boot: Restore and extend the usage of 0x22 TLV (ECDSA256)

The IMAGE_TLV_ECDSA256 TLV has been put out of use by commit 63d2346da4. This commit reverts this part of that patch and at the same time it extends the usage of this TLV to cover all types of curves (replacing the newly introduced 0x25 TLV type) while retaining its value (0x22) for backward compatibility. Rename IMAGE_TLV_ECDSA256 to IMAGE_TLV_ECDSA_SIG. Change-Id: I904f292db775c38f26a5e9a87c5f414165efc173 Signed-off-by: David Vincze <david.vincze@arm.com>
2023-04-27 16:11:49 +02:00 · 2023-04-27 16:11:49 +02:00 · 4395b80976
parent 6769344276
commit 4395b80976
5 changed files with 6 additions and 9 deletions
--- a/boot/bootutil/include/bootutil/image.h
+++ b/boot/bootutil/include/bootutil/image.h
@ -86,10 +86,9 @@ struct flash_area;
 #define IMAGE_TLV_SHA256            0x10   /* SHA256 of image hdr and body */
 #define IMAGE_TLV_RSA2048_PSS       0x20   /* RSA2048 of hash output */
 #define IMAGE_TLV_ECDSA224          0x21   /* ECDSA of hash output - Not supported anymore */
-#define IMAGE_TLV_ECDSA256          0x22   /* ECDSA of hash output - Not supported anymore */
+#define IMAGE_TLV_ECDSA_SIG         0x22   /* ECDSA of hash output */
 #define IMAGE_TLV_RSA3072_PSS       0x23   /* RSA3072 of hash output */
 #define IMAGE_TLV_ED25519           0x24   /* ed25519 of hash output */
-#define IMAGE_TLV_ECDSA_SIG         0x25   /* ECDSA of hash output */
 #define IMAGE_TLV_ENC_RSA2048       0x30   /* Key encrypted with RSA-OAEP-2048 */
 #define IMAGE_TLV_ENC_KW            0x31   /* Key encrypted with AES-KW 128 or 256*/
 #define IMAGE_TLV_ENC_EC256         0x32   /* Key encrypted with ECIES-EC256 */
--- a/docs/design.md
+++ b/docs/design.md
@ -108,10 +108,9 @@ struct image_tlv {
 #define IMAGE_TLV_SHA256            0x10   /* SHA256 of image hdr and body */
 #define IMAGE_TLV_RSA2048_PSS       0x20   /* RSA2048 of hash output */
 #define IMAGE_TLV_ECDSA224          0x21   /* ECDSA of hash output - Not supported anymore */
-#define IMAGE_TLV_ECDSA256          0x22   /* ECDSA of hash output - Not supported anymore */
+#define IMAGE_TLV_ECDSA_SIG         0x22   /* ECDSA of hash output */
 #define IMAGE_TLV_RSA3072_PSS       0x23   /* RSA3072 of hash output */
 #define IMAGE_TLV_ED25519           0x24   /* ED25519 of hash output */
-#define IMAGE_TLV_ECDSA_SIG         0x25   /* ECDSA of hash output */
 #define IMAGE_TLV_ENC_RSA2048       0x30   /* Key encrypted with RSA-OAEP-2048 */
 #define IMAGE_TLV_ENC_KW            0x31   /* Key encrypted with AES-KW-128 or
                                              256 */
--- a/docs/release-notes.d/ecdsa-tlv-p384.md
+++ b/docs/release-notes.d/ecdsa-tlv-p384.md
@ -1,2 +1,2 @@
- Add generic ECDSA TLV, remove the ECDSA256 and ECDSA224 curve TLVs.
- Add P384 support to imgtool.
+- Make the ECDSA256 TLV curve agnostic and rename it to ECDSA_SIG.
+- imgtool: add P384 support along with SHA384.
--- a/scripts/imgtool/image.py
+++ b/scripts/imgtool/image.py
@ -64,10 +64,9 @@ TLV_VALUES = {
        'SHA256': 0x10,
        'SHA384': 0x11,
        'RSA2048': 0x20,
-        'ECDSA256': 0x22,
+        'ECDSASIG': 0x22,
        'RSA3072': 0x23,
        'ED25519': 0x24,
-        'ECDSASIG': 0x25,
        'ENCRSA2048': 0x30,
        'ENCKW': 0x31,
        'ENCEC256': 0x32,
--- a/sim/src/tlv.rs
+++ b/sim/src/tlv.rs
@ -51,9 +51,9 @@ pub enum TlvKinds {
    KEYHASH = 0x01,
    SHA256 = 0x10,
    RSA2048 = 0x20,
+    ECDSASIG = 0x22,
    RSA3072 = 0x23,
    ED25519 = 0x24,
-    ECDSASIG = 0x25,
    ENCRSA2048 = 0x30,
    ENCKW = 0x31,
    ENCEC256 = 0x32,