02017-07-11 12:24:23 -0600[diff] [blame]109 payload: Vec<u8>,
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]110 dependencies: Vec<Dependency>,
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]111 enc_key: Vec<u8>,
David Browne90b13f2019-12-06 15:04:00 -0700[diff] [blame]112 /// Should this signature be corrupted.
113 gen_corrupted: bool,
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]114}
115
David Brownc3898d62019-08-05 14:20:02 -0600[diff] [blame]116#[derive(Debug)]
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]117struct Dependency {
118 id: u8,
119 version: ImageVersion,
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]120}
121
122impl TlvGen {
123 /// Construct a new tlv generator that will only contain a hash of the data.
David Brown7e701d82017-07-11 13:24:25 -0600[diff] [blame]124 #[allow(dead_code)]
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]125 pub fn new_hash_only() -> TlvGen {
126 TlvGen {
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]127 kinds: vec![TlvKinds::SHA256],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]128 ..Default::default()
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]129 }
130 }
131
David Brown7e701d82017-07-11 13:24:25 -0600[diff] [blame]132 #[allow(dead_code)]
133 pub fn new_rsa_pss() -> TlvGen {
134 TlvGen {
Fabio Utzig754438d2018-12-14 06:39:58 -0200[diff] [blame]135 kinds: vec![TlvKinds::SHA256, TlvKinds::RSA2048],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]136 ..Default::default()
David Brown7e701d82017-07-11 13:24:25 -0600[diff] [blame]137 }
138 }
139
Fabio Utzig80fde2f2017-12-05 09:25:31 -0200[diff] [blame]140 #[allow(dead_code)]
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]141 pub fn new_rsa3072_pss() -> TlvGen {
142 TlvGen {
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]143 kinds: vec![TlvKinds::SHA256, TlvKinds::RSA3072],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]144 ..Default::default()
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]145 }
146 }
147
148 #[allow(dead_code)]
Fabio Utzig80fde2f2017-12-05 09:25:31 -0200[diff] [blame]149 pub fn new_ecdsa() -> TlvGen {
150 TlvGen {
Fabio Utzig754438d2018-12-14 06:39:58 -0200[diff] [blame]151 kinds: vec![TlvKinds::SHA256, TlvKinds::ECDSA256],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]152 ..Default::default()
Fabio Utzig80fde2f2017-12-05 09:25:31 -0200[diff] [blame]153 }
154 }
155
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]156 #[allow(dead_code)]
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]157 pub fn new_ed25519() -> TlvGen {
158 TlvGen {
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]159 kinds: vec![TlvKinds::SHA256, TlvKinds::ED25519],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]160 ..Default::default()
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]161 }
162 }
163
164 #[allow(dead_code)]
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]165 pub fn new_enc_rsa(aes_key_size: u32) -> TlvGen {
166 let flag = if aes_key_size == 256 {
167 TlvFlags::ENCRYPTED_AES256 as u32
168 } else {
169 TlvFlags::ENCRYPTED_AES128 as u32
170 };
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]171 TlvGen {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]172 flags: flag,
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]173 kinds: vec![TlvKinds::SHA256, TlvKinds::ENCRSA2048],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]174 ..Default::default()
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]175 }
176 }
177
178 #[allow(dead_code)]
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]179 pub fn new_sig_enc_rsa(aes_key_size: u32) -> TlvGen {
180 let flag = if aes_key_size == 256 {
181 TlvFlags::ENCRYPTED_AES256 as u32
182 } else {
183 TlvFlags::ENCRYPTED_AES128 as u32
184 };
Fabio Utzig754438d2018-12-14 06:39:58 -0200[diff] [blame]185 TlvGen {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]186 flags: flag,
Fabio Utzig754438d2018-12-14 06:39:58 -0200[diff] [blame]187 kinds: vec![TlvKinds::SHA256, TlvKinds::RSA2048, TlvKinds::ENCRSA2048],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]188 ..Default::default()
Fabio Utzig754438d2018-12-14 06:39:58 -0200[diff] [blame]189 }
190 }
191
192 #[allow(dead_code)]
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]193 pub fn new_enc_kw(aes_key_size: u32) -> TlvGen {
194 let flag = if aes_key_size == 256 {
195 TlvFlags::ENCRYPTED_AES256 as u32
196 } else {
197 TlvFlags::ENCRYPTED_AES128 as u32
198 };
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]199 TlvGen {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]200 flags: flag,
