commit 641af4530cf0de1990a539d76590b97fd0e272f2
author David Brown <david.brown@linaro.org> Fri Feb 19 12:16:48 2021 -0700
committer David Brown <davidb@davidb.org> Tue Feb 23 10:29:31 2021 -0700
tree 3587d65340750e2ed21ebd4f37d16502220eda81
parent 0c8c8d53257be7454a066e18014b4bedcd545c32

boot: Support Mbed TLS ECDSA for signatures

Add Mbed TLS ECDSA signature verification as an option (in addition to
Tinycrypt and the CC310 hardware version).  Although the Mbed TLS ECDSA
verification code is both larger and slower, this will still save space
if there is another reason that the Mbed TLS code is already being
brought in for another reason (such as certificate management, for
example).

Mbed TLS's ECDSA verification works at a different level than the other
two libraries, so this takes a bit of reworking.  There are some
additional parameters passed to the various functions, and a new define
MCUBOOT_ECDSA_NEED_ASN1_SIG to indicate that the ecdsa verification
wants the original ASN1 signature, not a decoded key.

This adds the boot changes and simulator support to test this configuration.

Signed-off-by: David Brown <david.brown@linaro.org>

boot/bootutil/src/image_ec256.c

diff --git a/boot/bootutil/src/image_ec256.c b/boot/bootutil/src/image_ec256.c
index f5b8135..ccb67f3 100644
--- a/boot/bootutil/src/image_ec256.c
+++ b/boot/bootutil/src/image_ec256.c
@@ -30,10 +30,11 @@
 
 #ifdef MCUBOOT_SIGN_EC256
 /*TODO: remove this after cypress port mbedtls to abstract crypto api */
-#ifdef MCUBOOT_USE_CC310
+#if defined(MCUBOOT_USE_CC310) || defined(MCUBOOT_USE_MBED_TLS)
 #define NUM_ECC_BYTES (256 / 8)
 #endif
-#if defined (MCUBOOT_USE_TINYCRYPT) || defined (MCUBOOT_USE_CC310)
+#if defined(MCUBOOT_USE_TINYCRYPT) || defined(MCUBOOT_USE_CC310) || \
+    defined(MCUBOOT_USE_MBED_TLS)
 #include "bootutil/sign_key.h"
 
 #include "mbedtls/oid.h"
@@ -88,16 +89,11 @@
     if (len != 2 * NUM_ECC_BYTES + 1) {
         return -8;
     }
-    /* Is uncompressed? */
-    if (*cp[0] != 0x04) {
-        return -9;
-    }
-
-    (*cp)++;
 
     return 0;
 }
 
+#ifndef MCUBOOT_ECDSA_NEED_ASN1_SIG
 /*
  * cp points to ASN1 string containing an integer.
  * Verify the tag, and that the length is 32 bytes.
@@ -149,6 +145,7 @@
     }
     return 0;
 }
+#endif /* not MCUBOOT_ECDSA_NEED_ASN1_SIG */
 
 int
 bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, size_t slen,
@@ -159,7 +156,9 @@
     uint8_t *pubkey;
     uint8_t *end;
 
+#ifndef MCUBOOT_ECDSA_NEED_ASN1_SIG
     uint8_t signature[2 * NUM_ECC_BYTES];
+#endif
 
     pubkey = (uint8_t *)bootutil_keys[key_id].key;
     end = pubkey + *bootutil_keys[key_id].len;
@@ -169,10 +168,12 @@
         return -1;
     }
 
+#ifndef MCUBOOT_ECDSA_NEED_ASN1_SIG
     rc = bootutil_decode_sig(signature, sig, sig + slen);
     if (rc) {
         return -1;
     }
+#endif
 
     /*
      * This is simplified, as the hash length is also 32 bytes.
@@ -182,7 +183,12 @@
     }
 
     bootutil_ecdsa_p256_init(&ctx);
-    rc = bootutil_ecdsa_p256_verify(&ctx, pubkey, hash, signature);
+#ifdef MCUBOOT_ECDSA_NEED_ASN1_SIG
+    rc = bootutil_ecdsa_p256_verify(&ctx, pubkey, end - pubkey, hash, sig, slen);
+#else
+    rc = bootutil_ecdsa_p256_verify(&ctx, pubkey, end - pubkey, hash, signature,
+                                    2 * NUM_ECC_BYTES);
+#endif
     bootutil_ecdsa_p256_drop(&ctx);
     return rc;
 }