Add new feature that allows testing EC256 encrypted images using the
Mbed TLS backend.
Move config-ecdsa.h to config-ec.h because definitions are very similar
between ECDSA and ECDH with Mbed TLS so resort to a single config file.
Add new feature and fix the build; add proper Mbed TLS memory
initialization when enc-ec256-mbedtls is used.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Add Mbed TLS ECDSA signature verification as an option (in addition to
Tinycrypt and the CC310 hardware version). Although the Mbed TLS ECDSA
verification code is both larger and slower, this will still save space
if there is another reason that the Mbed TLS code is already being
brought in for another reason (such as certificate management, for
example).
Mbed TLS's ECDSA verification works at a different level than the other
two libraries, so this takes a bit of reworking. There are some
additional parameters passed to the various functions, and a new define
MCUBOOT_ECDSA_NEED_ASN1_SIG to indicate that the ecdsa verification
wants the original ASN1 signature, not a decoded key.
This adds the boot changes and simulator support to test this configuration.
Signed-off-by: David Brown <david.brown@linaro.org>
Updates a few sim dependencies, reducing the amount of crates
required for a build; also gets rid of cases of more than one
version required for some crates. Results in depending on 76
crates instead of 89 before the PR.
Signed-off-by: Fabio Utzig <utzig@apache.org>
With the recent changes in bootutil, now there is no need to lock the
test threads to run sequentially, so the global lock was removed. The
locking now happens to access resources such as flash, flash params,
simulator context, etc on a per thread basis. Some of the global
variables that were used by the simulator itself (FFI) were made into a
context struct passed in to invoke_go.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This change replaces the slot 0/1 terminology with primary/secondary
slot and replaces FLASH_AREA_IMAGE_0/1 with
FLASH_AREA_IMAGE_PRIMARY/SECONDARY. This naming convention may be more
understandable, fits better to MCUs with multiple images and it is an
architecture agnostic alternative as well.
Change-Id: I655a585f6ae023852c671ee6635399efe25209c9
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: David Brown <david.brown@linaro.org>
Apply the changes suggested by
cargo fix --edition-idioms
and cleanup the results a bit. Eliminate `macro_use` extern crates.
Signed-off-by: David Brown <david.brown@linaro.org>
A few packages have updates that make them more convient to use with
Rust 2018's 'use macro'. This is convenient as it allows control over
what macros are imported, but without these updates, these packages
require you to know the names of internal macros to import.
Signed-off-by: David Brown <david.brown@linaro.org>
This adds new cargo features to allow running tests of encrypted
images with both RSA-OAEP and AES-128-KW.
When installing images on the simulated flash, both a plain and an
encrypted images are created. When encrypted image support is enabled,
verification of images in slot1 match against the encrypted image,
otherwise plain images are used.
PS: Also fixes ImageHeader to match bootutil definition.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Move to newer versions of some upstream packages, lazy_static, which is
now at 1.0 (no api change), and error-chain (0.11), which eliminates a
warning during compilation.
Signed-off-by: David Brown <david.brown@linaro.org>
Lock the simulation with a mutex to prevent concurrent access. The C
code being tested uses globals, and can only be run in one context at a
time. The Rust test framework may run tests concurrently, so use the
mutex to prevent this.
Signed-off-by: David Brown <david.brown@linaro.org>
Create a crate `mcuboot-sys` to hold the building and binding of the
mcuboot code. There aren't any substantive code changes here, just
moving the code into a separate crate.
Signed-off-by: David Brown <david.brown@linaro.org>
Fabio Utzig