Add ed25519 verification to sim
Signed-off-by: Fabio Utzig <utzig@apache.org>
diff --git a/boot/bootutil/include/bootutil/caps.h b/boot/bootutil/include/bootutil/caps.h
index b38bc4f..1958348 100644
--- a/boot/bootutil/include/bootutil/caps.h
+++ b/boot/bootutil/include/bootutil/caps.h
@@ -41,6 +41,7 @@
#define BOOTUTIL_CAP_ENC_KW (1<<6)
#define BOOTUTIL_CAP_VALIDATE_PRIMARY_SLOT (1<<7)
#define BOOTUTIL_CAP_RSA3072 (1<<8)
+#define BOOTUTIL_CAP_ED25519 (1<<9)
/*
* Query the number of images this bootloader is configured for. This
diff --git a/boot/bootutil/src/caps.c b/boot/bootutil/src/caps.c
index f2126d7..96f27b3 100644
--- a/boot/bootutil/src/caps.c
+++ b/boot/bootutil/src/caps.c
@@ -35,6 +35,9 @@
#if defined(MCUBOOT_SIGN_EC256)
res |= BOOTUTIL_CAP_ECDSA_P256;
#endif
+#if defined(MCUBOOT_SIGN_ED25519)
+ res |= BOOTUTIL_CAP_ED25519;
+#endif
#if defined(MCUBOOT_OVERWRITE_ONLY)
res |= BOOTUTIL_CAP_OVERWRITE_UPGRADE;
#else
diff --git a/sim/Cargo.toml b/sim/Cargo.toml
index fbe2bb9..28c8dc0 100644
--- a/sim/Cargo.toml
+++ b/sim/Cargo.toml
@@ -10,6 +10,7 @@
sig-rsa = ["mcuboot-sys/sig-rsa"]
sig-rsa3072 = ["mcuboot-sys/sig-rsa3072"]
sig-ecdsa = ["mcuboot-sys/sig-ecdsa"]
+sig-ed25519 = ["mcuboot-sys/sig-ed25519"]
overwrite-only = ["mcuboot-sys/overwrite-only"]
validate-primary-slot = ["mcuboot-sys/validate-primary-slot"]
enc-rsa = ["mcuboot-sys/enc-rsa"]
diff --git a/sim/mcuboot-sys/Cargo.toml b/sim/mcuboot-sys/Cargo.toml
index 7512e22..4f20725 100644
--- a/sim/mcuboot-sys/Cargo.toml
+++ b/sim/mcuboot-sys/Cargo.toml
@@ -21,6 +21,9 @@
# Verify ECDSA (secp256r1) signatures.
sig-ecdsa = []
+# Verify ED25519 signatures.
+sig-ed25519 = []
+
# Overwrite only upgrade
overwrite-only = []
diff --git a/sim/mcuboot-sys/build.rs b/sim/mcuboot-sys/build.rs
index ce4ee25..3e419bd 100644
--- a/sim/mcuboot-sys/build.rs
+++ b/sim/mcuboot-sys/build.rs
@@ -12,6 +12,7 @@
let sig_rsa = env::var("CARGO_FEATURE_SIG_RSA").is_ok();
let sig_rsa3072 = env::var("CARGO_FEATURE_SIG_RSA3072").is_ok();
let sig_ecdsa = env::var("CARGO_FEATURE_SIG_ECDSA").is_ok();
+ let sig_ed25519 = env::var("CARGO_FEATURE_SIG_ED25519").is_ok();
let overwrite_only = env::var("CARGO_FEATURE_OVERWRITE_ONLY").is_ok();
let validate_primary_slot =
env::var("CARGO_FEATURE_VALIDATE_PRIMARY_SLOT").is_ok();
@@ -37,7 +38,7 @@
}
// Currently no more than one sig type can be used simultaneously.