Salome Thirot0f641972021-05-14 11:19:55 +0100[diff] [blame]201 kinds: vec![TlvKinds::SHA256, TlvKinds::ENCKW],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]202 ..Default::default()
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]203 }
204 }
205
Fabio Utzig251ef1d2018-12-18 17:20:19 -0200[diff] [blame]206 #[allow(dead_code)]
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]207 pub fn new_rsa_kw(aes_key_size: u32) -> TlvGen {
208 let flag = if aes_key_size == 256 {
209 TlvFlags::ENCRYPTED_AES256 as u32
210 } else {
211 TlvFlags::ENCRYPTED_AES128 as u32
212 };
Fabio Utzig251ef1d2018-12-18 17:20:19 -0200[diff] [blame]213 TlvGen {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]214 flags: flag,
Salome Thirot0f641972021-05-14 11:19:55 +0100[diff] [blame]215 kinds: vec![TlvKinds::SHA256, TlvKinds::RSA2048, TlvKinds::ENCKW],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]216 ..Default::default()
Fabio Utzig251ef1d2018-12-18 17:20:19 -0200[diff] [blame]217 }
218 }
219
Fabio Utzigb4d20c82018-12-27 16:08:39 -0200[diff] [blame]220 #[allow(dead_code)]
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]221 pub fn new_ecdsa_kw(aes_key_size: u32) -> TlvGen {
222 let flag = if aes_key_size == 256 {
223 TlvFlags::ENCRYPTED_AES256 as u32
224 } else {
225 TlvFlags::ENCRYPTED_AES128 as u32
226 };
Fabio Utzigb4d20c82018-12-27 16:08:39 -0200[diff] [blame]227 TlvGen {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]228 flags: flag,
Salome Thirot0f641972021-05-14 11:19:55 +0100[diff] [blame]229 kinds: vec![TlvKinds::SHA256, TlvKinds::ECDSA256, TlvKinds::ENCKW],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]230 ..Default::default()
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]231 }
232 }
233
234 #[allow(dead_code)]
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]235 pub fn new_ecies_p256(aes_key_size: u32) -> TlvGen {
236 let flag = if aes_key_size == 256 {
237 TlvFlags::ENCRYPTED_AES256 as u32
238 } else {
239 TlvFlags::ENCRYPTED_AES128 as u32
240 };
Fabio Utzig66b4caa2020-01-04 20:19:28 -0300[diff] [blame]241 TlvGen {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]242 flags: flag,
Fabio Utzig66b4caa2020-01-04 20:19:28 -0300[diff] [blame]243 kinds: vec![TlvKinds::SHA256, TlvKinds::ENCEC256],
Fabio Utzig66b4caa2020-01-04 20:19:28 -0300[diff] [blame]244 ..Default::default()
245 }
246 }
247
248 #[allow(dead_code)]
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]249 pub fn new_ecdsa_ecies_p256(aes_key_size: u32) -> TlvGen {
250 let flag = if aes_key_size == 256 {
251 TlvFlags::ENCRYPTED_AES256 as u32
252 } else {
253 TlvFlags::ENCRYPTED_AES128 as u32
254 };
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]255 TlvGen {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]256 flags: flag,
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]257 kinds: vec![TlvKinds::SHA256, TlvKinds::ECDSA256, TlvKinds::ENCEC256],
Fabio Utzig9a2b5de2019-11-22 12:50:02 -0300[diff] [blame]258 ..Default::default()
Fabio Utzigb4d20c82018-12-27 16:08:39 -0200[diff] [blame]259 }
260 }
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]261
262 #[allow(dead_code)]
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]263 pub fn new_ecies_x25519(aes_key_size: u32) -> TlvGen {
264 let flag = if aes_key_size == 256 {
265 TlvFlags::ENCRYPTED_AES256 as u32
266 } else {
267 TlvFlags::ENCRYPTED_AES128 as u32
268 };
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]269 TlvGen {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]270 flags: flag,
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]271 kinds: vec![TlvKinds::SHA256, TlvKinds::ENCX25519],
272 ..Default::default()
273 }
274 }
275
276 #[allow(dead_code)]
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]277 pub fn new_ed25519_ecies_x25519(aes_key_size: u32) -> TlvGen {
278 let flag = if aes_key_size == 256 {
279 TlvFlags::ENCRYPTED_AES256 as u32
280 } else {
281 TlvFlags::ENCRYPTED_AES128 as u32
282 };
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]283 TlvGen {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]284 flags: flag,
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]285 kinds: vec![TlvKinds::SHA256, TlvKinds::ED25519, TlvKinds::ENCX25519],
286 ..Default::default()
287 }
288 }
David Brown43643dd2019-01-11 15:43:28 -0700[diff] [blame]289}
290
291impl ManifestGen for TlvGen {
David Brownac46e262019-01-11 15:46:18 -0700[diff] [blame]292 fn get_magic(&self) -> u32 {
293 0x96f3b83d
294 }
295
David Brown43643dd2019-01-11 15:43:28 -0700[diff] [blame]296 /// Retrieve the header flags for this configuration. This can be called at any time.
297 fn get_flags(&self) -> u32 {
298 self.flags
299 }
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]300
301 /// Add bytes to the covered hash.
David Brown43643dd2019-01-11 15:43:28 -0700[diff] [blame]302 fn add_bytes(&mut self, bytes: &[u8]) {
David Brown4243ab02017-07-11 12:24:23 -0600[diff] [blame]303 self.payload.extend_from_slice(bytes);
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]304 }
305
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]306 fn protect_size(&self) -> u16 {
David Brown2b73ed92020-01-08 17:01:22 -0700[diff] [blame]307 if self.dependencies.is_empty() {
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]308 0
309 } else {
David Brown2b73ed92020-01-08 17:01:22 -0700[diff] [blame]310 // Include the header and space for each dependency.
311 4 + (self.dependencies.len() as u16) * (4 + 4 + 8)
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]312 }
313 }
314
315 fn add_dependency(&mut self, id: u8, version: &ImageVersion) {
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]316 self.dependencies.push(Dependency {
David Brown4dfb33c2021-03-10 05:15:45 -0700[diff] [blame]317 id,
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]318 version: version.clone(),
319 });
320 }
321
David Browne90b13f2019-12-06 15:04:00 -0700[diff] [blame]322 fn corrupt_sig(&mut self) {
323 self.gen_corrupted = true;
324 }
325
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]326 /// Compute the TLV given the specified block of data.
David Brown43643dd2019-01-11 15:43:28 -0700[diff] [blame]327 fn make_tlv(self: Box<Self>) -> Vec<u8> {
Fabio Utzigea3d3ab2019-09-11 19:35:33 -0300[diff] [blame]328 let mut protected_tlv: Vec<u8> = vec![];
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]329
David Brown2b73ed92020-01-08 17:01:22 -0700[diff] [blame]330 if self.protect_size() > 0 {
Fabio Utzigea3d3ab2019-09-11 19:35:33 -0300[diff] [blame]331 protected_tlv.push(0x08);
332 protected_tlv.push(0x69);
David Brown2b73ed92020-01-08 17:01:22 -0700[diff] [blame]333 let size = self.protect_size();
334 protected_tlv.write_u16::<LittleEndian>(size).unwrap();
Fabio Utzigea3d3ab2019-09-11 19:35:33 -0300[diff] [blame]335 for dep in &self.dependencies {
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]336 protected_tlv.write_u16::<LittleEndian>(TlvKinds::DEPENDENCY as u16).unwrap();
David Brown4fae8b82019-12-05 11:26:59 -0700[diff] [blame]337 protected_tlv.write_u16::<LittleEndian>(12).unwrap();
David Brownf5b33d82017-09-01 10:58:27 -0600[diff] [blame]338
Fabio Utzigea3d3ab2019-09-11 19:35:33 -0300[diff] [blame]339 // The dependency.
340 protected_tlv.push(dep.id);
David Brownf66b2052021-03-10 05:26:36 -0700[diff] [blame]341 protected_tlv.push(0);
342 protected_tlv.write_u16::<LittleEndian>(0).unwrap();
Fabio Utzigea3d3ab2019-09-11 19:35:33 -0300[diff] [blame]343 protected_tlv.push(dep.version.major);
344 protected_tlv.push(dep.version.minor);
345 protected_tlv.write_u16::<LittleEndian>(dep.version.revision).unwrap();
346 protected_tlv.write_u32::<LittleEndian>(dep.version.build_num).unwrap();
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]347 }
David Brown2b73ed92020-01-08 17:01:22 -0700[diff] [blame]348
349 assert_eq!(size, protected_tlv.len() as u16, "protected TLV length incorrect");
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]350 }
351
352 // Ring does the signature itself, which means that it must be
353 // given a full, contiguous payload. Although this does help from
354 // a correct usage perspective, it is fairly stupid from an
355 // efficiency view. If this is shown to be a performance issue
356 // with the tests, the protected data could be appended to the
357 // payload, and then removed after the signature is done. For now,
358 // just make a signed payload.
359 let mut sig_payload = self.payload.clone();
Fabio Utzigea3d3ab2019-09-11 19:35:33 -0300[diff] [blame]360 sig_payload.extend_from_slice(&protected_tlv);
361
362 let mut result: Vec<u8> = vec![];
363
364 // add back signed payload
365 result.extend_from_slice(&protected_tlv);
366
367 // add non-protected payload
David Brown3dc86c92020-01-08 17:22:55 -0700[diff] [blame]368 let npro_pos = result.len();
Fabio Utzigea3d3ab2019-09-11 19:35:33 -0300[diff] [blame]369 result.push(0x07);
370 result.push(0x69);
David Brown3dc86c92020-01-08 17:22:55 -0700[diff] [blame]371 // Placeholder for the size.
372 result.write_u16::<LittleEndian>(0).unwrap();
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]373
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]374 if self.kinds.contains(&TlvKinds::SHA256) {
David Browne90b13f2019-12-06 15:04:00 -0700[diff] [blame]375 // If a signature is not requested, corrupt the hash we are
376 // generating. But, if there is a signature, output the
377 // correct hash. We want the hash test to pass so that the
378 // signature verification can be validated.
379 let mut corrupt_hash = self.gen_corrupted;
380 for k in &[TlvKinds::RSA2048, TlvKinds::RSA3072,
381 TlvKinds::ECDSA224, TlvKinds::ECDSA256,
382 TlvKinds::ED25519]
383 {
384 if self.kinds.contains(k) {
385 corrupt_hash = false;
386 break;
387 }
388 }
389
390 if corrupt_hash {
391 sig_payload[0] ^= 1;
392 }
393
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]394 let hash = digest::digest(&digest::SHA256, &sig_payload);
David Brown8054ce22017-07-11 12:12:09 -0600[diff] [blame]395 let hash = hash.as_ref();
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]396
David Brown8054ce22017-07-11 12:12:09 -0600[diff] [blame]397 assert!(hash.len() == 32);
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]398 result.write_u16::<LittleEndian>(TlvKinds::SHA256 as u16).unwrap();
David Brown4fae8b82019-12-05 11:26:59 -0700[diff] [blame]399 result.write_u16::<LittleEndian>(32).unwrap();
David Brown8054ce22017-07-11 12:12:09 -0600[diff] [blame]400 result.extend_from_slice(hash);
David Browne90b13f2019-12-06 15:04:00 -0700[diff] [blame]401
402 // Undo the corruption.
403 if corrupt_hash {
404 sig_payload[0] ^= 1;
405 }
406
407 }
408
409 if self.gen_corrupted {
410 // Corrupt what is signed by modifying the input to the
411 // signature code.
412 sig_payload[0] ^= 1;
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]413 }
414
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]415 if self.kinds.contains(&TlvKinds::RSA2048) ||
416 self.kinds.contains(&TlvKinds::RSA3072) {
417
418 let is_rsa2048 = self.kinds.contains(&TlvKinds::RSA2048);
419
David Brown43cda332017-09-01 09:53:23 -0600[diff] [blame]420 // Output the hash of the public key.
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]421 let hash = if is_rsa2048 {
422 digest::digest(&digest::SHA256, RSA_PUB_KEY)
423 } else {
424 digest::digest(&digest::SHA256, RSA3072_PUB_KEY)
425 };
David Brown43cda332017-09-01 09:53:23 -0600[diff] [blame]426 let hash = hash.as_ref();
427
428 assert!(hash.len() == 32);
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]429 result.write_u16::<LittleEndian>(TlvKinds::KEYHASH as u16).unwrap();
David Brown4fae8b82019-12-05 11:26:59 -0700[diff] [blame]430 result.write_u16::<LittleEndian>(32).unwrap();
David Brown43cda332017-09-01 09:53:23 -0600[diff] [blame]431 result.extend_from_slice(hash);
432
David Brown7e701d82017-07-11 13:24:25 -0600[diff] [blame]433 // For now assume PSS.
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]434 let key_bytes = if is_rsa2048 {
435 pem::parse(include_bytes!("../../root-rsa-2048.pem").as_ref()).unwrap()
436 } else {
437 pem::parse(include_bytes!("../../root-rsa-3072.pem").as_ref()).unwrap()
438 };
David Brown7e701d82017-07-11 13:24:25 -0600[diff] [blame]439 assert_eq!(key_bytes.tag, "RSA PRIVATE KEY");
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]440 let key_pair = RsaKeyPair::from_der(&key_bytes.contents).unwrap();
David Brown7e701d82017-07-11 13:24:25 -0600[diff] [blame]441 let rng = rand::SystemRandom::new();
Fabio Utzig05ab0142018-07-10 09:15:28 -0300[diff] [blame]442 let mut signature = vec![0; key_pair.public_modulus_len()];
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]443 if is_rsa2048 {
444 assert_eq!(signature.len(), 256);
445 } else {
446 assert_eq!(signature.len(), 384);
447 }
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]448 key_pair.sign(&RSA_PSS_SHA256, &rng, &sig_payload, &mut signature).unwrap();
David Brown7e701d82017-07-11 13:24:25 -0600[diff] [blame]449
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]450 if is_rsa2048 {
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]451 result.write_u16::<LittleEndian>(TlvKinds::RSA2048 as u16).unwrap();
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]452 } else {
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]453 result.write_u16::<LittleEndian>(TlvKinds::RSA3072 as u16).unwrap();
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]454 }
David Brown91d68632019-07-29 14:32:13 -0600[diff] [blame]455 result.write_u16::<LittleEndian>(signature.len() as u16).unwrap();
David Brown7e701d82017-07-11 13:24:25 -0600[diff] [blame]456 result.extend_from_slice(&signature);
457 }
458
Fabio Utzig80fde2f2017-12-05 09:25:31 -0200[diff] [blame]459 if self.kinds.contains(&TlvKinds::ECDSA256) {
460 let keyhash = digest::digest(&digest::SHA256, ECDSA256_PUB_KEY);
461 let keyhash = keyhash.as_ref();
462
463 assert!(keyhash.len() == 32);
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]464 result.write_u16::<LittleEndian>(TlvKinds::KEYHASH as u16).unwrap();
David Brown4fae8b82019-12-05 11:26:59 -0700[diff] [blame]465 result.write_u16::<LittleEndian>(32).unwrap();
Fabio Utzig80fde2f2017-12-05 09:25:31 -0200[diff] [blame]466 result.extend_from_slice(keyhash);
467
Fabio Utzig05ab0142018-07-10 09:15:28 -0300[diff] [blame]468 let key_bytes = pem::parse(include_bytes!("../../root-ec-p256-pkcs8.pem").as_ref()).unwrap();
469 assert_eq!(key_bytes.tag, "PRIVATE KEY");
Fabio Utzig80fde2f2017-12-05 09:25:31 -0200[diff] [blame]470
Fabio Utzig05ab0142018-07-10 09:15:28 -0300[diff] [blame]471 let key_pair = EcdsaKeyPair::from_pkcs8(&ECDSA_P256_SHA256_ASN1_SIGNING,
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]472 &key_bytes.contents).unwrap();
Fabio Utzig05ab0142018-07-10 09:15:28 -0300[diff] [blame]473 let rng = rand::SystemRandom::new();
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]474 let signature = key_pair.sign(&rng, &sig_payload).unwrap();
Fabio Utzig80fde2f2017-12-05 09:25:31 -0200[diff] [blame]475
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]476 result.write_u16::<LittleEndian>(TlvKinds::ECDSA256 as u16).unwrap();
Fabio Utzig05ab0142018-07-10 09:15:28 -0300[diff] [blame]477
David Browna4c58642019-12-12 17:28:33 -0700[diff] [blame]478 let signature = signature.as_ref().to_vec();
Fabio Utzig05ab0142018-07-10 09:15:28 -0300[diff] [blame]479
David Brown91d68632019-07-29 14:32:13 -0600[diff] [blame]480 result.write_u16::<LittleEndian>(signature.len() as u16).unwrap();
Fabio Utzig05ab0142018-07-10 09:15:28 -0300[diff] [blame]481 result.extend_from_slice(signature.as_ref());
Fabio Utzig80fde2f2017-12-05 09:25:31 -0200[diff] [blame]482 }
483
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]484 if self.kinds.contains(&TlvKinds::ED25519) {
485 let keyhash = digest::digest(&digest::SHA256, ED25519_PUB_KEY);
486 let keyhash = keyhash.as_ref();
487
488 assert!(keyhash.len() == 32);
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]489 result.write_u16::<LittleEndian>(TlvKinds::KEYHASH as u16).unwrap();
David Brown4fae8b82019-12-05 11:26:59 -0700[diff] [blame]490 result.write_u16::<LittleEndian>(32).unwrap();
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]491 result.extend_from_slice(keyhash);
492
David Brown7a81c4b2019-07-29 15:20:21 -0600[diff] [blame]493 let hash = digest::digest(&digest::SHA256, &sig_payload);
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]494 let hash = hash.as_ref();
495 assert!(hash.len() == 32);
496
497 let key_bytes = pem::parse(include_bytes!("../../root-ed25519.pem").as_ref()).unwrap();
498 assert_eq!(key_bytes.tag, "PRIVATE KEY");
499
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]500 let key_pair = Ed25519KeyPair::from_seed_and_public_key(
501 &key_bytes.contents[16..48], &ED25519_PUB_KEY[12..44]).unwrap();
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]502 let signature = key_pair.sign(&hash);
503
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]504 result.write_u16::<LittleEndian>(TlvKinds::ED25519 as u16).unwrap();
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]505
506 let signature = signature.as_ref().to_vec();
David Brown91d68632019-07-29 14:32:13 -0600[diff] [blame]507 result.write_u16::<LittleEndian>(signature.len() as u16).unwrap();
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]508 result.extend_from_slice(signature.as_ref());
509 }
510
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]511 if self.kinds.contains(&TlvKinds::ENCRSA2048) {
512 let key_bytes = pem::parse(include_bytes!("../../enc-rsa2048-pub.pem")
513 .as_ref()).unwrap();
514 assert_eq!(key_bytes.tag, "PUBLIC KEY");
515
Fabio Utzige84f0ef2019-11-22 12:29:32 -0300[diff] [blame]516 let cipherkey = self.get_enc_key();
517 let cipherkey = cipherkey.as_slice();
518 let encbuf = match c::rsa_oaep_encrypt(&key_bytes.contents, cipherkey) {
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]519 Ok(v) => v,
520 Err(_) => panic!("Failed to encrypt secret key"),
521 };
522
523 assert!(encbuf.len() == 256);
David Brown69721182019-12-04 14:50:52 -0700[diff] [blame]524 result.write_u16::<LittleEndian>(TlvKinds::ENCRSA2048 as u16).unwrap();
David Brown4fae8b82019-12-05 11:26:59 -0700[diff] [blame]525 result.write_u16::<LittleEndian>(256).unwrap();
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]526 result.extend_from_slice(&encbuf);
527 }
528
Salome Thirot0f641972021-05-14 11:19:55 +0100[diff] [blame]529 if self.kinds.contains(&TlvKinds::ENCKW) {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]530 let flag = TlvFlags::ENCRYPTED_AES256 as u32;
531 let aes256 = (self.get_flags() & flag) == flag;
532 let key_bytes = if aes256 {
533 base64::decode(
534 include_str!("../../enc-aes256kw.b64").trim()).unwrap()
535 } else {
536 base64::decode(
537 include_str!("../../enc-aes128kw.b64").trim()).unwrap()
538 };
Fabio Utzige84f0ef2019-11-22 12:29:32 -0300[diff] [blame]539 let cipherkey = self.get_enc_key();
