Commit Graph

42 Commits

Author SHA1 Message Date
Fabio Utzig 4bd4c7cfb9 Allow imgtool to generated encrypted ed25519 keys
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-06-28 08:46:12 -03:00
Fabio Utzig 8101d1fa44 Add ed25519 signing support to imgtool
This adds ed25519 signature support using the "prehash" method. Instead
of using the direct contents of the image and header payloads, a sha256
is generated and signed (SHA256-Ed25519). This allows for compatibility
with already existing tools that use the sha256 hash, like mcumgr, etc.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-06-13 19:21:05 -03:00
Fabio Utzig 4a5477ad96 Add new verify command
imgtool verify -k <some-key.(pub|sec)> <img-file>

Allow imgtool to validate that an image has a valid sha256sum and that
it was signed by the supplied key.

NOTE: this does not yet support verifying encrypted images

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-05-29 08:56:12 -03:00
Fabio Utzig 19fd79a496 Add RSA-3072 support to imgtool
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-05-16 14:01:19 -03:00
David Vincze da8c91993d imgtool: Add support for dependency description
This commit aims to add the ability to specify and add dependency
TLVs to MCUBOOT. Due to the private nature of this feature, having
dependency TLVs mean that the TLV Info header and these TLVs become
part of the protected area (they are supposed to get signed as well).
Since the TLV Info header containing the whole TLV section's size
becomes protected, this size needs to be calculated in advance to get
proper hash values.

Change-Id: I13277a3b595acc2bb8c5084420f3d61c8d301dc2
Author: Bence Kaposzta <bence.kaposzta@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
2019-04-11 15:07:54 -03:00
Chris Bittner fda937ab02 imgtool: Discard public RSA if set for signing
If imgtool is used for signing with encryption
it will disallow using public RSA key for
signing.

Signed-off-by: Chris Bittner <chris.bittner@nordicsemi.no>
2019-03-29 08:13:57 -03:00
Fabio Utzig 7c00acd737 imgtool save to format of given output filename
Updates imgtool to infer, based on output image filename, which format
should be use for output file. Filenames that end with extension `.hex`
are saved in Intel HEX, otherwise saves a binary image.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-01-09 06:28:55 -02:00
Fabio Utzig e89841d5ea Add imgtool publishing support
This adds initial support for publishing imgtool to pypi.org.

The main imgtool.py was moved to imgtool package and made into the main
file, and a new imgtool.py that calls into the package, was added allowing
for the old usage behavior to remain functional.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-01-08 07:29:24 -02:00
Fabio Utzig cd28406e9a Fix image creation without sign/encryption
Generating images with no signature or encryption was broken by commit
06b77b8353

This allows generating images with just sha256 again, and fixes a few
leftovers from the imghash TLV change.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-12-17 10:51:46 -02:00
Fabio Utzig 06b77b8353 Add imgtool support for encrypted image creation
Adds a new flag to imgtool, -E/--encrypt which accepts a public rsa-2048
key file that will be used to encrypt the image.

The encryption method uses AES-128-CTR to encrypt the image data (ignores
the header and TLVs), using a random key that is itself encrypted using
RSA-2048-OAEP and added to the generated image as a new TLV.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-10-12 13:36:13 -03:00
Mark Schulte a66c68732e [imgtool] Add big endian support
Add big endian support to imgtool so that it can be used on big endian
targets.

Signed-off-by: Mark Schulte <mschulte@lyft.com>
2018-09-27 13:55:58 -03:00
Mark Schulte 884be206f9 imgtool: Adjust base_addr when injecting header
If adding a header to a .hex file (using the command line
"--pad-header"), the hex file gets shifted by header size. This may
cause hard coded addresses to be off by "header-size", making the
firmware unusable. Instead, adjust the base address by the header
size, so the existing firmware in the hex file is loaded to the
proper addresses.

Signed-off-by: Mark Schulte <mschulte@lyft.com>
2018-07-17 12:04:17 -03:00
Fabio Utzig 44588eff41 Update `--included-header` parameter
The `--included-header` was "mandatory" when using imgtool with firmware
images generated by the Zephyr build system and it was a source of
issues when it was forgotten. This removes `--included-header` and adds
a new parameter `--pad-header` with inverted semantics, to be used only
when a zeroed header is required to be added to the firmware image.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-06-22 07:58:14 -03:00
Fabio Utzig dcf0c9b2b7 Allow passing in `--overwrite-only` flag
Overwrite only requires just magic + image_ok + copy_done. This fixes
issues generating images in overwrite only mode when the firmware image
is too big and overflows the swap status area.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-06-13 10:42:40 -07:00
Fabio Utzig 263d4398fa Add --slot-size to allow size checking without pad
Add the new `--slot-size` and make `--pad` a bool flag, to allow
checking that firmware fits in the slot without overflowing into the
trailer region even when no padding was requested.

