Commit Graph

1138 Commits

Author SHA1 Message Date
Fabio Utzig 729139f80f ci: add tool to check for Cargo features
When running tests from .travis.yml, the passed in features are first
checked locally for support in the current simulator. The list of
supported features was manually maintained, allowing newly implemented
features to be skipped, also skipping the related test (without
warnings). This adds a new tool that parses and prints the list of
features directly from the given Cargo.toml.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-01-07 16:03:55 -03:00
Rajiv Ranganath ce6fe63817 scripts: Add `imgtool.nix`
Nix environment for working with `imgtool.py`

Signed-off-by: Rajiv Ranganath <rajiv.ranganath@atihita.com>
2019-12-30 19:55:58 -03:00
Fabio Utzig ca8ead2af7 zephyr: add option for saving enckey TLVs in swap status
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
Fabio Utzig 6e137818d2 mynewt: add option for saving enckey TLVs in swap status
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
Fabio Utzig 4741c45293 bootutil: allow encryption key TLVs in swap status
Add a new option that when enabled, allows a swap status to store
an encrypted key TLV instead of plain keys. When a new swap operation is
started the encryption keys are saved to the swap status area to allow
for resuming (because it is challenging to find those TLV in the middle
of a swap operation).

Previously those keys were saved in plain text, so it would be easy to
dump them if the images were stored in external flash. With this new
option one can choose to save the TLV instead, which uses more flash
but does not leak secrets. The amount of flash required varies depending
on the size of the TLV, which is 48 for AES-128-KW, 512 for RSA and 240
for ECIES-P256.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
Fabio Utzig f616c5494b bootutil: zero memory containing plain text keys
Avoid jumping into an image while still having encryption keys stored in
RAM, which could then be recovered by the app.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
Fabio Utzig 3fbbdac56a sim: get status area size from bootutil
Add new bootutil function that returns the size of the status area.
The simulator was updated to remove the custom calculation and get
the size directly from bootutil, avoiding breakages the happen when
both are not in sync.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
Fabio Utzig 07a9a0364d bootutil: avoid save of enc keys in secondary slot
When using swap withouth scratch, if a revert operation is detected there
is a fixup that needs to be done to avoid losing metadata. This fixup
copied metadata from the primary slot to the secondary slot temporarily.

Previously it was also copying the encrypted image keys but this is not
required since a fixup is only run when starting a new swap where the
keys were loaded directly from the images. This also avoids that a
secondary slot in external flash would leak keys (according to our
threat model).

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-20 14:57:06 -03:00
David Brown a36082664e ecdsa: Allow ECDSA signatures to be actual length
ECDSA signatures are variable length.  They are also encoded as ASN.1.
The ASN.1 parser we use is given the length, and will return a decoding
error if the signature block is not sufficiently long.  Instead of
requiring the signature block be padded to the longest possible length a
signature can be, allow them to be their natural length.

This allows image signing tools to be able to generate signatures that
don't have this padding.  Along with removing the pad removal code from
the EC224 code, this will allow this code to correctly validate all
signatures, not just 255 out of 256.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
David Brown 3639aca071 docs: Change name of padding arguments
To be squashed

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
David Brown bf3a3a9c71 docs: Typo fixes and suggestions from mbolivar
To be squashed after review.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
David Brown 8f057ca5ae docs: Write up some docs about ecdsa padding
Start with some documentation on ECDSA signatures, and the problems with
the current padding approach.  Present a plan to support correctly
formatted ECDSA signatures, and how to handle the transition both in the
C code, as well as the tooling that signs images.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
Fabio Utzig 63b4eac65c zephyr: remove trailing tab
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-17 20:34:26 -03:00
Fabio Utzig ba9e7921c5 imgtool: release 1.5.0alpha2
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-17 16:26:53 -03:00
Fabio Utzig 272c5eb540 zephyr: sim: add minimized ECIES-P256 key
Remove public key from embedded private encryption key (it was already
ignored before).

