Add simulator support for RSA-3072 sigs
Signed-off-by: Fabio Utzig <utzig@apache.org>
diff --git a/sim/Cargo.toml b/sim/Cargo.toml
index 3b42e36..fbe2bb9 100644
--- a/sim/Cargo.toml
+++ b/sim/Cargo.toml
@@ -8,6 +8,7 @@
default = []
sig-rsa = ["mcuboot-sys/sig-rsa"]
+sig-rsa3072 = ["mcuboot-sys/sig-rsa3072"]
sig-ecdsa = ["mcuboot-sys/sig-ecdsa"]
overwrite-only = ["mcuboot-sys/overwrite-only"]
validate-primary-slot = ["mcuboot-sys/validate-primary-slot"]
diff --git a/sim/mcuboot-sys/Cargo.toml b/sim/mcuboot-sys/Cargo.toml
index 8071ba1..7512e22 100644
--- a/sim/mcuboot-sys/Cargo.toml
+++ b/sim/mcuboot-sys/Cargo.toml
@@ -15,6 +15,9 @@
# compile with both sig-rsa and sig-ecdsa enabled.
sig-rsa = []
+# Verify RSA-3072 signatures.
+sig-rsa3072 = []
+
# Verify ECDSA (secp256r1) signatures.
sig-ecdsa = []
diff --git a/sim/mcuboot-sys/build.rs b/sim/mcuboot-sys/build.rs
index 4e293ad..ce4ee25 100644
--- a/sim/mcuboot-sys/build.rs
+++ b/sim/mcuboot-sys/build.rs
@@ -10,6 +10,7 @@
fn main() {
// Feature flags.
let sig_rsa = env::var("CARGO_FEATURE_SIG_RSA").is_ok();
+ let sig_rsa3072 = env::var("CARGO_FEATURE_SIG_RSA3072").is_ok();
let sig_ecdsa = env::var("CARGO_FEATURE_SIG_ECDSA").is_ok();
let overwrite_only = env::var("CARGO_FEATURE_OVERWRITE_ONLY").is_ok();
let validate_primary_slot =
@@ -35,13 +36,23 @@
conf.define("MCUBOOT_VALIDATE_PRIMARY_SLOT", None);
}
- // Currently, mbed TLS cannot build with both RSA and ECDSA.
- if sig_rsa && sig_ecdsa {
- panic!("mcuboot does not support RSA and ECDSA at the same time");
+ // Currently no more than one sig type can be used simultaneously.
+ if vec![sig_rsa, sig_rsa3072, sig_ecdsa].iter()
+ .fold(0, |sum, &v| sum + v as i32) > 1 {
+ panic!("mcuboot does not support more than one sig type at the same time");
}
- if sig_rsa {
+ if sig_rsa || sig_rsa3072 {
conf.define("MCUBOOT_SIGN_RSA", None);
+ // The Kconfig style defines must be added here as well because
+ // they are used internally by "config-rsa.h"
+ if sig_rsa {
+ conf.define("MCUBOOT_SIGN_RSA_LEN", "2048");
+ conf.define("CONFIG_BOOT_SIGNATURE_TYPE_RSA_2048", None);
+ } else {
+ conf.define("MCUBOOT_SIGN_RSA_LEN", "3072");
+ conf.define("CONFIG_BOOT_SIGNATURE_TYPE_RSA_3072", None);
+ }
conf.define("MCUBOOT_USE_MBED_TLS", None);