540 let cipherkey = cipherkey.as_slice();
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]541 let keylen = if aes256 { 32 } else { 16 };
542 let encbuf = match c::kw_encrypt(&key_bytes, cipherkey, keylen) {
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]543 Ok(v) => v,
544 Err(_) => panic!("Failed to encrypt secret key"),
545 };
546
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]547 let size = if aes256 { 40 } else { 24 };
548 assert!(encbuf.len() == size);
Salome Thirot0f641972021-05-14 11:19:55 +0100[diff] [blame]549 result.write_u16::<LittleEndian>(TlvKinds::ENCKW as u16).unwrap();
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]550 result.write_u16::<LittleEndian>(size as u16).unwrap();
Fabio Utzig1e48b912018-09-18 09:04:18 -0300[diff] [blame]551 result.extend_from_slice(&encbuf);
552 }
553
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]554 if self.kinds.contains(&TlvKinds::ENCEC256) || self.kinds.contains(&TlvKinds::ENCX25519) {
555 let key_bytes = if self.kinds.contains(&TlvKinds::ENCEC256) {
556 pem::parse(include_bytes!("../../enc-ec256-pub.pem").as_ref()).unwrap()
557 } else {
558 pem::parse(include_bytes!("../../enc-x25519-pub.pem").as_ref()).unwrap()
559 };
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]560 assert_eq!(key_bytes.tag, "PUBLIC KEY");
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]561 let rng = rand::SystemRandom::new();
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]562 let alg = if self.kinds.contains(&TlvKinds::ENCEC256) {
563 &agreement::ECDH_P256
564 } else {
565 &agreement::X25519
566 };
567 let pk = match agreement::EphemeralPrivateKey::generate(alg, &rng) {
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]568 Ok(v) => v,
569 Err(_) => panic!("Failed to generate ephemeral keypair"),
570 };
571
572 let pubk = match pk.compute_public_key() {
573 Ok(pubk) => pubk,
574 Err(_) => panic!("Failed computing ephemeral public key"),
575 };
576
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]577 let peer_pubk = if self.kinds.contains(&TlvKinds::ENCEC256) {
578 agreement::UnparsedPublicKey::new(&agreement::ECDH_P256, &key_bytes.contents[26..])
579 } else {
580 agreement::UnparsedPublicKey::new(&agreement::X25519, &key_bytes.contents[12..])
581 };
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]582
583 #[derive(Debug, PartialEq)]
584 struct OkmLen<T: core::fmt::Debug + PartialEq>(T);
585
586 impl hkdf::KeyType for OkmLen<usize> {
587 fn len(&self) -> usize {
588 self.0
589 }
590 }
591
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]592 let flag = TlvFlags::ENCRYPTED_AES256 as u32;
593 let aes256 = (self.get_flags() & flag) == flag;
594
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]595 let derived_key = match agreement::agree_ephemeral(
596 pk, &peer_pubk, ring::error::Unspecified, |shared| {
597 let salt = hkdf::Salt::new(hkdf::HKDF_SHA256, &[]);
598 let prk = salt.extract(&shared);
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]599 let okm_len = if aes256 { 64 } else { 48 };
600 let okm = match prk.expand(&[b"MCUBoot_ECIES_v1"], OkmLen(okm_len)) {
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]601 Ok(okm) => okm,
602 Err(_) => panic!("Failed building HKDF OKM"),
603 };
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]604 let mut buf = if aes256 { vec![0u8; 64] } else { vec![0u8; 48] };
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]605 match okm.fill(&mut buf) {
606 Ok(_) => Ok(buf),
607 Err(_) => panic!("Failed generating HKDF output"),
608 }
609 },
610 ) {
611 Ok(v) => v,
612 Err(_) => panic!("Failed building HKDF"),
613 };
614
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]615 let nonce = GenericArray::from_slice(&[0; 16]);
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]616 let mut cipherkey = self.get_enc_key();
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]617 if aes256 {