Fixes #241

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-06-07 14:29:33 -03:00
Fabio Utzig 519285faa1 Allow passing max sectors as parameter to imgtool
This adds a new command line flag to allow passing in the max number of
sectors for a swap when the image is padded. It defaults to 128 and
should match the value configured in the bootloader.

Fixes #285

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-06-05 12:16:45 -03:00
Fabio Utzig 51c112a1bf Add click handling of cli options
Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-06-05 10:58:01 -03:00
Fabio Utzig b5b59f16a5 Fix leftovers from image_header v1
This removes the old "TLV size" and "keyId" fields that used to exist
in the old image header format and updates it to use `load_addr`. Also
fixes the name of reserved fields to index from 1.

This fixes #279

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-05-10 08:43:52 -03:00
Carles Cufi 37d052fff1 imgtool: Add support for Intel Hex images
Some platforms prefer images in the Intel Hex (.hex) format. Implement
support for signing images in this format in imgtool.

Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2018-02-01 16:00:21 -07:00
David Brown 2c9153a268 imgtool: ECDSA pad signature
Until we fix the padding problem, pad the ecdsa signatures with zeros to
always be 72 bytes long.  Add a 'raw_sign' method so that the unit test
can use the real signature.

Signed-off-by: David Brown <david.brown@linaro.org>
2018-01-09 09:41:30 -07:00
David Brown b6e0ae695c fix: Add back ECDSA signature support
Replace the (now broken) ECDSA code with code using the python
'cryptography' library.

Similar to the change to RSA, this changes the format that private keys
are stored, again using PKCS#8.  This supports the stronger password
protection as well.

Again, this code will still support reading the older style of public
keys, but other tools that use keys generated by this change will need
to be updated to work with the new format.

Signed-off-by: David Brown <david.brown@linaro.org>
2018-01-09 09:41:30 -07:00
David Brown 20462a7179 fix: RSA: Use 32-byte salt with PSS
The verification code requires a fixed 32-byte salt, which seems is what
the old crypto library did.  Use this same value to avoid having to
modify the code.

Signed-off-by: David Brown <david.brown@linaro.org>
2018-01-09 09:41:30 -07:00
David Brown 1d5bea1cf7 imgtool: Add support for password protected RSA keys
The keygen command allows the `-p` argument which will prompt for a
password, and protect the private key with this password.  When loading
keys, it will prompt for a password if it detects a password protected
key.

Signed-off-by: David Brown <david.brown@linaro.org>
2018-01-09 09:41:30 -07:00
David Brown 47b77c521a imgtool: Fix signing payload type
The 'cryptography' library is pickier about the data it is asked to
sign.  Get the bytes value out of the bytearray for doing the actual
signature.

Signed-off-by: David Brown <david.brown@linaro.org>
2018-01-09 09:41:30 -07:00
David Brown 5e7c6dd58a imgtool: Update RSA code
Replace RSA code with one using the python 'cryptography' library.  This
library is much more complete, and will make adding support for password
protected keys, and separate public keys easier.

There is, however, a significant change brought about by this change:
the private keys are stored in PKCS#8 format, instead of the raw format
that was used previously.  This is a more modern format that has a few
advantages, including: supporting stronger password protection, and
allowing the key type to be determined upon read.

This tool will still support reading the old style public keys, but
other tools that use these keys will need to be updated in order to work
with the new format.

This new code has some unit tests to go along with it for some basic
sanity testing of the code.

Signed-off-by: David Brown <david.brown@linaro.org>
2018-01-09 09:41:30 -07:00
David Brown 244547346e imgtool: Move keys to submodule
Move this code into a submodule to prepare to cleanup and enhance the
key management code.

Signed-off-by: David Brown <david.brown@linaro.org>
2018-01-09 09:41:30 -07:00
David Brown 1314bf3528 imgtool: Add explicit license declarations
Although these files are likely implicitly licensed under the Apache 2.0
license because of the LICENSE file for this project, make this explicit
in these files.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-12-21 13:31:03 -07:00
David Brown cb1bb48bb5 imgtool: Fix ECDSA signatures
Earlier refactoring created a call for get_public_bytes() that was added
to the RSA class, but missed on the ECDSA class.  Add this call so that
ECDSA signatures will work again.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-06 16:16:58 -06:00
David Brown 72e7a5176f Change the image header magic
Since we've changed the meaning of several fields in the header, bump
the header to a new magic number.  The fields that are still present are
in the same place, but all of the signature and TLV information is moved
into the TLV itself, which is still immediately after the image.

As of this commit, this defines the new image header/TLV format used for
1.0.

Based on work by Marko Kiiskila <marko@runtime.io>

Signed-off-by: Marko Kiiskila <marko@runtime.io>
Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-06 16:16:58 -06:00
David Brown f5b33d8b9d Place TLV size into TLV itself
To allow the signatures to be replaced, move the size of the TLV into a
small "info" header at the start of the TLV.

