Add RSA-3072 support to imgtool
Signed-off-by: Fabio Utzig <utzig@apache.org>
diff --git a/scripts/imgtool/keys/__init__.py b/scripts/imgtool/keys/__init__.py
index da5b083..b92f871 100644
--- a/scripts/imgtool/keys/__init__.py
+++ b/scripts/imgtool/keys/__init__.py
@@ -21,7 +21,7 @@
from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey, RSAPublicKey
from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey, EllipticCurvePublicKey
-from .rsa import RSA2048, RSA2048Public, RSAUsageError
+from .rsa import RSA, RSAPublic, RSAUsageError, RSA_KEY_SIZES
from .ecdsa import ECDSA256P1, ECDSA256P1Public, ECDSAUsageError
class PasswordRequired(Exception):
@@ -53,13 +53,13 @@
backend=default_backend())
if isinstance(pk, RSAPrivateKey):
- if pk.key_size != 2048:
+ if pk.key_size not in RSA_KEY_SIZES:
raise Exception("Unsupported RSA key size: " + pk.key_size)
- return RSA2048(pk)
+ return RSA(pk)
elif isinstance(pk, RSAPublicKey):
- if pk.key_size != 2048:
+ if pk.key_size not in RSA_KEY_SIZES:
raise Exception("Unsupported RSA key size: " + pk.key_size)
- return RSA2048Public(pk)
+ return RSAPublic(pk)
elif isinstance(pk, EllipticCurvePrivateKey):
if pk.curve.name != 'secp256r1':
raise Exception("Unsupported EC curve: " + pk.curve.name)
diff --git a/scripts/imgtool/keys/rsa.py b/scripts/imgtool/keys/rsa.py
index 4ddbfc6..94af064 100644
--- a/scripts/imgtool/keys/rsa.py
+++ b/scripts/imgtool/keys/rsa.py
@@ -10,14 +10,23 @@
from .general import KeyClass
+
+# Sizes that bootutil will recognize
+RSA_KEY_SIZES = [2048, 3072]
+
+
class RSAUsageError(Exception):
pass
-class RSA2048Public(KeyClass):
+
+class RSAPublic(KeyClass):
"""The public key can only do a few operations"""
def __init__(self, key):
self.key = key
+ def key_size(self):
+ return self.key.key_size
+
def shortname(self):
return "rsa"
@@ -45,17 +54,18 @@
f.write(pem)
def sig_type(self):
- return "PKCS1_PSS_RSA2048_SHA256"
+ return "PKCS1_PSS_RSA{}_SHA256".format(self.key_size())
def sig_tlv(self):
- return "RSA2048"
+ return"RSA{}".format(self.key_size())
def sig_len(self):
- return 256
+ return self.key_size() / 8
-class RSA2048(RSA2048Public):
+
+class RSA(RSAPublic):
"""
- Wrapper around an 2048-bit RSA key, with imgtool support.
+ Wrapper around an RSA key, with imgtool support.
"""
def __init__(self, key):
@@ -63,18 +73,22 @@
self.key = key
@staticmethod
- def generate():
+ def generate(key_size=2048):
+ if key_size not in RSA_KEY_SIZES:
+ raise RSAUsageError("Key size {} is not supported by MCUboot"
+ .format(key_size))
pk = rsa.generate_private_key(
public_exponent=65537,
- key_size=2048,
+ key_size=key_size,
backend=default_backend())
- return RSA2048(pk)
+ return RSA(pk)
def _get_public(self):
return self.key.public_key()
def export_private(self, path, passwd=None):
- """Write the private key to the given file, protecting it with the optional password."""
+ """Write the private key to the given file, protecting it with the
+ optional password."""
if passwd is None:
enc = serialization.NoEncryption()
else:
diff --git a/scripts/imgtool/keys/rsa_test.py b/scripts/imgtool/keys/rsa_test.py
index 8151878..b01635d 100644
--- a/scripts/imgtool/keys/rsa_test.py
+++ b/scripts/imgtool/keys/rsa_test.py
@@ -13,9 +13,12 @@
from cryptography.hazmat.primitives.hashes import SHA256
# Setup sys path so 'imgtool' is in it.
-sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), '../..')))
+sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__),
+ '../..')))
-from imgtool.keys import load, RSA2048, RSAUsageError
+from imgtool.keys import load, RSA, RSAUsageError
+from imgtool.keys.rsa import RSA_KEY_SIZES
+
class KeyGeneration(unittest.TestCase):
@@ -29,74 +32,84 @@
self.test_dir.cleanup()
def test_keygen(self):
- name1 = self.tname("keygen.pem")
- k = RSA2048.generate()
- k.export_private(name1, b'secret')
+ # Try generating a RSA key with non-supported size
+ with self.assertRaises(RSAUsageError):
+ RSA.generate(key_size=1024)
- # Try loading the key without a password.
