Replaces the auto-generated decoding/encoding files with inline code
for encoding/decoding cbor data structures, this adds the benefit of
allowing the elements to be in any order and reduces code size. To
accommodate this, zcbor_bulk has been imported from Zephyr.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fix a local variable name typo in parse public key function
for the PSA Crypto abstraction, and at the same time put the
memcmp under ifdefs.
Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
Change-Id: Icadca37e4207ad703a853ea720a053aa2ba76411
The IMAGE_TLV_ECDSA256 TLV has been put out of use by
commit 63d2346da4.
This commit reverts this part of that patch and at the
same time it extends the usage of this TLV to cover all types
of curves (replacing the newly introduced 0x25 TLV type)
while retaining its value (0x22) for backward compatibility.
Rename IMAGE_TLV_ECDSA256 to IMAGE_TLV_ECDSA_SIG.
Change-Id: I904f292db775c38f26a5e9a87c5f414165efc173
Signed-off-by: David Vincze <david.vincze@arm.com>
BOOTUTIL_CRYPTO_ECDSA_P256_HASH_SIZE is a universal define
that should be moved into a common area of the header
instead of repeating it for every abstraction that needs it
Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
Change-Id: I21e7511218d0dafac8b7337715932c6564d7c3a1
Fixes in the ecdsa.h abstraction layer:
* Align indentation of parameters to the opening bracket of the function
* Remove inline in some of the bigger functions of the PSA Crypto abstraction
* Fix the prototype of ecdsa_verify for the PSA Crypto abstraction
Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
Change-Id: I28e1be83bc1a16fdf8b796f89c002528b1bd7791
Remove the generic ECDSA verification module and keep the
existing one, just renaming it image_ecdsa.c. Make sure
that the abstraction layer is generically called ecdsa.h
and the abstraction names are not P256 specific.
Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
Change-Id: I6f78cfc1b1c2851cdad67efa91c6cb49498187bb
Extend the ecdsa abstraction layer to support P384 curves
during parsing the public key and the signature.
Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
Change-Id: I05e9b27b1809352a6115184ef16c95dc8b6d2a40
To keep a single ECDSA abstraction to support both existing
modes and PSA Crypto APIs, merge the contents of ecdsa.h
into ecdsa_p256.h
Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
Change-Id: I08b4a42d87c491badfee3ec4579bd2a23a80602d
The ecdsa abstraction layer header does not have a license header.
Add it in preparation for the merge with ecdsa.h
Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
Change-Id: Ibb906c7f6bb3b50387e4816e1a95b31d3c8b515f
Add a dedicated signature validation module for generic ECDSA signatures,
and a corresponding cryptographic abstraction backend based on PSA Crypto
APIs. This signature verification backend is enabled by defining the
option MCUBOOT_SIGN_ECDSA
Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
Change-Id: I47da70629da0a5681ec7c4dcceed875a997b071b
Remove those TLVs that are tied to a specific curve and update
the image validation logic to look for the new generic TLV
Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I924f2742424bc255fbed1b0941648baa88f60147
Create a new generic ECDSA TLV type that can be used
to store any signatures irrespective of the curve type.
Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I2aeb885251fd25e23f5430328b8cc64b8cc8d7be
The stm32 defines is somewhat redundant due to the generic watchdog
defines which uses the watchdog0 alias. Therefore they are removed in
this commit.
Signed-off-by: Jeppe Odgaard <jeppe.odgaard@prevas.dk>
The Zephyr watchdog API defines a setup function. This function needs to
be executed before the watchdog is functional in some cases. This commit
adds MCUBOOT_WATCHDOG_SETUP when using the generic watchdog0 alias
otherwise it is an empty define.
Fixes https://github.com/mcu-tools/mcuboot/issues/1659
Signed-off-by: Jeppe Odgaard <jeppe.odgaard@prevas.dk>
Fixes include paths for zephyr builds to use the system zcbor_*
files rather than the local files.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
For bootutil_verify_sig the declaration expects fih_ret
as the return type not fih_int, this has now been fixed.
Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: If5943758bebdbf401b1eb387de334fa19a3a7781
When using CDC only and CONFIG_SERIAL is not enabled in Zephyr,
but there is chosen zephyr,mcumgr-uart, the chosen
takes precedence over CDC and directs MCUmgr to that uart.
This causes two issues: first the CDC is ignored if chosen exists,
and makes build fail because drivers are not built.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Commit provides boot_set_next function that allows to set next
application slot to boot by flash area object pointer, describing
the slot.
The function also takes active which is supposed to indicate whether
running application is being set for next boot and confirm parameter
that allows to confirm the image.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Adds a bootloader serial recovery entrance mode that will allow
recovering a module if there is no application that can be booted.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds an optional entrance method for mcuboot's serial recovery by
using Zephyr's boot mode retention system, this allows for an
application to set the retained data and reboot into the bootloader.
This also adds a selection of how to enter serial recovery mode, it
no longer requires having a GPIO entrance mechanism. Entrance
methods have been added under a new Kconfig menu.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The current ECDSA-P256 implementation code contains
a lot of code that is tied to a specific condition being met.
The aim of this commit is to cleanup the main verification
logic to be unified between crypto backends and move the
conditional code where it is relevant.
Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I06b050a263b2b88b08708defb6aa1001a08ba2ae
Adds support for outputting the image hash TLV in serial recovery
mode, which is needed to comply with the img_mgmt MCUmgr group
requirements.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The mcumgr packet sent over serial should be fragmented into frames of
up to 127 bytes, including 2-bytes frame start header and 1-byte for
terminating newline [1], resulting in up to 124 bytes for the base64
encoded payload.
Current implementation doesn't fulfill above requirement and transmits
single frames, without considering their length. This change introduces
support for fragmenting as defined in 'SMP over console' specification.
[1] github.com/apache/mynewt-mcumgr/blob/master/transport/smp-console.md
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
The commit modifies selection of boot serial UART by first checking
the Zephyr chosen zephyr,uart-mcumgr and then reverting to the
zephyr,console, as a secondary candidate.
In case when both nodes are present and point to the same device,
error will be reported.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
USB DFU depends on MULTITHREADING and STREAM_FLASH, and these
should be explicitly selected.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
__packed may not be available in all environments. In such
case just fallback to __attribute__((__packed__)).
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Trailer is temporary located in scratch when data of image goes up to last
sector of primary slot. At the end of the swap procedure, the temporary
trailer in scratch must be erased to prevent mcuboot from reading a stale
status from the scratch area. The erase tentative was not correct, this
is fixed.Issue is easily reproduced with an image size of one sector.
Signed-off-by: Stephane Le Roy <stephane.leroy@st.com>
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Adds a packed attribute to the nmgr struct to avoid issues on
architectures that do not support unaligned memory access.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Commits adds implementation of flash_area_get_sector that
is supposed to replace flash_area_sector_from_off.
The flash_area_get_sector gets additional parameter of flash_area
type, while flash_area_sector_from_off uses hardcoded flash_area.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Commits adds implementation of flash_area_get_sector that
is supposed to replace flash_area_sector_from_off.
The flash_area_get_sector gets additional parameter of flash_area
type, while flash_area_sector_from_off uses hardcoded flash_area.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Removes the old deprecated Kconfig items for configuring GPIO ports
and pins for entering serial recovery/USB DFU mode. These were
deprecated almost a year ago and should not be used as device tree
has long replaced them.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Switches from using the zcbor files in-tree to using the ones that
are part of the zephyr manifest, this prevents using old and
potentially buggy versions of the zcbor library.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The sysflash.h defines FLASH_AREA_ macros using FIXED_PARTITION
macros that are provided by flash_map.h, but it does not include
the required header.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Jamie McCrae