618 let key: &GenericArray<u8, U32> = GenericArray::from_slice(&derived_key[..32]);
619 let mut cipher = Aes256Ctr::new(&key, &nonce);
620 cipher.apply_keystream(&mut cipherkey);
621 } else {
622 let key: &GenericArray<u8, U16> = GenericArray::from_slice(&derived_key[..16]);
623 let mut cipher = Aes128Ctr::new(&key, &nonce);
624 cipher.apply_keystream(&mut cipherkey);
625 }
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]626
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]627 let size = if aes256 { 32 } else { 16 };
628 let key = hmac::Key::new(hmac::HMAC_SHA256, &derived_key[size..]);
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]629 let tag = hmac::sign(&key, &cipherkey);
630
631 let mut buf = vec![];
632 buf.append(&mut pubk.as_ref().to_vec());
633 buf.append(&mut tag.as_ref().to_vec());
634 buf.append(&mut cipherkey);
635
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]636 if self.kinds.contains(&TlvKinds::ENCEC256) {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]637 let size = if aes256 { 129 } else { 113 };
638 assert!(buf.len() == size);
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]639 result.write_u16::<LittleEndian>(TlvKinds::ENCEC256 as u16).unwrap();
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]640 result.write_u16::<LittleEndian>(size as u16).unwrap();
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]641 } else {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]642 let size = if aes256 { 96 } else { 80 };
643 assert!(buf.len() == size);
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]644 result.write_u16::<LittleEndian>(TlvKinds::ENCX25519 as u16).unwrap();
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]645 result.write_u16::<LittleEndian>(size as u16).unwrap();
Fabio Utzig3fa72ca2020-04-02 11:20:37 -0300[diff] [blame]646 }
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]647 result.extend_from_slice(&buf);
648 }
649
David Brown3dc86c92020-01-08 17:22:55 -0700[diff] [blame]650 // Patch the size back into the TLV header.
651 let size = (result.len() - npro_pos) as u16;
652 let mut size_buf = &mut result[npro_pos + 2 .. npro_pos + 4];
653 size_buf.write_u16::<LittleEndian>(size).unwrap();
654
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]655 result
656 }
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]657
Fabio Utzige84f0ef2019-11-22 12:29:32 -0300[diff] [blame]658 fn generate_enc_key(&mut self) {
659 let rng = rand::SystemRandom::new();
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]660 let flag = TlvFlags::ENCRYPTED_AES256 as u32;
661 let aes256 = (self.get_flags() & flag) == flag;
662 let mut buf = if aes256 {
663 vec![0u8; 32]
664 } else {
665 vec![0u8; 16]
666 };
David Brown26edaf32021-03-10 05:27:38 -0700[diff] [blame]667 if rng.fill(&mut buf).is_err() {
668 panic!("Error generating encrypted key");
Fabio Utzige84f0ef2019-11-22 12:29:32 -0300[diff] [blame]669 }
670 info!("New encryption key: {:02x?}", buf);
671 self.enc_key = buf;
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]672 }
673
674 fn get_enc_key(&self) -> Vec<u8> {
Salome Thirot6fdbf552021-05-14 16:46:14 +0100[diff] [blame^]675 if self.enc_key.len() != 32 && self.enc_key.len() != 16 {
Fabio Utzige84f0ef2019-11-22 12:29:32 -0300[diff] [blame]676 panic!("No random key was generated");
677 }
678 self.enc_key.clone()
Fabio Utzig90f449e2019-10-24 07:43:53 -0300[diff] [blame]679 }
David Brown187dd882017-07-11 11:15:23 -0600[diff] [blame]680}
David Brown43cda332017-09-01 09:53:23 -0600[diff] [blame]681
682include!("rsa_pub_key-rs.txt");
Fabio Utzig39297432019-05-08 18:51:10 -0300[diff] [blame]683include!("rsa3072_pub_key-rs.txt");
Fabio Utzig80fde2f2017-12-05 09:25:31 -0200[diff] [blame]684include!("ecdsa_pub_key-rs.txt");
Fabio Utzig97710282019-05-24 17:44:49 -0300[diff] [blame]685include!("ed25519_pub_key-rs.txt");