- if vec![sig_rsa, sig_rsa3072, sig_ecdsa].iter()
+ if vec![sig_rsa, sig_rsa3072, sig_ecdsa, sig_ed25519].iter()
.fold(0, |sum, &v| sum + v as i32) > 1 {
panic!("mcuboot does not support more than one sig type at the same time");
}
@@ -83,6 +84,18 @@
conf.file("../../ext/mbedtls/src/platform_util.c");
conf.file("../../ext/mbedtls/src/asn1parse.c");
+ } else if sig_ed25519 {
+ conf.define("MCUBOOT_SIGN_ED25519", None);
+ conf.define("MCUBOOT_USE_MBED_TLS", None);
+
+ conf.include("mbedtls/include");
+ conf.file("mbedtls/library/sha256.c");
+ conf.file("mbedtls/library/sha512.c");
+ conf.file("csupport/keys.c");
+ conf.file("../../ext/fiat/src/curve25519.c");
+ conf.file("mbedtls/library/platform.c");
+ conf.file("mbedtls/library/platform_util.c");
+ conf.file("mbedtls/library/asn1parse.c");
} else {
// Neither signature type, only verify sha256. The default
// configuration file bundled with mbedTLS is sufficient.
@@ -148,6 +161,10 @@
conf.file("../../ext/tinycrypt/lib/source/aes_encrypt.c");
conf.file("../../ext/tinycrypt/lib/source/aes_decrypt.c");
}
+
+ if sig_ed25519 {
+ panic!("ed25519 does not support image encryption with KW yet");
+ }
}
if sig_rsa && enc_kw {
@@ -156,6 +173,8 @@
conf.define("MBEDTLS_CONFIG_FILE", Some("<config-rsa.h>"));
} else if sig_ecdsa && !enc_kw {
conf.define("MBEDTLS_CONFIG_FILE", Some("<config-asn1.h>"));
+ } else if sig_ed25519 {
+ conf.define("MBEDTLS_CONFIG_FILE", Some("<config-ed25519.h>"));
} else if enc_kw {
conf.define("MBEDTLS_CONFIG_FILE", Some("<config-kw.h>"));
}
@@ -165,6 +184,8 @@
conf.file("../../boot/bootutil/src/image_rsa.c");
} else if sig_ecdsa {
conf.file("../../boot/bootutil/src/image_ec256.c");
+ } else if sig_ed25519 {
+ conf.file("../../boot/bootutil/src/image_ed25519.c");
}
conf.file("../../boot/bootutil/src/loader.c");
conf.file("../../boot/bootutil/src/caps.c");
diff --git a/sim/mcuboot-sys/csupport/keys.c b/sim/mcuboot-sys/csupport/keys.c
index 23bdb21..e0aca05 100644
--- a/sim/mcuboot-sys/csupport/keys.c
+++ b/sim/mcuboot-sys/csupport/keys.c
@@ -122,6 +122,17 @@
0x8b, 0x68, 0x34, 0xcc, 0x3a, 0x6a, 0xfc, 0x53,
0x8e, 0xfa, 0xc1, };
const unsigned int root_pub_der_len = 91;
+#elif defined(MCUBOOT_SIGN_ED25519)
+#define HAVE_KEYS
+const unsigned char root_pub_der[] = {
+ 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65,
+ 0x70, 0x03, 0x21, 0x00, 0xd4, 0xb3, 0x1b, 0xa4,
+ 0x9a, 0x3a, 0xdd, 0x3f, 0x82, 0x5d, 0x10, 0xca,
+ 0x7f, 0x31, 0xb5, 0x0b, 0x0d, 0xe8, 0x7f, 0x37,
+ 0xcc, 0xc4, 0x9f, 0x1a, 0x40, 0x3a, 0x5c, 0x13,
+ 0x20, 0xff, 0xb4, 0xe0,
+};
+const unsigned int root_pub_der_len = 44;
#endif
#if defined(HAVE_KEYS)
diff --git a/sim/src/caps.rs b/sim/src/caps.rs
index f316fd6..fa7c41e 100644
--- a/sim/src/caps.rs
+++ b/sim/src/caps.rs
@@ -13,6 +13,7 @@
EncKw = (1 << 6),
ValidatePrimarySlot = (1 << 7),
RSA3072 = (1 << 8),
+ Ed25519 = (1 << 9),
}
impl Caps {
diff --git a/sim/src/ed25519_pub_key-rs.txt b/sim/src/ed25519_pub_key-rs.txt
