Update the dependencies needed, as well as adding a blurb about how to
password protect the private key.
Signed-off-by: David Brown <david.brown@linaro.org>
Until we fix the padding problem, pad the ecdsa signatures with zeros to
always be 72 bytes long. Add a 'raw_sign' method so that the unit test
can use the real signature.
Signed-off-by: David Brown <david.brown@linaro.org>
Replace the (now broken) ECDSA code with code using the python
'cryptography' library.
Similar to the change to RSA, this changes the format that private keys
are stored, again using PKCS#8. This supports the stronger password
protection as well.
Again, this code will still support reading the older style of public
keys, but other tools that use keys generated by this change will need
to be updated to work with the new format.
Signed-off-by: David Brown <david.brown@linaro.org>
The verification code requires a fixed 32-byte salt, which seems is what
the old crypto library did. Use this same value to avoid having to
modify the code.
Signed-off-by: David Brown <david.brown@linaro.org>
The keygen command allows the `-p` argument which will prompt for a
password, and protect the private key with this password. When loading
keys, it will prompt for a password if it detects a password protected
key.
Signed-off-by: David Brown <david.brown@linaro.org>
The 'cryptography' library is pickier about the data it is asked to
sign. Get the bytes value out of the bytearray for doing the actual
signature.
Signed-off-by: David Brown <david.brown@linaro.org>
Replace RSA code with one using the python 'cryptography' library. This
library is much more complete, and will make adding support for password
protected keys, and separate public keys easier.
There is, however, a significant change brought about by this change:
the private keys are stored in PKCS#8 format, instead of the raw format
that was used previously. This is a more modern format that has a few
advantages, including: supporting stronger password protection, and
allowing the key type to be determined upon read.
This tool will still support reading the old style public keys, but
other tools that use these keys will need to be updated in order to work
with the new format.
This new code has some unit tests to go along with it for some basic
sanity testing of the code.
Signed-off-by: David Brown <david.brown@linaro.org>
Support for PKCS1.5 has been removed from the bootloader for a while
now, remove it as well from the tool.
Signed-off-by: David Brown <david.brown@linaro.org>
Although this file is likely implicitly licensed under the Apache 2.0
license because of the LICENSE file for this project, make this explicit
in this file.
Signed-off-by: David Brown <david.brown@linaro.org>
Move to newer versions of some upstream packages, lazy_static, which is
now at 1.0 (no api change), and error-chain (0.11), which eliminates a
warning during compilation.
Signed-off-by: David Brown <david.brown@linaro.org>
Since boot_read_image_headers only failed when reading headers from
both Slots failed, it could happen that even with a failure reading
Slot 1, this data would still be used by split booting. Now when
reading image headers an extra parameter allows the caller to ask
for failure when any slot read failed.
JIRA: MCUB-56
Signed-off-by: Fabio Utzig <utzig@apache.org>
Assertions that are expected to fail under sim test, are now marked as such
using the macro ASSERT which allows to programmatically switch between normal
assert() behavior and captured assertion.
Assertion changes were moved to more appropriate owners and code duplication
was removed.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This test marks the status write regions as a bad region,
causing errors, but it is allowed to complete the swap. On
restart the firmware in slot0 should be validated and work.
Signed-off-by: Fabio Utzig <utzig@apache.org>
The rationale behind this change is that while performing a swap
operation, writes to the status area are not important enough
to abort the operation. If the swap is not interrupted, status
writes are ignored. If the swap is interrupted, failures to write
status area are detected during the next boot and an appropriate
measure is taken.
If MCUBOOT_VALIDATE_SLOT0 is set we ignore the status write fail
and allow slot0 to be validated by its hash/signature. Otherwise,
the old behavior is maintained, which is to abort on any write
failures.
Signed-off-by: Fabio Utzig <utzig@apache.org>
At the moment writes always checking that they are being
performed on an erased section of memory. This patch enables
a test to disable that, to enable looking for other error
causes.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Add new interface to enable configuring regions of the simulated
memory to fail probabilistically. An entry is based on an offset,
length and rate of failure. This only applies to write operatios
and throws an error that can be caught in tests.
Signed-off-by: Fabio Utzig <utzig@apache.org>
When building in simulator mode, mock assert() to call an simulator
function which will enable other code to check if some path failed.
The assert checking interface, was added to boot_go which now
returns the low-level invocation results as well as the number of
asserts triggered.
Some new added tests check for assert() and expect it to happen. To not
abort tests, assert() was changed under sim env to not call c assert()
and instead just do some internal calculation which could be checked
by the simulator after a bootloader run and assert() catching behavior
was made optional (each test choses the behavior it needs).
Signed-off-by: Fabio Utzig <utzig@apache.org>
When using EC256 for signing, Zephyr now uses the bundled tinycrypt
and mbed-tls ASN1 parser instead of relying on the one provided by
the OS.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This commit removes the pseudo tinycrypt package based on symlinks
by adding a new pkg.yml to ext/tinycrypt and using it directly. It
also uses the new mbed-tls bundled ASN1 parser when EC256 is selected.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This bundles the asn1 parser from mbed-tls into mcuboot, which allows
adding EC crypto (tinycrypt based) functionality for target OSes that
don't bundle mbed-tls.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Although these files are likely implicitly licensed under the Apache 2.0
license because of the LICENSE file for this project, make this explicit
in these files.
Signed-off-by: David Brown <david.brown@linaro.org>
Our current travis environment still uses gcc 4.8.4 which defaults to
std=gnu90. Some of tinycrypt's code requires c99.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This fixes a comparison issue that was previously fixed by doing a
cast. Since tinycrypt and mbed-tls both already use an unsigned for
the size, the mcuboot interface was updated to also use an unsigned
value (size_t to be more precise!).
Signed-off-by: Fabio Utzig <utzig@apache.org>
Since ring does not yet support ecdsa signing, a thin layer was added
to allow the simulator to call tinycrypt's signing routine.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This enables building ecdsa feature using tinycrypt (mbed still built
for ASN1). The default mbed-tls config was update to use the MCUBOOT_SIGN_*
symbols.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Instead of trying to determine current branch using git, just rely
on travis to know if this is a PR and if it is not, don't do
signed-off-by checking.
Signed-off-by: Fabio Utzig <utzig@apache.org>