Commit Graph

1117 Commits

Author SHA1 Message Date
David Brown a222bf3b17 README: update mailing list
Update the top-level README.md file to refer to the new mailing list.

Signed-off-by: David Brown <david.brown@linaro.org>
2020-02-10 11:13:27 -07:00
Fabio Utzig ef7fbd7012 Preparing for v1.5.0-rc1
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-07 15:30:45 -03:00
Fabio Utzig cb0807355c imgtool: fix passing --erased-val with 0xff value
The `--erased-val` (or `-R`) option was doing conversion of base 10, so
the only value that was acceptable was 0. Although not passing this
option would result in the default `0xff` being used, this fixes the
issue by allowing Python to auto-detects the base from string.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-07 14:19:33 -03:00
Fabio Utzig 970840ccf5 docs: fix mailing list URL
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-06 06:00:28 -03:00
Andrzej Puzdrowski ac1f1fff50 zephyr: enable usb by the application
Since zephyrproject-rtos/zephyr#20375
Need to enable USB by the application.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2020-02-05 12:49:05 +01:00
Fabio Utzig 34e93a507b boot: zephyr: mynewt: sha-512 from tinycrypt
* Mynewt always uses sha-512 from tinycrypt
* Zephyr can choose either tinycrypt or mbedTLS

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-04 06:09:01 -03:00
Fabio Utzig a1c142d168 Add Tinycrypt based SHA-512 for ED25519
Add option to build ed25519 with tinycrypt; enable tinycrypt based
sha-512 for ed25519 sim tests.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-04 06:09:01 -03:00
Fabio Utzig e4fe4633ff Add sha-512 port of tinycrypt's sha-256
A patch adding sha-512 to upstream tinycrypt was submitted:
https://github.com/intel/tinycrypt/pull/42

While it is not accepted, add the code under a new ext/tinycrypt-sha512
depedency.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-04 06:09:01 -03:00
Peter Bigot 36e9029ff0 boot: zephyr: move to non-deprecated GPIO flags
GPIO_DIR_IN has been replaced by GPIO_INPUT, GPIO_PUD_PULL_UP by
GPIO_PULL_UP, and gpio_pin_read() by gpio_pin_get_raw().  Update the
code to use the preferred API if it available.  This avoids
deprecation warnings in the build.

Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
2020-02-03 16:49:14 +01:00
Robert Lubos 1b19d2a198 boot: zephyr: Fix Kconfig inclusion
According to our CI:

Redundant 'source "$(ZEPHYR_BASE)/Kconfig.zephyr" in
'boot/zephyr/Kconfig'. Just do 'source "Kconfig.zephyr"'
instead. The $srctree environment variable already points
to the Zephyr root, and all 'source's are relative to it.

Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
2020-02-03 08:51:56 +01:00
Håkon Øye Amundsen 09be783644 zephyr: use move swap instead of scratch for nRF devices
Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
2020-01-25 19:40:31 -03:00
Peter Bigot 54c1e3fb6b zephyr: fix driver include paths
Zephyr will soon no longer add the drivers subdirectory of the include
hierarchy to the search path, so references to driver headers must
include the drivers/ prefix.

Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
2020-01-25 10:01:42 -03:00
David Brown 2ee5f7f7f2 sim: Test software rollback protection
Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
Signed-off-by: David Brown <david.brown@linaro.org>
2020-01-23 12:47:05 -07:00
David Brown 07e1381d0f Add a capability for querying downgrade prevention
Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
Signed-off-by: David Brown <david.brown@linaro.org>
2020-01-23 12:47:05 -07:00
Håkon Øye Amundsen 2d1bac164f add option for rollback protection
Depends on 'MCUBOOT_OVERWRITE_ONLY' option since swap info is not protected
by signature

Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
2020-01-23 12:47:05 -07:00
David Brown e2acfaede5 sim: Add explicit copyright and licenses to the sim
Add an apache SPDX header and explicit license lines.  The date ranges
of the license lines is derived from the git history.  Having these
explicitly present will make contributions from other parties easier, as
they will simply be able to add their own copyright line, rather than
having to describe that it only covers modifications.

Signed-off-by: David Brown <david.brown@linaro.org>
2020-01-22 10:11:13 -07:00
Håkon Øye Amundsen f0e5a842b3 cmake: use zephyr base in relative path
To be more robust in the placement of MCUBoot directory,
use the ZEPHYR_BASE env variable to locate
nrfxlib directory.

Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
2020-01-22 10:09:57 -07:00
Ulf Magnusson e96b6873bd dts: Include devicetree.h instead of generated_dts_board.h
Needed for https://github.com/zephyrproject-rtos/zephyr/pull/20757, to
avoid a warning-turned-error.

Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
2020-01-16 11:41:28 +01:00
Fabio Utzig 1f50892096 imgtool: update a few errors to use click's
Click has better UI for exceptions, so instead of throwing a backtrace,
allow it to print a nicer error message.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-01-16 06:11:34 -03:00
Fabio Utzig 9a492d5e87 imgtool: add better image overrun checks
This breaks the check() routine into two, one to check the header, one
to check the trailer. The reason is that header checking must be
performed when loading the input binary, while trailer overrun check
must be done after the whole image (with TLVs) is built.

To support the option of saving encrypted TLVs during swap in the
bootloader, a new parameters was added to the create command, to
allow the user to provide a config that matches the bootloader build
option and to do proper image overrun checks.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-01-16 06:11:34 -03:00
Rajiv Ranganath b976a4c0dc docs/PORTING.md: Update APIs needed for porting MCUboot
Signed-off-by: Rajiv Ranganath <rajiv.ranganath@atihita.com>
2020-01-13 10:09:54 -03:00
David Brown 3dc86c90cb sim: Compute TLV size from actual size
Instead of having lots of magic numbers to try and track the resulting
size of the TLV, just determine the size we end up with after encoding
it.  The only place the size is used is in the header within the TLV
itself.  Make this work by putting a placeholder in the TLV, and then
patching the value back after we know the full size.

In addition to removing a lot of magic numbers from the code, this will
make it easier to handle things that vary in size, such as X.509
certificates.

Signed-off-by: David Brown <david.brown@linaro.org>
2020-01-09 11:29:40 -07:00
David Brown 2b73ed9440 sim: Always compute protected size
Instead of having a running size that we try to always match the encoded
size of, compute it a bit more dynamically.  The size is still needed
before the contents can be filled in, so this doesn't gain too much, but
will make it easier to compute the rest of the TLV size based on the
actual encoding rather than lots of magic numbers.

Signed-off-by: David Brown <david.brown@linaro.org>
2020-01-09 11:29:40 -07:00
Fabio Utzig dd2b6804d9 boot: zephyr: remove [EXPERIMENTAL] from config option
Swap without scratch has been tested enough and no obvious bugs (or
"show stopper) bugs seem to exist; so remove [EXPERIMENTAL] and make
it "stable".

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-01-07 17:08:22 -03:00
Fabio Utzig 4b4ed98310 sim: enable saving encrypted TLV for ECIES
This changes the simulator to save the encryption TLV itself instead
of the unecrypted AES-128 key when doing the ECIES encryption test,
to add proper test coverage of this configuration option.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-01-07 17:08:22 -03:00
Fabio Utzig 9e1db9a88f boot: Add free space check for swap without scratch
Add a missing test which ensures that there is enough free sectors to
perform an upgrade when using the move strategy; this basically checks
that the sectors used by the trailer don't overlap the last sector
required for a move up operation.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-01-07 17:08:22 -03:00
Fabio Utzig fc9477504e ci: enable enc-ec256 test
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-01-07 16:03:55 -03:00
Fabio Utzig 4626853d3e sim: fix RSA signature length macro usage
Update RSA-3072 test that was using old Zephyr macros to set size.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-01-07 16:03:55 -03:00
Fabio Utzig 66b4caac45 sim: allow generation of non-signed + encrypted EC images
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-01-07 16:03:55 -03:00
Fabio Utzig 729139f80f ci: add tool to check for Cargo features
When running tests from .travis.yml, the passed in features are first
checked locally for support in the current simulator. The list of
supported features was manually maintained, allowing newly implemented
features to be skipped, also skipping the related test (without
warnings). This adds a new tool that parses and prints the list of
features directly from the given Cargo.toml.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-01-07 16:03:55 -03:00
Rajiv Ranganath ce6fe63817 scripts: Add `imgtool.nix`
Nix environment for working with `imgtool.py`

Signed-off-by: Rajiv Ranganath <rajiv.ranganath@atihita.com>
2019-12-30 19:55:58 -03:00
Fabio Utzig ca8ead2af7 zephyr: add option for saving enckey TLVs in swap status
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
Fabio Utzig 6e137818d2 mynewt: add option for saving enckey TLVs in swap status
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
Fabio Utzig 4741c45293 bootutil: allow encryption key TLVs in swap status
Add a new option that when enabled, allows a swap status to store
an encrypted key TLV instead of plain keys. When a new swap operation is
started the encryption keys are saved to the swap status area to allow
for resuming (because it is challenging to find those TLV in the middle
of a swap operation).

Previously those keys were saved in plain text, so it would be easy to
dump them if the images were stored in external flash. With this new
option one can choose to save the TLV instead, which uses more flash
but does not leak secrets. The amount of flash required varies depending
on the size of the TLV, which is 48 for AES-128-KW, 512 for RSA and 240
for ECIES-P256.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
Fabio Utzig f616c5494b bootutil: zero memory containing plain text keys
Avoid jumping into an image while still having encryption keys stored in
RAM, which could then be recovered by the app.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
Fabio Utzig 3fbbdac56a sim: get status area size from bootutil
Add new bootutil function that returns the size of the status area.
The simulator was updated to remove the custom calculation and get
the size directly from bootutil, avoiding breakages the happen when
both are not in sync.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
Fabio Utzig 07a9a0364d bootutil: avoid save of enc keys in secondary slot
When using swap withouth scratch, if a revert operation is detected there
is a fixup that needs to be done to avoid losing metadata. This fixup
copied metadata from the primary slot to the secondary slot temporarily.

Previously it was also copying the encrypted image keys but this is not
required since a fixup is only run when starting a new swap where the
keys were loaded directly from the images. This also avoids that a
secondary slot in external flash would leak keys (according to our
threat model).

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
David Brown a36082664e ecdsa: Allow ECDSA signatures to be actual length
ECDSA signatures are variable length.  They are also encoded as ASN.1.
The ASN.1 parser we use is given the length, and will return a decoding
error if the signature block is not sufficiently long.  Instead of
requiring the signature block be padded to the longest possible length a
signature can be, allow them to be their natural length.

This allows image signing tools to be able to generate signatures that
don't have this padding.  Along with removing the pad removal code from
the EC224 code, this will allow this code to correctly validate all
signatures, not just 255 out of 256.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
David Brown 3639aca071 docs: Change name of padding arguments
To be squashed

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
David Brown bf3a3a9c71 docs: Typo fixes and suggestions from mbolivar
To be squashed after review.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
David Brown 8f057ca5ae docs: Write up some docs about ecdsa padding
Start with some documentation on ECDSA signatures, and the problems with
the current padding approach.  Present a plan to support correctly
formatted ECDSA signatures, and how to handle the transition both in the
C code, as well as the tooling that signs images.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
Fabio Utzig 63b4eac65c zephyr: remove trailing tab
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-17 20:34:26 -03:00
Fabio Utzig ba9e7921c5 imgtool: release 1.5.0alpha2
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-17 16:26:53 -03:00
Fabio Utzig 272c5eb540 zephyr: sim: add minimized ECIES-P256 key
Remove public key from embedded private encryption key (it was already
ignored before).

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-17 16:26:53 -03:00
Ioannis Konstantelias 78e57c7b6e scripts: imgtool: Add command to dump private keys
This applies a few improvements to a commit previously included in
PR #596:

* Move functions to dump a private key to the private key classes
* Remove language option; always dumps in C format
* Add option to generate a minimal dump. This will remove extra
  parameters that are present in keys generated with the `keygen`
  command.
  For P256 this will remove the public point, which is already
  ignored by the parsing function. The resulting key dump shrinks
  from 138 to 70 bytes.
  For RSA it will remove the DP/DQ/QP parameters which are only
  used with CRT enabled, and if not available, can be calculated at
  runtime. This reduces the size of a key dump from around 1190
  bytes to somewhere close to 800 bytes. A patch to the RSA parsing
  routine will be added in another commit.

Signed-off-by: Fabio Utzig <utzig@apache.org>
Signed-off-by: Ioannis Konstantelias <ikonstadel@gmail.com>
2019-12-17 16:26:53 -03:00
Fabio Utzig 6f4d8f8597 bootutil: allow RSA encryption keys without DP/DQ/QP
Allow runtime generation of CRT params when not available in the
embedded private key. Also remove parsing/calculation of CRT
parameters when CRT was disabled in the config (mbedTLS does not
use those in this case).

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-17 16:26:53 -03:00
Fabio Utzig 1e19c5afc7 zephyr: fix include in hello-world app
Update include due to changes in Zephyr. This is related to commit
f1d189c486.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-16 16:08:00 -03:00
Andrzej Puzdrowski c2bd757332 zephyr: Add module.yml for Zephyr module integration
module.yaml added as required for Zephyr's integration as a module.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2019-12-16 18:40:34 +01:00
Andrzej Puzdrowski 6210164f71 zephyr: add zephyr's sanitycheck description
Added sample.yaml which is required for automatic building
mcuboot using zephyr sanitycheck.

Can be run by zephyr sanitycheck locally using
--testcase-root=/path/to/mcuboot/boot/zephyr
to make it detect the sample.yaml added.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2019-12-16 18:40:34 +01:00
Fabio Utzig 7ca2855b46 imgtool: Add helpers for type in keygen command
Apply a few improvements to the type parameter in the keygen command.
Currently finding out the key types requires passing an invalid value
to display what values are available. Instead add them the help page,
so it shows an output like below:

```
  -t, --type type     One of: rsa-2048, rsa-3072, ecdsa-p256, ecdsa-p224,
                      ed25519  [required]
```

When no type is given in the cli, ask for it:

```
$ ./imgtool.py keygen -k privkey.pem
Type (rsa-2048, rsa-3072, ecdsa-p256, ecdsa-p224, ed25519):
```

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-13 17:32:18 -03:00