testplan/zephyr/0001-partial-ECDSA-P256-slot-0-bad-no-verification.patch - mirror/mcuboot - TrustedFirmware Git Browser

 From b2d9560f05fabdcfdff549ccc361d9dfbe74735b Mon Sep 17 00:00:00 2001
 From: David Brown <david.brown@linaro.org>
 Date: Thu, 27 Jul 2017 10:05:47 -0600
 Subject: [PATCH] partial ECDSA P256 slot 0 bad, no verification

 This has a badly signed image in slot 0, which should boot because
 checking is off.  It should perform the upgrade in slot 1, and not
 revert, because the old image is not valid.
 ---
  Makefile                | 10 +++++-----
  bad-ec-p256.pem         |  5 +++++
  samples/zephyr/Makefile |  4 ++--
  3 files changed, 12 insertions(+), 7 deletions(-)
  create mode 100644 bad-ec-p256.pem

 diff --git a/Makefile b/Makefile
 index 1e9ec42..3f875a2 100644
 --- a/Makefile
 +++ b/Makefile
 @@ -9,21 +9,21 @@
  # lines there, and comment out any other blocks.

  # RSA
 -CONF_FILE = boot/zephyr/prj.conf
 -CFLAGS += -DMCUBOOT_SIGN_RSA -DMCUBOOT_USE_MBED_TLS
 +#CONF_FILE = boot/zephyr/prj.conf
 +#CFLAGS += -DMCUBOOT_SIGN_RSA -DMCUBOOT_USE_MBED_TLS

  # Newer uses should use the RSA-PSS signature algorithm.  This define
  # enables (and requires) this type of signature.
  #CFLAGS += -DMCUBOOT_RSA_PKCS1_15

  # ECDSA P-256
 -#CONF_FILE = boot/zephyr/prj-p256.conf
 -#CFLAGS += -DMCUBOOT_SIGN_EC256 -DMCUBOOT_USE_TINYCRYPT
 +CONF_FILE = boot/zephyr/prj-p256.conf
 +CFLAGS += -DMCUBOOT_SIGN_EC256 -DMCUBOOT_USE_TINYCRYPT

  # Enable this option to have the bootloader verify the signature of
  # the primary image upon every boot.  Without it, signature
  # verification only happens on upgrade.
 -CFLAGS += -DMCUBOOT_VALIDATE_SLOT0
 +#CFLAGS += -DMCUBOOT_VALIDATE_SLOT0

  # Enabling this option uses newer flash map APIs. This saves RAM and
  # avoids deprecated API usage.
 diff --git a/bad-ec-p256.pem b/bad-ec-p256.pem
 new file mode 100644
 index 0000000..333f41f
 --- /dev/null
 +++ b/bad-ec-p256.pem
 @@ -0,0 +1,5 @@
 +-----BEGIN EC PRIVATE KEY-----
 +MHcCAQEEILmqmiH6y3EGhLkTcnNtU7hZ1wnc51MIL53npseRX7vJoAoGCCqGSM49
 +AwEHoUQDQgAEcX9ExNjZfsckp6AdutjPjVJsvP6ZZkKfLsGnRpKR+9OpO9/qmJHs
 +ks+ZXo70SEANjWnNlxKNAVci8aUm8UskLw==
 +-----END EC PRIVATE KEY-----
 diff --git a/samples/zephyr/Makefile b/samples/zephyr/Makefile
 index 7678615..f84314d 100644
 --- a/samples/zephyr/Makefile
 +++ b/samples/zephyr/Makefile
 @@ -102,7 +102,7 @@ clean_boot: check
  hello1: check
  	$(MAKE) -C hello1 BOARD=$(BOARD) -j$(nproc)
  	$(IMGTOOL) sign \
 -		--key $(SIGNING_KEY) \
 +		--key ../../bad-ec-p256.pem \
  		--header-size $(BOOT_HEADER_LEN) \
  		--align $(FLASH_ALIGNMENT) \
  		--version 1.2 \
 @@ -121,7 +121,7 @@ clean_hello1: check
  hello2: check
  	$(MAKE) -C hello2 BOARD=$(BOARD) -j$(nproc)
  	$(IMGTOOL) sign \
 -		--key $(SIGNING_KEY) \
 +		--key ../../root-ec-p256.pem \
  		--header-size $(BOOT_HEADER_LEN) \
  		--align $(FLASH_ALIGNMENT) \
  		--version 1.2 \
 --
 2.11.0
	From b2d9560f05fabdcfdff549ccc361d9dfbe74735b Mon Sep 17 00:00:00 2001
	From: David Brown <david.brown@linaro.org>
	Date: Thu, 27 Jul 2017 10:05:47 -0600
	Subject: [PATCH] partial ECDSA P256 slot 0 bad, no verification

