OrgZephyr/mcuboot
OrgZephyr
/
mcuboot
mirror of https://github.com/zephyrproject-rtos/mcuboot.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Add Zephyr support for bundled mbed-tls ASN1 parser 

When using EC256 for signing, Zephyr now uses the bundled tinycrypt
and mbed-tls ASN1 parser instead of relying on the one provided by
the OS.

Signed-off-by: Fabio Utzig <utzig@apache.org>
This commit is contained in:
Fabio Utzig 2017-12-12 08:10:40 -02:00 committed by David Brown
parent ac18eec773
commit 28ee5b0ea9
3 changed files with 17 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
boot/zephyr/CMakeLists.txt
View File

@ -131,12 +131,18 @@ get_filename_component(BOOT_DIR ${APPLICATION_SOURCE_DIR} DIRECTORY)
get_filename_component(MCUBOOT_DIR ${BOOT_DIR} DIRECTORY)
# Path to tinycrypt library source subdirectory of MCUBOOT_DIR.
set(TINYCRYPT_DIR "${MCUBOOT_DIR}/ext/tinycrypt/lib")
# Zephyr's mbedTLS needs this.
zephyr_include_directories(include)
# Path to mbed-tls' asn1 parser library.
set(MBEDTLS_ASN1_DIR "${MCUBOOT_DIR}/ext/mbedtls")
# Zephyr application include directories.
target_include_directories(app PRIVATE $ENV{ZEPHYR_BASE}/ext/lib/crypto/mbedtls/include)
if (NOT NEED_TINYCRYPT)
# Zephyr's mbedTLS needs this.
zephyr_include_directories(include)
# Use full mbedtls provided by OS for RSA
target_include_directories(app PRIVATE $ENV{ZEPHYR_BASE}/ext/lib/crypto/mbedtls/include)
endif()
target_include_directories(app PRIVATE include)
target_include_directories(app PRIVATE targets)
if(EXISTS "${APPLICATION_SOURCE_DIR}/targets/${BOARD}.h")
@ -164,12 +170,16 @@ target_sources(app PRIVATE "${BOOT_DIR}/bootutil/src/caps.c")
# Tinycrypt sources and includes, if needed.
if (NEED_TINYCRYPT)
target_include_directories(app PRIVATE "${BOOT_DIR}/zephyr/include")
target_include_directories(app PRIVATE "${TINYCRYPT_DIR}/include")
target_include_directories(app PRIVATE "${MBEDTLS_ASN1_DIR}/include")
target_sources(app PRIVATE "${TINYCRYPT_DIR}/source/ecc.c")
target_sources(app PRIVATE "${TINYCRYPT_DIR}/source/ecc_dsa.c")
target_sources(app PRIVATE "${TINYCRYPT_DIR}/source/sha256.c")
target_sources(app PRIVATE "${TINYCRYPT_DIR}/source/utils.c")
target_sources(app PRIVATE "${MBEDTLS_ASN1_DIR}/src/asn1parse.c")
endif()
if (CONFIG_MCUBOOT_SERIAL)

3
boot/zephyr/os.c
View File

@ -22,11 +22,12 @@
#include "os/os_heap.h"
#ifdef MCUBOOT_USE_MBED_TLS
#define MBEDTLS_CONFIG_FILE CONFIG_MBEDTLS_CFG_FILE
#include <mbedtls/platform.h>
#include <mbedtls/memory_buffer_alloc.h>
#ifdef MCUBOOT_USE_MBED_TLS
/*
* This is the heap for mbed TLS. The value needed depends on the key
* size and algorithm used. For RSA-2048, 6144 bytes seems to be

2
boot/zephyr/prj-p256.conf
View File

@ -5,7 +5,7 @@ CONFIG_SYSTEM_CLOCK_DISABLE=y
CONFIG_MAIN_STACK_SIZE=10240
CONFIG_MBEDTLS=y
CONFIG_MBEDTLS_BUILTIN=y
CONFIG_MBEDTLS_BUILTIN=n
CONFIG_MBEDTLS_CFG_FILE="config-asn1.h"
# CONFIG_TINYCRYPT is not set
# CONFIG_TINYCRYPT_ECC_DSA is not set