boot: Support Mbed TLS ECDSA for signatures
Add Mbed TLS ECDSA signature verification as an option (in addition to
Tinycrypt and the CC310 hardware version). Although the Mbed TLS ECDSA
verification code is both larger and slower, this will still save space
if there is another reason that the Mbed TLS code is already being
brought in for another reason (such as certificate management, for
example).
Mbed TLS's ECDSA verification works at a different level than the other
two libraries, so this takes a bit of reworking. There are some
additional parameters passed to the various functions, and a new define
MCUBOOT_ECDSA_NEED_ASN1_SIG to indicate that the ecdsa verification
wants the original ASN1 signature, not a decoded key.
This adds the boot changes and simulator support to test this configuration.
Signed-off-by: David Brown <david.brown@linaro.org>
diff --git a/sim/mcuboot-sys/csupport/run.c b/sim/mcuboot-sys/csupport/run.c
index 03947fa..0133262 100644
--- a/sim/mcuboot-sys/csupport/run.c
+++ b/sim/mcuboot-sys/csupport/run.c
@@ -230,7 +230,8 @@
struct boot_rsp rsp;
struct boot_loader_state *state;
-#if defined(MCUBOOT_SIGN_RSA)
+#if defined(MCUBOOT_SIGN_RSA) || \
+ (defined(MCUBOOT_SIGN_EC256) && defined(MCUBOOT_USE_MBED_TLS))
mbedtls_platform_set_calloc_free(calloc, free);
#endif