	This has a badly signed image in slot 0, which should boot because
	checking is off. It should perform the upgrade in slot 1, and not
	revert, because the old image is not valid.
	---
	Makefile \| 10 +++++-----
	bad-ec-p256.pem \| 5 +++++
	samples/zephyr/Makefile \| 4 ++--
	3 files changed, 12 insertions(+), 7 deletions(-)
	create mode 100644 bad-ec-p256.pem

	diff --git a/Makefile b/Makefile
	index 1e9ec42..3f875a2 100644
	--- a/Makefile
	+++ b/Makefile
	@@ -9,21 +9,21 @@
	# lines there, and comment out any other blocks.

	# RSA
	-CONF_FILE = boot/zephyr/prj.conf
	-CFLAGS += -DMCUBOOT_SIGN_RSA -DMCUBOOT_USE_MBED_TLS
	+#CONF_FILE = boot/zephyr/prj.conf
	+#CFLAGS += -DMCUBOOT_SIGN_RSA -DMCUBOOT_USE_MBED_TLS

	# Newer uses should use the RSA-PSS signature algorithm. This define
	# enables (and requires) this type of signature.
	#CFLAGS += -DMCUBOOT_RSA_PKCS1_15

	# ECDSA P-256
	-#CONF_FILE = boot/zephyr/prj-p256.conf
	-#CFLAGS += -DMCUBOOT_SIGN_EC256 -DMCUBOOT_USE_TINYCRYPT
	+CONF_FILE = boot/zephyr/prj-p256.conf
	+CFLAGS += -DMCUBOOT_SIGN_EC256 -DMCUBOOT_USE_TINYCRYPT

	# Enable this option to have the bootloader verify the signature of
	# the primary image upon every boot. Without it, signature
	# verification only happens on upgrade.
	-CFLAGS += -DMCUBOOT_VALIDATE_SLOT0
	+#CFLAGS += -DMCUBOOT_VALIDATE_SLOT0

	# Enabling this option uses newer flash map APIs. This saves RAM and
	# avoids deprecated API usage.
	diff --git a/bad-ec-p256.pem b/bad-ec-p256.pem
	new file mode 100644
	index 0000000..333f41f
	--- /dev/null
	+++ b/bad-ec-p256.pem
	@@ -0,0 +1,5 @@
	+-----BEGIN EC PRIVATE KEY-----
	+MHcCAQEEILmqmiH6y3EGhLkTcnNtU7hZ1wnc51MIL53npseRX7vJoAoGCCqGSM49
	+AwEHoUQDQgAEcX9ExNjZfsckp6AdutjPjVJsvP6ZZkKfLsGnRpKR+9OpO9/qmJHs
	+ks+ZXo70SEANjWnNlxKNAVci8aUm8UskLw==
	+-----END EC PRIVATE KEY-----
	diff --git a/samples/zephyr/Makefile b/samples/zephyr/Makefile
	index 7678615..f84314d 100644
	--- a/samples/zephyr/Makefile
	+++ b/samples/zephyr/Makefile
	@@ -102,7 +102,7 @@ clean_boot: check
	hello1: check
	$(MAKE) -C hello1 BOARD=$(BOARD) -j$(nproc)
	$(IMGTOOL) sign \
	- --key $(SIGNING_KEY) \
	+ --key ../../bad-ec-p256.pem \
	--header-size $(BOOT_HEADER_LEN) \
	--align $(FLASH_ALIGNMENT) \
	--version 1.2 \
	@@ -121,7 +121,7 @@ clean_hello1: check
	hello2: check
	$(MAKE) -C hello2 BOARD=$(BOARD) -j$(nproc)
	$(IMGTOOL) sign \
	- --key $(SIGNING_KEY) \
	+ --key ../../root-ec-p256.pem \
	--header-size $(BOOT_HEADER_LEN) \
	--align $(FLASH_ALIGNMENT) \
	--version 1.2 \
	--
	2.11.0