conf.include("mbedtls/include");
@@ -114,7 +125,7 @@
conf.file("../../boot/bootutil/src/encrypted.c");
conf.file("csupport/keys.c");
- if sig_rsa {
+ if sig_rsa || sig_rsa3072 {
conf.file("mbedtls/library/sha256.c");
}
@@ -141,7 +152,7 @@
if sig_rsa && enc_kw {
conf.define("MBEDTLS_CONFIG_FILE", Some("<config-rsa-kw.h>"));
- } else if sig_rsa || enc_rsa {
+ } else if sig_rsa || sig_rsa3072 || enc_rsa {
conf.define("MBEDTLS_CONFIG_FILE", Some("<config-rsa.h>"));
} else if sig_ecdsa && !enc_kw {
conf.define("MBEDTLS_CONFIG_FILE", Some("<config-asn1.h>"));
@@ -150,7 +161,7 @@
}
conf.file("../../boot/bootutil/src/image_validate.c");
- if sig_rsa {
+ if sig_rsa || sig_rsa3072 {
conf.file("../../boot/bootutil/src/image_rsa.c");
} else if sig_ecdsa {
conf.file("../../boot/bootutil/src/image_ec256.c");
diff --git a/sim/mcuboot-sys/csupport/keys.c b/sim/mcuboot-sys/csupport/keys.c
index 6e4f3f5..23bdb21 100644
--- a/sim/mcuboot-sys/csupport/keys.c
+++ b/sim/mcuboot-sys/csupport/keys.c
@@ -22,6 +22,7 @@
#include <mcuboot_config/mcuboot_config.h>
#if defined(MCUBOOT_SIGN_RSA)
+#if MCUBOOT_SIGN_RSA_LEN == 2048
#define HAVE_KEYS
const unsigned char root_pub_der[] = {
0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xd1, 0x06, 0x08,
@@ -49,6 +50,62 @@
0xc9, 0x02, 0x03, 0x01, 0x00, 0x01
};
const unsigned int root_pub_der_len = 270;
+#elif MCUBOOT_SIGN_RSA_LEN == 3072
+#define HAVE_KEYS
+const unsigned char root_pub_der[] = {
+ 0x30, 0x82, 0x01, 0x8a, 0x02, 0x82, 0x01, 0x81,
+ 0x00, 0xb4, 0x2c, 0x0e, 0x98, 0x58, 0x10, 0xa4,
+ 0xa7, 0x58, 0x99, 0x7c, 0x01, 0xdd, 0x08, 0x2a,
+ 0x28, 0x34, 0x33, 0xf8, 0x96, 0x1a, 0x34, 0x20,
+ 0x5d, 0x45, 0xc8, 0x71, 0x26, 0x25, 0xe5, 0xd2,
+ 0x96, 0xea, 0x7b, 0xb1, 0x15, 0xaa, 0xa6, 0x8a,
+ 0x63, 0x22, 0x8b, 0x2d, 0x4e, 0x81, 0x73, 0xbf,
+ 0x6e, 0x15, 0x68, 0x8c, 0x1a, 0xf4, 0xef, 0x2a,
+ 0x8f, 0x8c, 0x22, 0x9e, 0x71, 0x57, 0x4b, 0xde,
+ 0x0f, 0x7e, 0x72, 0xd3, 0x7a, 0xb8, 0xa7, 0x1d,
+ 0x44, 0xad, 0x87, 0x00, 0x83, 0x5c, 0xfd, 0x73,
+ 0x05, 0x72, 0x46, 0x3f, 0x8b, 0xf9, 0x10, 0x00,
+ 0xd8, 0x6e, 0xcc, 0x85, 0xed, 0xf9, 0x49, 0xdb,
+ 0x78, 0x36, 0x80, 0x49, 0x38, 0x76, 0xdd, 0x5f,
+ 0x54, 0x04, 0xda, 0x8c, 0x34, 0xa7, 0x2b, 0x13,
+ 0x25, 0x6f, 0xd1, 0x15, 0x4f, 0xad, 0xc2, 0xe1,
