Replace sdk-nrf specific PSA implementation for ed25519 with provided by the upstream #401
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This reverts commit 148712e. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
… but decrypted image" This reverts commit bc8d277. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
… compression" This reverts commit 97e8acf. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This reverts commit 2ca0efe. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
…ssion" This reverts commit 4ceb477. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
…ture key" This reverts commit b647a94. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This reverts commit a43e5f4. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
…age" This reverts commit 32a7c77. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This reverts commit 4e2273f. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This reverts commit 9644dc2. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This reverts commit f3c2fbc. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This reverts commit 62929e4. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This reverts commit cbb7da0. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
…ion" This reverts commit 1107145. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This reverts commit 655eeac. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This reverts commit 4943e2f. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
de-nordic
force-pushed
the
get_psa_from_upstream
branch
from
ebbfe39 to
d82af33
Compare
de-nordic
force-pushed
the
get_psa_from_upstream
branch
2 times, most recently
from
dc4abc7 to
641126b
Compare
This commit fixes issue where even if Zephyr provided mbedTLS module was used, ASN1 decoding procedures have been taken from MCUboot own version of mbedTLS extracted sources for these functions. To be able to do that this commit changes config file used with mbedTLS with the one provided from Zephyr (the generic one), which allows to select required mbedTLS features via Kconfig options exposed by Zephyr. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 3f67213)
The commit enables SHA512 support, for image hashing, with TinyCrypt. Although on 32bit machines the SHA256 will be faster than SHA512, benefit of enabling the SHA512 is that you have only one algorithm compiled in which reduces size of code. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit f72158f)
The commit add support for passing storage device address space to hash calculation functions, which allows to use hardware accelerated hash calculation on storage. This feature only works when image encryption is not enabled and all slots are defined within internal storage of device. The feature is enabled with MCUboot configuration option MCUBOOT_HASH_STORAGE_DIRECTLY. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit b43b8c8)
The commit adds support for PureEdDSA, which validates signature of image rather than hash. This is most secure, available, ED25519 usage in MCUboot, but due to requirement of PureEdDSA to be able to calculate signature at whole message at once, here image, it only works on setups where entire image can be mapped to device address space, so that PSA functions calculating the signature can see the whole image at once. The feature is enabled with MCUBOOT_SIGN_PURE MCUboot configuration option. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit de9bc3d)
Select BOOT_IMG_HASH_ALG_SHA512_ALLOW via BOOT_ED25519_TINYCRYPT. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 30e6adf)
Adds CONFIG_BOOT_IMG_HASH_DIRECTLY_ON_STORAGE, which enables MCUBOOT_HASH_STORAGE_DIRECTLY for Zephyr. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 96f01aa)
Commit adds CONFIG_BOOT_SIGNATURE_TYPE_PURE Kconfig option, which enables MCUBOOT_SIGN_PURE in MCUboot configuration. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 9668469)
Add a few missing Kconfig options. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 96b7008)
…ification The commit provides implementation of image verification with ed25519 and encryption/decryption support where random key is encrypted using x25519. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 615a9df)
Adds Kconfig option CONFIG_BOOT_ED25519_PSA that allows to switch ed25519 to PSA backend. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit f2b6def)
…ey import The commit adds MCUBOOT_KEY_IMPORT_BYPASS_ASN configuration option that allows bypassing ASN.1 decoding of ED25519 public key, compiled into MCUboot. When the option is enabled the key will be accessed directly and ASN.1 processing is not compiled in, resulting in smaller footprint of MCUboot, at a cost of reduced detection of invalid key, i.e. public key designated for different method than compiled in. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 1dcfbda)
…SS_ASN The option enables MCUboot configuration option MCUBOOT_KEY_IMPORT_BYPASS_ASN. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 3ff7549)
One of includes is not available when bypassing ASN1 encoding as mbedTLS is no longer enabled for compilation. Discovered with zephyr, but common for other platforms, after recent changes in CMakeLists.txt. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit a01ca4cf946badfc409c490850c335f7152bc391)
Commit removes files needed for ASN1 parsing from compilation, when ASN1 bypass is enabled. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit ec86244ac150d87b46e41d948ce7b655be672f88)
…t needed Make selection of MBEDTLS_ASN1_PARSE_C, in BOOT_ED25519_MBEDTLS, depending on ASN1 parsing being enabled. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 0ba80ffb1a0a2514385de47da67ac19c17ff23de)
ED25519 with mbedTLS has not been linking due to missing SHA512, which is internally required by ED25519 implementation. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit f523c60dbd60677557d192dcabd20af28a8470c3)
de-nordic
force-pushed
the
get_psa_from_upstream
branch
from
641126b to
6b8fdc1
Compare
All of ED25519 backends allow SHA512, together with SHA512. The ED25519 internally requires SHA512 for calculations, but image may be hashed with any SHA algorithm. The PSA has also been missing selecting of any SHA as allowed. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit e5d8640cd49829a1d5916fbae04cb2c817fb6116)
de-nordic
force-pushed
the
get_psa_from_upstream
branch
from
6b8fdc1 to
7505fa5
Compare
nordicjm
approved these changes
Mar 14, 2025
Accidentally added check for size of blen against hash length, in bootutil_verify, was doubling check done in bootutli_verify_sig and prevented pure signature from working. Upstream PR #: 2237 Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Select proper configuration and disable mbedTLS selection, as we are using NRF Security enabled Oberon. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Adds support to the compressed image update for allowing encrypted images. Also removes the limit of having 1 updateable image Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 390c468) (cherry picked from commit cbb7da0) (cherry picked from commit 148712e)
Adds a new Kconfig CONFIG_BOOT_SIGNATURE_KMU_SLOTS which allows specifying how many KMU key IDs are supported, the default is set to 1 instead of 3 which was set before NCSDK-30743 Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> (cherry picked from commit 12e5ee1) (cherry picked from commit 2ca0efe)
…rypted image This TLV is needed in order to know what the data length provided to the decompression system is to remove the padding that is a resultant of the encryption block size Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 4bda587) (cherry picked from commit bc8d277)
de-nordic
force-pushed
the
get_psa_from_upstream
branch
from
37ac9c7 to
1734354
Compare
Use snprinf, alloc, calloc and free from mbedTLS rather than from Zephyr. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
de-nordic
force-pushed
the
get_psa_from_upstream
branch
from
1734354 to
ea76eeb
Compare
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR does: