Add ecdsa signing support to the simulator
Signed-off-by: Fabio Utzig <utzig@apache.org>
diff --git a/sim/src/tlv.rs b/sim/src/tlv.rs
index f2191f6..79e89fd 100644
--- a/sim/src/tlv.rs
+++ b/sim/src/tlv.rs
@@ -12,6 +12,7 @@
use pem;
use ring::{digest, rand, signature};
use untrusted;
+use mcuboot_sys::c;
#[repr(u8)]
#[derive(Copy, Clone, PartialEq, Eq)]
@@ -53,6 +54,16 @@
}
}
+ #[allow(dead_code)]
+ pub fn new_ecdsa() -> TlvGen {
+ TlvGen {
+ flags: 0,
+ kinds: vec![TlvKinds::SHA256, TlvKinds::KEYHASH, TlvKinds::ECDSA256],
+ size: 4 + 32 + 4 + 72,
+ payload: vec![],
+ }
+ }
+
/// Retrieve the header flags for this configuration. This can be called at any time.
pub fn get_flags(&self) -> u32 {
self.flags
@@ -68,6 +79,37 @@
self.payload.extend_from_slice(bytes);
}
+ /// Create a DER representation of one ec curve point
+ fn _make_der_int(&self, x: &[u8]) -> Vec<u8> {
+ assert!(x.len() == 32);
+
+ let mut i: Vec<u8> = vec![0x02];
+ if x[0] >= 0x7f {
+ i.push(33);
+ i.push(0);
+ } else {
+ i.push(32);
+ }
+ i.extend(x);
+ i
+ }
+
+ /// Create an ecdsa256 TLV
+ fn _make_der_sequence(&self, r: Vec<u8>, s: Vec<u8>) -> Vec<u8> {
+ let mut der: Vec<u8> = vec![0x30];
+ der.push(r.len() as u8 + s.len() as u8);
+ der.extend(r);
+ der.extend(s);
+ let mut size = der.len();
+ // must pad up to 72 bytes...
+ while size <= 72 {
+ der.push(0);
+ der[1] += 1;
+ size += 1;
+ }
+ der
+ }
+
/// Compute the TLV given the specified block of data.
pub fn make_tlv(self) -> Vec<u8> {
let mut result: Vec<u8> = vec![];
@@ -120,8 +162,59 @@
result.extend_from_slice(&signature);
}
+ if self.kinds.contains(&TlvKinds::ECDSA256) {
+ let keyhash = digest::digest(&digest::SHA256, ECDSA256_PUB_KEY);
+ let keyhash = keyhash.as_ref();
+
+ assert!(keyhash.len() == 32);
+ result.push(TlvKinds::KEYHASH as u8);
+ result.push(0);
+ result.push(32);
+ result.push(0);
+ result.extend_from_slice(keyhash);
+
+ let key_bytes = pem::parse(include_bytes!("../../root-ec-p256.pem").as_ref()).unwrap();
+ assert_eq!(key_bytes.tag, "EC PRIVATE KEY");
+
+ let hash = digest::digest(&digest::SHA256, &self.payload);
+ let hash = hash.as_ref();
+ assert!(hash.len() == 32);
+
+ /* FIXME
+ *
+ * Although `ring` has an ASN1 parser, it hides access
+ * to its low-level data, which was designed to be used
+ * by its internal signing/verifying functions. Since it does
+ * not yet support ecdsa signing, for the time being I am
+ * manually loading the key from its index in the PEM and
+ * building the TLV DER manually.
+ *
+ * Once ring gets ecdsa signing (hopefully soon!) this code
+ * should be updated to leverage its functionality...
+ */
+
+ /* Load key directly from PEM */
+ let key = &key_bytes.contents[7..39];
+
+ let signature = match c::ecdsa256_sign(&key, &hash) {
+ Ok(sign) => sign,
+ Err(_) => panic!("Failed signature generation"),
+ };
+
+ let r = self._make_der_int(&signature.to_vec()[..32]);
+ let s = self._make_der_int(&signature.to_vec()[32..64]);
+ let der = self._make_der_sequence(r, s);
+
+ result.push(TlvKinds::ECDSA256 as u8);
+ result.push(0);
+ result.push(der.len() as u8);
+ result.push(0);
+ result.extend(der);
+ }
+
result
}
}
include!("rsa_pub_key-rs.txt");
+include!("ecdsa_pub_key-rs.txt");