+ 0xa5, 0xd2, 0x4e, 0x57, 0x0c, 0x7e, 0x9c, 0x9b,
+ 0xba, 0x4e, 0x68, 0xb2, 0xe0, 0x25, 0x02, 0xaa,
+ 0x00, 0xd3, 0xb4, 0xcc, 0x2f, 0x78, 0xe5, 0xbe,
+ 0x47, 0x67, 0x1f, 0xc8, 0x6e, 0x22, 0x6c, 0x5e,
+ 0x61, 0xb6, 0x9a, 0xcd, 0xe5, 0xa8, 0xba, 0x7a,
+ 0x80, 0x13, 0x1b, 0x17, 0x2e, 0x96, 0xed, 0xcf,
+ 0xb3, 0x9b, 0xe4, 0x1c, 0xe8, 0xad, 0xa7, 0xf6,
+ 0x3a, 0x51, 0x66, 0x5e, 0x99, 0x8e, 0x87, 0xee,
+ 0x60, 0x25, 0xf8, 0x8d, 0xbe, 0xce, 0xa4, 0xa8,
+ 0xca, 0x93, 0x6c, 0xd7, 0xbf, 0xd4, 0x73, 0x33,
+ 0x8d, 0x44, 0x85, 0xcc, 0x73, 0x30, 0x08, 0x9c,
+ 0x4d, 0xb2, 0xaa, 0x5a, 0x6c, 0x6f, 0x7b, 0xab,
+ 0xb7, 0xb3, 0x7c, 0xc3, 0xfb, 0xe7, 0xca, 0xc4,
+ 0xf8, 0x9a, 0x6f, 0xcb, 0xbb, 0x5b, 0x82, 0xe7,
+ 0x7a, 0xe8, 0x19, 0xfd, 0x2f, 0x11, 0x22, 0xfb,
+ 0x7f, 0x76, 0x8c, 0x6b, 0x94, 0xa4, 0x09, 0x4f,
+ 0xa5, 0x6a, 0x77, 0x51, 0xeb, 0xa7, 0x7e, 0xda,
+ 0x87, 0x06, 0xee, 0xdc, 0xbe, 0xd1, 0xea, 0x1a,
+ 0x40, 0x1d, 0x1b, 0xff, 0x1a, 0xb1, 0x51, 0x7c,
+ 0x12, 0xb0, 0xf3, 0xf6, 0x83, 0x01, 0x9c, 0xe7,
+ 0x0c, 0x99, 0xbf, 0xac, 0x68, 0x58, 0x72, 0xa4,
+ 0xb0, 0x59, 0x85, 0xee, 0x85, 0xac, 0x2a, 0x22,
+ 0xf4, 0xcf, 0x15, 0x08, 0x80, 0x1f, 0x0d, 0xd0,
+ 0x1e, 0xa0, 0xa0, 0x94, 0xc8, 0xf7, 0xfa, 0x65,
+ 0xdd, 0x52, 0xe8, 0x96, 0x37, 0x23, 0x30, 0x57,
+ 0x36, 0xe6, 0x9d, 0xf4, 0x0c, 0x4a, 0x05, 0x75,
+ 0x1f, 0xad, 0x01, 0xca, 0xb7, 0x6d, 0x8c, 0x43,
+ 0x74, 0x06, 0x0a, 0x81, 0xf3, 0x01, 0x62, 0xff,
+ 0xf7, 0xf5, 0x5f, 0xaf, 0xe7, 0x2b, 0x0e, 0xf8,
+ 0x81, 0xb5, 0x65, 0xdd, 0x01, 0xd9, 0x9f, 0x07,
+ 0x17, 0x8a, 0x18, 0xcf, 0x23, 0x6e, 0x88, 0x65,
+ 0x91, 0xb5, 0x7b, 0xd3, 0xb0, 0x2d, 0xaf, 0x93,
+ 0x66, 0x63, 0x74, 0xac, 0x5a, 0xe6, 0x73, 0xde,
+ 0x3b, 0x02, 0x03, 0x01, 0x00, 0x01,
+};
+const unsigned int root_pub_der_len = 398;
+#endif
#elif defined(MCUBOOT_SIGN_EC256)
#define HAVE_KEYS
const unsigned char root_pub_der[] = {
diff --git a/sim/src/caps.rs b/sim/src/caps.rs
index 2751618..f316fd6 100644
--- a/sim/src/caps.rs
+++ b/sim/src/caps.rs
@@ -12,6 +12,7 @@
EncRsa = (1 << 5),
EncKw = (1 << 6),
ValidatePrimarySlot = (1 << 7),
+ RSA3072 = (1 << 8),
}
impl Caps {
diff --git a/sim/src/image.rs b/sim/src/image.rs
index 58d5e25..92b052e 100644
--- a/sim/src/image.rs
+++ b/sim/src/image.rs
@@ -1141,6 +1141,8 @@
// The non-encrypted configuration.
