Boot: Add RSA-3072 support to imgtool script PSA TBSA-M recommends to use RSA signature for firmware authentication with at least 3072 bits length key size. This change is based on: https://github.com/JuulLabs-OSS/mcuboot/pull/476 authored by Fabio Utzig <utzig@apache.org> Change-Id: I78fb0c9732aa6942b6fcb46fef5e1965c9dccaa5 Signed-off-by: Tamas Ban <tamas.ban@arm.com>

commit: 861835c0c534848bf6dcd81ef8042cfc1b0bffae [log] [tgz]
author: Tamas Ban <tamas.ban@arm.com> Mon May 13 08:59:38 2019 +0100
committer: Tamas Ban <tamas.ban@arm.com> Fri May 24 12:25:48 2019 +0000
tree: 0903609a4226ef033d9195c4c920421fe4780db1
parent: 060968d6eef3e570539fa942a8c0c5ec2388e798 [diff] [blame]
diff --git a/bl2/ext/mcuboot/scripts/imgtool.py b/bl2/ext/mcuboot/scripts/imgtool.py
index 924fa96..43d7d15 100644
--- a/bl2/ext/mcuboot/scripts/imgtool.py
+++ b/bl2/ext/mcuboot/scripts/imgtool.py

@@ -80,10 +80,14 @@
     return newVersion
 
 def gen_rsa2048(args):
-    keys.RSA2048.generate().export_private(args.key)
+    keys.RSAutil.generate().export_private(args.key)
+
+def gen_rsa3072(args):
+    keys.RSAutil.generate(key_size=3072).export_private(args.key)
 
 keygens = {
-        'rsa-2048': gen_rsa2048, }
+        'rsa-2048': gen_rsa2048,
+        'rsa-3072': gen_rsa3072, }
 
 def do_keygen(args):
     if args.type not in keygens:
commit	861835c0c534848bf6dcd81ef8042cfc1b0bffae	[log] [tgz]
author	Tamas Ban <tamas.ban@arm.com>	Mon May 13 08:59:38 2019 +0100
committer	Tamas Ban <tamas.ban@arm.com>	Fri May 24 12:25:48 2019 +0000
tree	0903609a4226ef033d9195c4c920421fe4780db1
parent	060968d6eef3e570539fa942a8c0c5ec2388e798 [diff] [blame]