commit b4d20c8c58bb9ccb815f8fd29cd6a3ed27337c51
author Fabio Utzig <utzig@apache.org> Thu Dec 27 16:08:39 2018 -0200
committer Fabio Utzig <utzig@utzig.org> Thu Jan 03 11:22:05 2019 -0200
tree aa370886b3ccde1212fc60e93ab6b4caa2628783
parent 3b091f6afded8f5a67154ab8ace7f3f6ee1e3e83

Update sim to run ecdsa sig + kw enc

This adds the functionality to build/run testing on images that were
signed using ECDSA and encrypted with KW, using tinycrypt.

Also when it this mode, ecdsa+kw, adds the Mbed-TLS submodule to the
build because the simulator needs to use the Mbed-TLS keywrapping
infrastructure to generate the keys sent to the image.

Signed-off-by: Fabio Utzig <utzig@apache.org>

sim/mcuboot-sys/build.rs

diff --git a/sim/mcuboot-sys/build.rs b/sim/mcuboot-sys/build.rs
index 12377db..9e9ef36 100644
--- a/sim/mcuboot-sys/build.rs
+++ b/sim/mcuboot-sys/build.rs
@@ -54,7 +54,9 @@
         conf.define("MCUBOOT_SIGN_EC256", None);
         conf.define("MCUBOOT_USE_TINYCRYPT", None);
 
-        conf.include("../../ext/mbedtls/include");
+        if !enc_kw {
+            conf.include("../../ext/mbedtls/include");
+        }
         conf.include("../../ext/tinycrypt/lib/include");
 
         conf.file("csupport/keys.c");
@@ -65,6 +67,7 @@
         conf.file("../../ext/tinycrypt/lib/source/ecc_dsa.c");
         conf.file("../../ext/tinycrypt/lib/source/ecc_platform_specific.c");
 
+        conf.file("../../ext/mbedtls/src/platform_util.c");
         conf.file("../../ext/mbedtls/src/asn1parse.c");
     } else {
         // Neither signature type, only verify sha256. The default
@@ -104,27 +107,40 @@
     if enc_kw {
         conf.define("MCUBOOT_ENCRYPT_KW", None);
         conf.define("MCUBOOT_ENC_IMAGES", None);
-        conf.define("MCUBOOT_USE_MBED_TLS", None);
 
         conf.file("../../boot/bootutil/src/encrypted.c");
         conf.file("csupport/keys.c");
 
-        conf.include("mbedtls/include");
-        conf.file("mbedtls/library/sha256.c");
+        if sig_rsa {
+            conf.file("mbedtls/library/sha256.c");
+        }
 
+        /* Simulator uses Mbed-TLS to wrap keys */
+        conf.include("mbedtls/include");
         conf.file("mbedtls/library/platform.c");
         conf.file("mbedtls/library/platform_util.c");
         conf.file("mbedtls/library/nist_kw.c");
         conf.file("mbedtls/library/cipher.c");
         conf.file("mbedtls/library/cipher_wrap.c");
         conf.file("mbedtls/library/aes.c");
+
+        if sig_ecdsa {
+            conf.define("MCUBOOT_USE_TINYCRYPT", None);
+
+            conf.include("../../ext/tinycrypt/lib/include");
+
+            conf.file("../../ext/tinycrypt/lib/source/utils.c");
+            conf.file("../../ext/tinycrypt/lib/source/sha256.c");
+            conf.file("../../ext/tinycrypt/lib/source/aes_encrypt.c");
+            conf.file("../../ext/tinycrypt/lib/source/aes_decrypt.c");
+        }
     }
 
     if sig_rsa && enc_kw {
         conf.define("MBEDTLS_CONFIG_FILE", Some("<config-rsa-kw.h>"));
     } else if sig_rsa || enc_rsa {
         conf.define("MBEDTLS_CONFIG_FILE", Some("<config-rsa.h>"));
-    } else if sig_ecdsa {
+    } else if sig_ecdsa && !enc_kw {
         conf.define("MBEDTLS_CONFIG_FILE", Some("<config-asn1.h>"));
     } else if enc_kw {
         conf.define("MBEDTLS_CONFIG_FILE", Some("<config-kw.h>"));