Note that this causes image swapping to lose robustness.  This is fixed
by a later commit.

Based on work by Marko Kiiskila <marko@runtime.io>

Signed-off-by: Marko Kiiskila <marko@runtime.io>
Signed-off-by: David Brown <david.brown@linaro.org>
JIRA: MCUB-65
2017-09-06 16:16:58 -06:00
David Brown 43cda33c5a Move key_id from header into TLV
Remove the key_id field from the image header.  There are two problems
with this field.  First, it is only an integer offset, and so causes an
unnecessarily tight coupling between the particular keys built into the
bootloader, and the key that is used to sign.  Second, it makes the
key_id part of the image header, which is included in the signature.
This makes it impossible to later sign the image with a different
signature.

Instead of the key-id, add a TLV KEYHASH entry.  This will hold the
SHA256 of the public key that the signature is against.  Each signature
placed in the TLV should be preceeded by this entry to indicate the
public key used.

The signature check will check each signature, and if the KEYHASH is
known and the signature type is supported, it will be checked.  As long
as at least one signature is considered valid, the image will be
considered signed.  This also allows the image to be signed with
multiple signatures to support having different devices with possibly
different keys compiled into the bootloaders.

Based on work by Marko Kiiskila <marko@runtime.io>

Signed-off-by: Marko Kiiskila <marko@runtime.io>
Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-06 16:16:58 -06:00
David Brown 76528c4406 imgtool: Add rust language support to ECDSA
Generate rust code for ECDSA signatures, when requested (rather than
raising an exception)

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-06 16:16:58 -06:00
David Brown d36e91acc1 imgtool: Add rust pubkey generation
Add a `--rust` flag to the getpub subcommand to output the public key in
Rust format rather than C.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-06 16:16:58 -06:00
David Brown 27648b8344 Renumber the TLV type values
In preparation for moving the signature related values out of the main
image header and into the TLV, renumber the existing TLV values to be
grouped together better.

The SHA256 is moved into the first group, at 0x10, and the signature
values themselves are moved to start with 0x20.

This change is the first in a series of changes toward the new v1.0
image format.  The intermediate results are all internally consistent
(meaning that the simulator, and the builtin imgtool.py will all work
together), but until all patches are applied, the image format is not
valid with any external tools.

Based on work by Marko Kiiskila <marko@runtime.io>.

Signed-off-by: Marko Kiiskila <marko@runtime.io>
Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-06 16:16:58 -06:00
David Brown 8ae61c05a5 imgtool.py: Fix some errors in ecdsa key generation
There are two easy to fix problems with the ecdsa key generation code.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-07-28 12:29:28 -06:00
Fabio Utzig e08f087ee5 Update imgtool to write trailer in new format
Signed-off-by: Fabio Utzig <utzig@apache.org>
2017-07-06 10:03:55 -06:00
David Brown 85d879f195 Merge pull request #60 from d3zd3z/pr/py-header
Make header padding optional
2017-06-13 15:59:27 -04:00
David Brown 2c21f7101b imgtool: Make "included header" optional
The imgtool.py program has been assuming that the input image for
signing has a zero padded place for the header at the beginning of the
image.  This is only true for some platforms.

Instead, make this included header space optional.  By default, prepend
the header to the image.  If `--included-header` is specified to the
sign command, consider the bytes at the beginning of the image to be
padded space for the header.  This option is required for Zephyr builds.
2017-06-13 15:54:45 -04:00
David Brown 0f0c6a808d imgtool: Allow --key to be optional when signing
If the --key is not specified, only the SHA256 hash is added to the TLV.
This is useful for testing configurations, where the crypto has not been
fully configured.  Note that this configuration is not secure, and this
only verifies that the image has not been corrupted.
2017-06-13 15:45:06 -04:00
David Brown efb871f4b2 imgtool: Better version parsing
When parsing versions for the --version argument, allow a field to be
zero.  Also, restrict the build to just an integer to match what we
allow (rather than allow alphabetic, and then failing to parse as an
integer).

In addition, add the missing import of argparse, so that when the
version is invalid, we get nice usage rather than an error about a
missing module.

Jira: MCUB-58
2017-06-08 09:43:55 -06:00
David Brown 07916c3155 imgtool.py: Support PKCS#1.5 v2.1 RSA-PSS
Add support for the RSA-PSS signature algorithm to imgtool.py.  This
algorithm has a strong security proof, and is recommended for all new
designs.  The new algorithm is enabled by default for RSA signatures to
match the default in the bootloader also being changed.
2017-06-07 09:19:21 -06:00
David Brown 23f91ad152 scripts: Initial version of Python imgtool
This is the start of a python implementation of imgtool.  This
implements all of the functionality that was missing in the zep2newt.py
tool, namely creation of keypairs, and converting the public version of
these keys into C code.
2017-06-07 09:19:21 -06:00