- self.assertIsNone(load(name1))
+ for key_size in RSA_KEY_SIZES:
+ name1 = self.tname("keygen.pem")
+ k = RSA.generate(key_size=key_size)
+ k.export_private(name1, b'secret')
- k2 = load(name1, b'secret')
+ # Try loading the key without a password.
+ self.assertIsNone(load(name1))
- pubname = self.tname('keygen-pub.pem')
- k2.export_public(pubname)
- pk2 = load(pubname)
+ k2 = load(name1, b'secret')
- # We should be able to export the public key from the loaded
- # public key, but not the private key.
- pk2.export_public(self.tname('keygen-pub2.pem'))
- self.assertRaises(RSAUsageError, pk2.export_private, self.tname('keygen-priv2.pem'))
+ pubname = self.tname('keygen-pub.pem')
+ k2.export_public(pubname)
+ pk2 = load(pubname)
+
+ # We should be able to export the public key from the loaded
+ # public key, but not the private key.
+ pk2.export_public(self.tname('keygen-pub2.pem'))
+ self.assertRaises(RSAUsageError, pk2.export_private,
+ self.tname('keygen-priv2.pem'))
def test_emit(self):
"""Basic sanity check on the code emitters."""
- k = RSA2048.generate()
+ for key_size in RSA_KEY_SIZES:
+ k = RSA.generate(key_size=key_size)
- ccode = io.StringIO()
- k.emit_c(ccode)
- self.assertIn("rsa_pub_key", ccode.getvalue())
- self.assertIn("rsa_pub_key_len", ccode.getvalue())
+ ccode = io.StringIO()
+ k.emit_c(ccode)
+ self.assertIn("rsa_pub_key", ccode.getvalue())
+ self.assertIn("rsa_pub_key_len", ccode.getvalue())
- rustcode = io.StringIO()
- k.emit_rust(rustcode)
- self.assertIn("RSA_PUB_KEY", rustcode.getvalue())
+ rustcode = io.StringIO()
+ k.emit_rust(rustcode)
+ self.assertIn("RSA_PUB_KEY", rustcode.getvalue())
def test_emit_pub(self):
"""Basic sanity check on the code emitters, from public key."""
pubname = self.tname("public.pem")
- k = RSA2048.generate()
- k.export_public(pubname)
+ for key_size in RSA_KEY_SIZES:
+ k = RSA.generate(key_size=key_size)
+ k.export_public(pubname)
- k2 = load(pubname)
+ k2 = load(pubname)
- ccode = io.StringIO()
- k2.emit_c(ccode)
- self.assertIn("rsa_pub_key", ccode.getvalue())
- self.assertIn("rsa_pub_key_len", ccode.getvalue())
+ ccode = io.StringIO()
+ k2.emit_c(ccode)
+ self.assertIn("rsa_pub_key", ccode.getvalue())
+ self.assertIn("rsa_pub_key_len", ccode.getvalue())
- rustcode = io.StringIO()
- k2.emit_rust(rustcode)
- self.assertIn("RSA_PUB_KEY", rustcode.getvalue())
+ rustcode = io.StringIO()
+ k2.emit_rust(rustcode)
+ self.assertIn("RSA_PUB_KEY", rustcode.getvalue())
def test_sig(self):
- k = RSA2048.generate()
- buf = b'This is the message'
- sig = k.sign(buf)
+ for key_size in RSA_KEY_SIZES:
+ k = RSA.generate(key_size=key_size)
+ buf = b'This is the message'
+ sig = k.sign(buf)
- # The code doesn't have any verification, so verify this
- # manually.
- k.key.public_key().verify(
+ # The code doesn't have any verification, so verify this
+ # manually.
+ k.key.public_key().verify(
signature=sig,
data=buf,
padding=PSS(mgf=MGF1(SHA256()), salt_length=32),
algorithm=SHA256())
- # Modify the message to make sure the signature fails.
- self.assertRaises(InvalidSignature,
- k.key.public_key().verify,
- signature=sig,
- data=b'This is thE message',
- padding=PSS(mgf=MGF1(SHA256()), salt_length=32),
- algorithm=SHA256())
+ # Modify the message to make sure the signature fails.
+ self.assertRaises(InvalidSignature,
+ k.key.public_key().verify,
+ signature=sig,
+ data=b'This is thE message',
+ padding=PSS(mgf=MGF1(SHA256()), salt_length=32),
+ algorithm=SHA256())
+
if __name__ == '__main__':
unittest.main()