[nrf noup] Added BOOT_SIGNATURE_USING_ITS for ecdsa configuration #476
Conversation
|
Note: I have not added |
| static psa_key_id_t builtin_key_ids[BOOT_SIGNATURE_BUILTIN_KEY_SLOTS] = { | ||
| 0x40022100, | ||
| 0x40022101, | ||
| // 0x40022102, |
| @@ -491,6 +495,61 @@ static inline int bootutil_ecdsa_verify(bootutil_ecdsa_context *ctx, | |||
| return (int) psa_verify_hash(ctx->key_id, PSA_ALG_ECDSA(ctx->required_algorithm), | |||
| hash, hlen, reformatted_signature, 2*ctx->curve_byte_count); | |||
| } | |||
| #else /* !CONFIG_BOOT_SIGNATURE_USING_ITS */ | |||
|
|
|||
| #define BOOT_SIGNATURE_BUILTIN_KEY_SLOTS 4 | |||
There was a problem hiding this comment.
| #define BOOT_SIGNATURE_BUILTIN_KEY_SLOTS 4 |
| psa_algorithm_t algorithm; | ||
| }; | ||
|
|
||
| static psa_key_id_t builtin_key_ids[BOOT_SIGNATURE_BUILTIN_KEY_SLOTS] = { |
There was a problem hiding this comment.
| static psa_key_id_t builtin_key_ids[BOOT_SIGNATURE_BUILTIN_KEY_SLOTS] = { | |
| static psa_key_id_t builtin_key_ids[] = { |
ahasztag
force-pushed
the
NCSDK-34470_ecdsa_with_its
branch
from
1214847 to
2f2be35
Compare
ahasztag
force-pushed
the
NCSDK-34470_ecdsa_with_its
branch
from
2f2be35 to
6a24060
Compare
ahasztag
force-pushed
the
NCSDK-34470_ecdsa_with_its
branch
3 times, most recently
from
320e0de to
6b51018
Compare
| BOOT_LOG_ERR("ECDSA signature verification failed %d", status); | ||
| } | ||
|
|
||
| return (int) status; |
There was a problem hiding this comment.
No. Translate the status to something like 1 or 2, or whatever.
I do not think that PSA codes should leave the bootutil_ecdsa_verify, because they make no sense to MCUboot.
I guess that what we have outside is a mess, but we are sure to understand PSA statuses here, but not sure we do so outside the function.
There was a problem hiding this comment.
Ok, I probably just wanted to return similarly as the normal PSA implementation, now the function is returning 2 on error.
| static psa_key_id_t builtin_key_ids[] = { | ||
| 0x40022100, | ||
| 0x40022101, | ||
| 0x40022102, | ||
| 0x40022103 | ||
| }; |
There was a problem hiding this comment.
Doesn't this cause link errors that there is unused static builtin_key_ids defined in all the units that include the ecdsa.h?
There was a problem hiding this comment.
This should probably be defined within the bootutil_ecdsa_verify.
There was a problem hiding this comment.
It doesn't cause errors, as it is under CONFIG_BOOT_SIGNATURE_USING_ITS.
I think keeping it outside of the function seems a bit cleaner. I tried to mimic the implementation from CRACEN KMU as much as possible, where the array is kept outside the function. But I do not have any strong feelings about it, I can move it inside of the function if you prefer it.
In the future I'd like to move this to some sort of external hook, but I didn't want to complicate the commit too much currently, as the current version is OK for our current needs and I assume we will want to rework the ECDSA signing code in the near future anyway.
| struct boot_ecdsa_key_info { | ||
| psa_key_id_t key_id; | ||
| psa_algorithm_t algorithm; | ||
| }; |
There was a problem hiding this comment.
Where is this thing used?
There was a problem hiding this comment.
Sorry, it is a leftover from the development process, I have missed this, removed.
This configuration has the purpose of using keys provisioned to the internal trusted storage (ITS). It makes use of the already existing parts of code for MCUBOOT_BUILTIN_KEY Signed-off-by: Artur Hadasz <[email protected]>
ahasztag
force-pushed
the
NCSDK-34470_ecdsa_with_its
branch
from
6b51018 to
8c4a36f
Compare
|
| @@ -422,7 +422,14 @@ config BOOT_KMU_KEYS_REVOCATION | |||
| help | |||
| Enabling KMU key revocation backend. | |||
|
|
|||
| if !BOOT_SIGNATURE_USING_KMU | |||
| config BOOT_SIGNATURE_USING_ITS | |||
| bool "Use KMU stored keys for signature verification" | |||
There was a problem hiding this comment.
Is 'KMU' here intended ?
This configuration has the purpose of using keys provisioned to the internal trusted storage (ITS). It makes use of the already existing parts of code for MCUBOOT_BUILTIN_KEY