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-17 16:26:53 -03:00
Ioannis Konstantelias 78e57c7b6e scripts: imgtool: Add command to dump private keys
This applies a few improvements to a commit previously included in
PR #596:

* Move functions to dump a private key to the private key classes
* Remove language option; always dumps in C format
* Add option to generate a minimal dump. This will remove extra
  parameters that are present in keys generated with the `keygen`
  command.
  For P256 this will remove the public point, which is already
  ignored by the parsing function. The resulting key dump shrinks
  from 138 to 70 bytes.
  For RSA it will remove the DP/DQ/QP parameters which are only
  used with CRT enabled, and if not available, can be calculated at
  runtime. This reduces the size of a key dump from around 1190
  bytes to somewhere close to 800 bytes. A patch to the RSA parsing
  routine will be added in another commit.

Signed-off-by: Fabio Utzig <utzig@apache.org>
Signed-off-by: Ioannis Konstantelias <ikonstadel@gmail.com>
2019-12-17 16:26:53 -03:00
Fabio Utzig 6f4d8f8597 bootutil: allow RSA encryption keys without DP/DQ/QP
Allow runtime generation of CRT params when not available in the
embedded private key. Also remove parsing/calculation of CRT
parameters when CRT was disabled in the config (mbedTLS does not
use those in this case).

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-17 16:26:53 -03:00
Fabio Utzig 1e19c5afc7 zephyr: fix include in hello-world app
Update include due to changes in Zephyr. This is related to commit
f1d189c486.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-16 16:08:00 -03:00
Andrzej Puzdrowski c2bd757332 zephyr: Add module.yml for Zephyr module integration
module.yaml added as required for Zephyr's integration as a module.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2019-12-16 18:40:34 +01:00
Andrzej Puzdrowski 6210164f71 zephyr: add zephyr's sanitycheck description
Added sample.yaml which is required for automatic building
mcuboot using zephyr sanitycheck.

Can be run by zephyr sanitycheck locally using
--testcase-root=/path/to/mcuboot/boot/zephyr
to make it detect the sample.yaml added.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2019-12-16 18:40:34 +01:00
Fabio Utzig 7ca2855b46 imgtool: Add helpers for type in keygen command
Apply a few improvements to the type parameter in the keygen command.
Currently finding out the key types requires passing an invalid value
to display what values are available. Instead add them the help page,
so it shows an output like below:

```
  -t, --type type     One of: rsa-2048, rsa-3072, ecdsa-p256, ecdsa-p224,
                      ed25519  [required]
```

When no type is given in the cli, ask for it:

```
$ ./imgtool.py keygen -k privkey.pem
Type (rsa-2048, rsa-3072, ecdsa-p256, ecdsa-p224, ed25519):
```

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-13 17:32:18 -03:00
David Brown f6d14c239e zephyr: Add simple benchmark support to Zephyr
This adds a Kconfig feature CONFIG_BOOT_USE_BENCH, which when enabled
will print the simple benchmarking output as log messages.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-12 14:48:35 -07:00
David Brown 590a310366 Implement a simple benchmark framework
Add a `bootutil/bench.h` file that defines two calls
`boot_bench_start()` and `boot_bench_stop()` along with a type for the
state.  These calls can be placed around blocks of code, and with a
properly defined implementation, will print simple performance
information about these operations.

This change merely adds the includes, and the empty implementations that
are used if the bencharking feature is not enabled.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-12 14:48:35 -07:00
Andrzej Puzdrowski f1d189c486 zephyr: switch to recent defines and include headers
In zephyr code-base some generic include patches
and defines had been deprecated since a while.
This condition was maintained until zephyr v2.1.0 inclusive.

Recently these deprecated items were removed completely from
the zephyr master branch. Zephyr current SHA of this patch is
e124c1cd34938f02bbe879533c6bd29b5ff53707

This patch switch mcuboot to using most recent items.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2019-12-12 11:54:44 +01:00
David Brown 098de833d5 boot: Clean up errors during sim test
There are a few error messages printed by the boot code.  In a normal
platform, these are real errors, and really should print a message.
However, in the simulator, we intentionally create these scenarios, and
these errors only serve to distract from the rest of the test output.

Conditionalize the error prints based on whether we are running in the
simulator.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-10 12:42:21 -07:00
Fabio Utzig 6fa2d40d45 sim: log flash writes/reads/erases at highest level
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-10 16:04:44 -03:00
Fabio Utzig e92df93461 sim: log: add new level targetting simulator
* Adds a new level (BOOT_LOG_SIM) to be used only for messages that
  are interesting while debugging bootutil in the simulator. This should
  be used for extra verbose prints.