new file mode 100644
index 0000000..f624fe3
--- /dev/null
+++ b/sim/src/ed25519_pub_key-rs.txt
@@ -0,0 +1,8 @@
+static ED25519_PUB_KEY: &'static [u8] = &[
+ 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65,
+ 0x70, 0x03, 0x21, 0x00, 0xd4, 0xb3, 0x1b, 0xa4,
+ 0x9a, 0x3a, 0xdd, 0x3f, 0x82, 0x5d, 0x10, 0xca,
+ 0x7f, 0x31, 0xb5, 0x0b, 0x0d, 0xe8, 0x7f, 0x37,
+ 0xcc, 0xc4, 0x9f, 0x1a, 0x40, 0x3a, 0x5c, 0x13,
+ 0x20, 0xff, 0xb4, 0xe0,
+];
diff --git a/sim/src/image.rs b/sim/src/image.rs
index 99fb3fb..b5a68dd 100644
--- a/sim/src/image.rs
+++ b/sim/src/image.rs
@@ -1168,6 +1168,8 @@
TlvGen::new_rsa3072_pss()
} else if Caps::EcdsaP256.present() {
TlvGen::new_ecdsa()
+ } else if Caps::Ed25519.present() {
+ TlvGen::new_ed25519()
} else {
TlvGen::new_hash_only()
}
diff --git a/sim/src/tlv.rs b/sim/src/tlv.rs
index 9896df6..1af8618 100644
--- a/sim/src/tlv.rs
+++ b/sim/src/tlv.rs
@@ -16,6 +16,7 @@
RSA_PSS_SHA256,
EcdsaKeyPair,
ECDSA_P256_SHA256_ASN1_SIGNING,
+ Ed25519KeyPair,
};
use untrusted;
use mcuboot_sys::c;
@@ -30,6 +31,7 @@
ECDSA224 = 0x21,
ECDSA256 = 0x22,
RSA3072 = 0x23,
+ ED25519 = 0x24,
ENCRSA2048 = 0x30,
ENCKW128 = 0x31,
}
@@ -111,6 +113,16 @@
}
#[allow(dead_code)]
+ pub fn new_ed25519() -> TlvGen {
+ TlvGen {
+ flags: 0,
+ kinds: vec![TlvKinds::SHA256, TlvKinds::ED25519],
+ size: 4 + 32 + 4 + 32 + 4 + 64,
+ payload: vec![],
+ }
+ }
+
+ #[allow(dead_code)]
pub fn new_enc_rsa() -> TlvGen {
TlvGen {
flags: TlvFlags::ENCRYPTED as u32,
@@ -288,6 +300,38 @@
result.extend_from_slice(signature.as_ref());
}
+ if self.kinds.contains(&TlvKinds::ED25519) {
+ let keyhash = digest::digest(&digest::SHA256, ED25519_PUB_KEY);
+ let keyhash = keyhash.as_ref();
+
+ assert!(keyhash.len() == 32);
+ result.push(TlvKinds::KEYHASH as u8);
+ result.push(0);
+ result.push(32);
+ result.push(0);
+ result.extend_from_slice(keyhash);
+
+ let hash = digest::digest(&digest::SHA256, &self.payload);
+ let hash = hash.as_ref();
+ assert!(hash.len() == 32);
+
+ let key_bytes = pem::parse(include_bytes!("../../root-ed25519.pem").as_ref()).unwrap();
+ assert_eq!(key_bytes.tag, "PRIVATE KEY");
+
+ let seed = untrusted::Input::from(&key_bytes.contents[16..48]);
+ let public = untrusted::Input::from(&ED25519_PUB_KEY[12..44]);
+ let key_pair = Ed25519KeyPair::from_seed_and_public_key(seed, public).unwrap();
+ let signature = key_pair.sign(&hash);
+
+ result.push(TlvKinds::ED25519 as u8);
+ result.push(0);
+
+ let signature = signature.as_ref().to_vec();
+ result.push((signature.len() & 0xFF) as u8);
+ result.push(((signature.len() >> 8) & 0xFF) as u8);
+ result.extend_from_slice(signature.as_ref());
+ }
+
if self.kinds.contains(&TlvKinds::ENCRSA2048) {
let key_bytes = pem::parse(include_bytes!("../../enc-rsa2048-pub.pem")
.as_ref()).unwrap();
@@ -330,3 +374,4 @@
include!("rsa_pub_key-rs.txt");
include!("rsa3072_pub_key-rs.txt");
include!("ecdsa_pub_key-rs.txt");
+include!("ed25519_pub_key-rs.txt");