if Caps::RSA2048.present() {
TlvGen::new_rsa_pss()
+ } else if Caps::RSA3072.present() {
+ TlvGen::new_rsa3072_pss()
} else if Caps::EcdsaP256.present() {
TlvGen::new_ecdsa()
} else {
diff --git a/sim/src/rsa3072_pub_key-rs.txt b/sim/src/rsa3072_pub_key-rs.txt
new file mode 100644
index 0000000..983009c
--- /dev/null
+++ b/sim/src/rsa3072_pub_key-rs.txt
@@ -0,0 +1,53 @@
+/* Autogenerated by imgtool.py, do not edit. */
+static RSA3072_PUB_KEY: &'static [u8] = &[
+ 0x30, 0x82, 0x01, 0x8a, 0x02, 0x82, 0x01, 0x81,
+ 0x00, 0xb4, 0x2c, 0x0e, 0x98, 0x58, 0x10, 0xa4,
+ 0xa7, 0x58, 0x99, 0x7c, 0x01, 0xdd, 0x08, 0x2a,
+ 0x28, 0x34, 0x33, 0xf8, 0x96, 0x1a, 0x34, 0x20,
+ 0x5d, 0x45, 0xc8, 0x71, 0x26, 0x25, 0xe5, 0xd2,
+ 0x96, 0xea, 0x7b, 0xb1, 0x15, 0xaa, 0xa6, 0x8a,
+ 0x63, 0x22, 0x8b, 0x2d, 0x4e, 0x81, 0x73, 0xbf,
+ 0x6e, 0x15, 0x68, 0x8c, 0x1a, 0xf4, 0xef, 0x2a,
+ 0x8f, 0x8c, 0x22, 0x9e, 0x71, 0x57, 0x4b, 0xde,
+ 0x0f, 0x7e, 0x72, 0xd3, 0x7a, 0xb8, 0xa7, 0x1d,
+ 0x44, 0xad, 0x87, 0x00, 0x83, 0x5c, 0xfd, 0x73,
+ 0x05, 0x72, 0x46, 0x3f, 0x8b, 0xf9, 0x10, 0x00,
+ 0xd8, 0x6e, 0xcc, 0x85, 0xed, 0xf9, 0x49, 0xdb,
+ 0x78, 0x36, 0x80, 0x49, 0x38, 0x76, 0xdd, 0x5f,
+ 0x54, 0x04, 0xda, 0x8c, 0x34, 0xa7, 0x2b, 0x13,
+ 0x25, 0x6f, 0xd1, 0x15, 0x4f, 0xad, 0xc2, 0xe1,
+ 0xa5, 0xd2, 0x4e, 0x57, 0x0c, 0x7e, 0x9c, 0x9b,
+ 0xba, 0x4e, 0x68, 0xb2, 0xe0, 0x25, 0x02, 0xaa,
+ 0x00, 0xd3, 0xb4, 0xcc, 0x2f, 0x78, 0xe5, 0xbe,
+ 0x47, 0x67, 0x1f, 0xc8, 0x6e, 0x22, 0x6c, 0x5e,
+ 0x61, 0xb6, 0x9a, 0xcd, 0xe5, 0xa8, 0xba, 0x7a,
+ 0x80, 0x13, 0x1b, 0x17, 0x2e, 0x96, 0xed, 0xcf,
+ 0xb3, 0x9b, 0xe4, 0x1c, 0xe8, 0xad, 0xa7, 0xf6,
+ 0x3a, 0x51, 0x66, 0x5e, 0x99, 0x8e, 0x87, 0xee,
+ 0x60, 0x25, 0xf8, 0x8d, 0xbe, 0xce, 0xa4, 0xa8,
+ 0xca, 0x93, 0x6c, 0xd7, 0xbf, 0xd4, 0x73, 0x33,
+ 0x8d, 0x44, 0x85, 0xcc, 0x73, 0x30, 0x08, 0x9c,
+ 0x4d, 0xb2, 0xaa, 0x5a, 0x6c, 0x6f, 0x7b, 0xab,
+ 0xb7, 0xb3, 0x7c, 0xc3, 0xfb, 0xe7, 0xca, 0xc4,
+ 0xf8, 0x9a, 0x6f, 0xcb, 0xbb, 0x5b, 0x82, 0xe7,
+ 0x7a, 0xe8, 0x19, 0xfd, 0x2f, 0x11, 0x22, 0xfb,
+ 0x7f, 0x76, 0x8c, 0x6b, 0x94, 0xa4, 0x09, 0x4f,
+ 0xa5, 0x6a, 0x77, 0x51, 0xeb, 0xa7, 0x7e, 0xda,
+ 0x87, 0x06, 0xee, 0xdc, 0xbe, 0xd1, 0xea, 0x1a,
+ 0x40, 0x1d, 0x1b, 0xff, 0x1a, 0xb1, 0x51, 0x7c,
+ 0x12, 0xb0, 0xf3, 0xf6, 0x83, 0x01, 0x9c, 0xe7,
+ 0x0c, 0x99, 0xbf, 0xac, 0x68, 0x58, 0x72, 0xa4,
+ 0xb0, 0x59, 0x85, 0xee, 0x85, 0xac, 0x2a, 0x22,
+ 0xf4, 0xcf, 0x15, 0x08, 0x80, 0x1f, 0x0d, 0xd0,
+ 0x1e, 0xa0, 0xa0, 0x94, 0xc8, 0xf7, 0xfa, 0x65,
+ 0xdd, 0x52, 0xe8, 0x96, 0x37, 0x23, 0x30, 0x57,
+ 0x36, 0xe6, 0x9d, 0xf4, 0x0c, 0x4a, 0x05, 0x75,
+ 0x1f, 0xad, 0x01, 0xca, 0xb7, 0x6d, 0x8c, 0x43,