* Also added fflushs after fprints to guarantee that messages are printed
  even when assertions are raised.

* For abstraction completeness, add "do nothing" definitions of _LOG_SIM
  to the other ports.

* Make DEBUG the default level when building the simulator (one can
  still lower verbosity using any other value for RUST_LOG).

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-10 16:04:44 -03:00
Fabio Utzig b86e688286 bootutil: fix random upgrade failure using swap move
Fix an issue where an upgrade could fail to execute.

This happened randomly in the "perm_with_fails" test in the simulator;
for it to happen the first reset had to occur just after writing the
metadata to mark the start of a new upgrade, but before any swap happened;
if followed by a new reset happening at a point where the metadata was
erased and rewritten, it would result in an upgrade failure. The images
would still be valid though although in their original slots.

The fix stores the detected boot status source in the state. When
metadata was found in the primary slot we assume a swap has already
started (even though no sector swap has happened) and avoid
erasing/rewriting it.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-10 12:02:15 -03:00
Fabio Utzig 5e6ea22cff bootutil: Add debug for encrypted key writing
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-10 12:02:15 -03:00
David Brown 3cabd927a7 sim: Fix ecdsa padding
For some reason, the ECDSA signature generation code attempted to adjust
the length of the ASN.1 of the actual signature.  It wasn't doing this
right, and was creating ASN.1 expecting many more entries than were
present.  The half-run parser in the tinycrypt ECDSA signature check
didn't care about this, but mbed TLS's signature check does care.

The intent of the padding was to be able to predict the size of the TLV
before writing it out.  Keep the padding for now, even though there is
no simple way of knowing how many pad bytes to remove (just removing
them will remove extra if there is a zero in the last byte of the
signature.

A future change will eliminate the padding, as it should no longer be
needed.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-10 07:40:47 -07:00
Fabio Utzig c58842e8be boot: zephyr: add config for swap without scratch
Add Zephyr option to enable building a bootloader that uses an
alternative swap algorithm, that first moves up all sectors in slot1 and
then directly swaps between slot0 and slot1.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-09 14:21:09 -03:00
Fabio Utzig 8cecedc119 ci: add "swap-move enc-rsa sig-rsa"
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-09 14:21:09 -03:00
Fabio Utzig be43ea8977 boot: mynewt: add config for swap without scratch
Add Mynewt option to enable building a bootloader that uses an
alternative swap algorithm, that first moves up all sectors in slot1 and
then directly swaps between slot0 and slot1.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-09 14:21:09 -03:00
Fabio Utzig 114a64768b sim: add unsupported caps to device creation
Update `make_device` to return a slice of unsupported caps for a test.
This allows skipping tests in devices that are known to be non working
under some build configuration.

The device constructor was updated to return a `Result`, so that the
specific reason for skipping can be returned as a `String`.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-09 14:21:09 -03:00
Fabio Utzig f5480c74e9 bootutil: sim: add cap for swap using move
Add cap for swap using move and rename old swap upgrade cap to swap
using scratch. Update sim to allow swapping tests to also run using
move.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-09 14:21:09 -03:00
Fabio Utzig 031eb7de76 sim: add feature for swap move strategy
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-09 14:21:09 -03:00
Fabio Utzig 74aef312df bootutil: add swap without scratch strategy
This implements a swap upgrade that does not use a scratch area. It
works by first moving all sectors in the primary slot up one position,
and then looping on moving sector of index X of the secondary slot to
index X of the primary slot, followed by moving sector X+1 of the
primary slot to X on the secondary slot, for each sector X.

The idea behind this implementation was initially suggested by Jehudi
Maes (@Laczen) and implemented on his own bootloader (ZEPboot).

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-09 14:21:09 -03:00
Fabio Utzig 12d5916adf boot: bootutil: move scratch swap functionality
This moves the functionality that is unique to a scratch based swap
upgrade into a separate file. Later other upgrade strategies can be
added by reimplementing those functions.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-09 14:21:09 -03:00
Fabio Utzig e60c2fb07f bootutil: remove unused function prototype
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-09 14:21:09 -03:00
David Brown e90b13f9a9 sim: Actually test invalid signatures
Currently, the tests that appear to be testing for invalid signatures
are actually just testing that images aren't used if the entire TLV
block is missing.  Fix this by being more subtle about our corruptions.
If there is no signature, corrupt that data being used to generate the
hash.  Otherwise, modify the data before it goes into the signature, but
generate a valid SHA256 in the TLV.  This way, we exercise the signature
itself being corrupt.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-09 09:54:15 -07:00
David Brown 4fae8b8743 sim: Use 16 bit writes for length fields
Previous changes have used 16-bit writes for calculated lengths, but are
using a pair of 8-bit writes for hard-coded values.  Change these to
also use 16-bit writes for consistency, and clarity.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-09 09:47:26 -07:00
David Brown 6972118ce3 sim: Change TLV tag from u8 to u16
Change the type of the TLV tag from an 8-bit unsigned value (followed by
8 bits of padding) to a 16-bit value.  Because we are storing the tag as
little endian, the encoding will end up the same, but this will later
allow us to add more tags.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-09 09:47:26 -07:00
David Brown d13318a14f boot: Change TLV tag to 16 bits
The current TLV tag is an unsigned 8-bit integer, that is stored with 8
bits of padding.  As the TLV tag is defined to be little endian
(although the code doesn't properly handle this), we can use the 8 bits
of padding as the upper 8-bits, treating the TLV tag as a 16 bit value,
and all existing tags will operate as they did before.

Change the types used throughout the code to represent the TLV to a
`uint16_t`.  Change the ANY tag type to `0xffff` instead of `0xff`.
This value is never stored, but will avoid conflicts with any future
allocated tags.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-09 09:47:26 -07:00
David Brown 2b951c920b samples: zephyr: Remove redundant extra chip erase
Remove a redundant chip erase from run-tests.go.  The '-e chip' should
tell pyocd to perform a chip erase.  There seem to be some combinations
of daplink and pyocd that if an invalid image is loaded into the device,
it can no longer be flashed by pyocd.  Performing the chip erase as a
separate command easily gets it into this state.  It can be recovered by
using the DAP filesystem to write the image.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-05 11:32:26 -07:00
Sergey Koziakov 24d1be074f zephyr: restore device tree overlay
0e3fa72df4 removed device tree overlay
that is required to flash mcuboot to correct partition and CMake
variable that pointed to it. Restore it.

Do not restore adding "boards/${BOARD}.overlay" to the list since Zephyr
detects this file automatically now - see https://docs.zephyrproject.org/latest/application/index.html#devicetree-overlays

Signed-off-by: Sergey Koziakov <dya.eshshmai@gmail.com>
2019-12-04 23:54:18 -07:00
David Brown a0cb24b84e sim: Remove some extraneous print
These were added during development to make sure conditional compilation
was working.  Now, they just cause excess messages to be printed.
Remove them.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-04 11:21:56 -07:00
Fabio Utzig d37d877603 Add html anchors to design and imgtool documents
When pages are built from the markdown sources, the html anchors for
titles are automatically added, but no links are inserted in the pages.
This makes it harder to send URLs to sections; one has to browse the
page source to get the correct link. This fixes the issue by adding
links directly to the generated pages.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-03 16:35:58 -03:00
David Brown 586c84e942 README.md: Minor typographical and grammar fixes
These are some minor fixes to the README.md files submitted by Aidan
Earle <a_earle@live.com>.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-03 10:37:46 -07:00
Sergey Koziakov 3f0738d29f zephyr: restore removed #endif in target.h
8accafd5c7 has removed #endif statement
belonging to unrelated #if, causing compilation error. Restore it.

Signed-off-by: Sergey Koziakov <dya.eshshmai@gmail.com>
2019-12-03 07:08:37 -03:00
Martí Bolívar 0e3fa72df4 zephyr: Fix board logic
Don't set the board to qemu_x86 either; that's not right by any means.

Remove dts.overlay and build system logic related to it in
boot/zephyr/CMakeLists.txt. This file was a hack for arduino_101,
which is no longer supported by Zephyr.

Remove all the other DTC_OVERLAY_FILE logic in general while we're
here. Zephyr picks up
${APPLICATION_SOURCE_DIR}/boards/${BOARD}.overlay and uses it as
DTC_OVERLAY_FILE "for free" if DTC_OVERLAY_FILE is unset.

Adjust the minimum CMake version while we're here to account for
Zephyr build system changes.

Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-02 11:56:24 -07:00