+ 0x74, 0x06, 0x0a, 0x81, 0xf3, 0x01, 0x62, 0xff,
+ 0xf7, 0xf5, 0x5f, 0xaf, 0xe7, 0x2b, 0x0e, 0xf8,
+ 0x81, 0xb5, 0x65, 0xdd, 0x01, 0xd9, 0x9f, 0x07,
+ 0x17, 0x8a, 0x18, 0xcf, 0x23, 0x6e, 0x88, 0x65,
+ 0x91, 0xb5, 0x7b, 0xd3, 0xb0, 0x2d, 0xaf, 0x93,
+ 0x66, 0x63, 0x74, 0xac, 0x5a, 0xe6, 0x73, 0xde,
+ 0x3b, 0x02, 0x03, 0x01, 0x00, 0x01,
+];
diff --git a/sim/src/tlv.rs b/sim/src/tlv.rs
index aa0d7f0..9896df6 100644
--- a/sim/src/tlv.rs
+++ b/sim/src/tlv.rs
@@ -29,6 +29,7 @@
RSA2048 = 0x20,
ECDSA224 = 0x21,
ECDSA256 = 0x22,
+ RSA3072 = 0x23,
ENCRSA2048 = 0x30,
ENCKW128 = 0x31,
}
@@ -90,6 +91,16 @@
}
#[allow(dead_code)]
+ pub fn new_rsa3072_pss() -> TlvGen {
+ TlvGen {
+ flags: 0,
+ kinds: vec![TlvKinds::SHA256, TlvKinds::RSA3072],
+ size: 4 + 32 + 4 + 32 + 4 + 384,
+ payload: vec![],
+ }
+ }
+
+ #[allow(dead_code)]
pub fn new_ecdsa() -> TlvGen {
TlvGen {
flags: 0,
@@ -192,9 +203,17 @@
result.extend_from_slice(hash);
}
- if self.kinds.contains(&TlvKinds::RSA2048) {
+ if self.kinds.contains(&TlvKinds::RSA2048) ||
+ self.kinds.contains(&TlvKinds::RSA3072) {
+
+ let is_rsa2048 = self.kinds.contains(&TlvKinds::RSA2048);
+
// Output the hash of the public key.
- let hash = digest::digest(&digest::SHA256, RSA_PUB_KEY);
+ let hash = if is_rsa2048 {
+ digest::digest(&digest::SHA256, RSA_PUB_KEY)
+ } else {
+ digest::digest(&digest::SHA256, RSA3072_PUB_KEY)
+ };
let hash = hash.as_ref();
assert!(hash.len() == 32);
@@ -205,16 +224,28 @@
result.extend_from_slice(hash);
// For now assume PSS.
- let key_bytes = pem::parse(include_bytes!("../../root-rsa-2048.pem").as_ref()).unwrap();
+ let key_bytes = if is_rsa2048 {
+ pem::parse(include_bytes!("../../root-rsa-2048.pem").as_ref()).unwrap()
+ } else {
+ pem::parse(include_bytes!("../../root-rsa-3072.pem").as_ref()).unwrap()
+ };
assert_eq!(key_bytes.tag, "RSA PRIVATE KEY");
let key_bytes = untrusted::Input::from(&key_bytes.contents);
let key_pair = RsaKeyPair::from_der(key_bytes).unwrap();
let rng = rand::SystemRandom::new();
let mut signature = vec![0; key_pair.public_modulus_len()];
- assert_eq!(signature.len(), 256);
+ if is_rsa2048 {
+ assert_eq!(signature.len(), 256);
+ } else {
+ assert_eq!(signature.len(), 384);
+ }
key_pair.sign(&RSA_PSS_SHA256, &rng, &self.payload, &mut signature).unwrap();
- result.push(TlvKinds::RSA2048 as u8);
+ if is_rsa2048 {
+ result.push(TlvKinds::RSA2048 as u8);
+ } else {
+ result.push(TlvKinds::RSA3072 as u8);
+ }
result.push(0);
result.push((signature.len() & 0xFF) as u8);
result.push(((signature.len() >> 8) & 0xFF) as u8);
@@ -297,4 +328,5 @@
}
include!("rsa_pub_key-rs.txt");
+include!("rsa3072_pub_key-rs.txt");
include!("ecdsa_pub_key-rs.txt");