diff --git a/.github/workflows/sim.yaml b/.github/workflows/sim.yaml index 36d890d4f..459d21bcf 100644 --- a/.github/workflows/sim.yaml +++ b/.github/workflows/sim.yaml @@ -16,25 +16,23 @@ jobs: strategy: matrix: features: - - "sig-ecdsa,sig-ecdsa-mbedtls,sig-ed25519,enc-kw,bootstrap" + - "sig-ecdsa-mbedtls,sig-ed25519,enc-kw,bootstrap" - "sig-rsa,sig-rsa3072,overwrite-only,validate-primary-slot,swap-move,swap-offset" - "enc-rsa,enc-rsa max-align-32" - "enc-aes256-rsa,enc-aes256-rsa max-align-32" - - "enc-ec256,enc-ec256 max-align-32" + - "enc-ec256-mbedtls,enc-ec256-mbedtls max-align-32" - "enc-aes256-ec256,enc-aes256-ec256 max-align-32" - "enc-x25519,enc-x25519 max-align-32" - "enc-aes256-x25519,enc-aes256-x25519 max-align-32" - - "sig-rsa overwrite-only,sig-ecdsa overwrite-only,sig-ecdsa-mbedtls overwrite-only,multiimage overwrite-only" - - "sig-rsa validate-primary-slot,sig-ecdsa validate-primary-slot,sig-ecdsa-mbedtls validate-primary-slot,sig-rsa multiimage validate-primary-slot" + - "sig-rsa overwrite-only,sig-ecdsa-mbedtls overwrite-only,multiimage overwrite-only" + - "sig-rsa validate-primary-slot,sig-ecdsa-mbedtls validate-primary-slot,sig-rsa multiimage validate-primary-slot" - "enc-kw overwrite-only,enc-kw overwrite-only max-align-32" - "enc-rsa overwrite-only,enc-rsa overwrite-only max-align-32" - "enc-aes256-kw overwrite-only,enc-aes256-kw overwrite-only max-align-32" - "sig-rsa enc-rsa validate-primary-slot,swap-move enc-rsa sig-rsa validate-primary-slot bootstrap,swap-offset enc-rsa sig-rsa validate-primary-slot bootstrap" - "sig-rsa enc-kw validate-primary-slot bootstrap,sig-ed25519 enc-x25519 validate-primary-slot" - - "sig-ecdsa enc-kw validate-primary-slot" - "sig-ecdsa-mbedtls enc-kw validate-primary-slot" - "sig-rsa validate-primary-slot overwrite-only,sig-rsa validate-primary-slot overwrite-only max-align-32" - - "sig-ecdsa enc-ec256 validate-primary-slot" - "sig-ecdsa-mbedtls enc-ec256-mbedtls validate-primary-slot" - "sig-ecdsa-mbedtls enc-aes256-ec256 validate-primary-slot" - "sig-rsa validate-primary-slot overwrite-only downgrade-prevention" @@ -43,7 +41,7 @@ jobs: - "sig-rsa validate-primary-slot direct-xip" - "sig-rsa validate-primary-slot ram-load multiimage" - "sig-rsa validate-primary-slot direct-xip multiimage" - - "sig-ecdsa hw-rollback-protection multiimage" + - "sig-ecdsa-mbedtls hw-rollback-protection multiimage" - "sig-ecdsa-psa,sig-ecdsa-psa sig-p384" - "ram-load enc-aes256-kw multiimage" - "ram-load enc-aes256-kw sig-ecdsa-mbedtls multiimage" diff --git a/boot/bootutil/include/bootutil/crypto/ecdh_p256.h b/boot/bootutil/include/bootutil/crypto/ecdh_p256.h index e3ac9be6a..9ddaace81 100644 --- a/boot/bootutil/include/bootutil/crypto/ecdh_p256.h +++ b/boot/bootutil/include/bootutil/crypto/ecdh_p256.h @@ -23,51 +23,10 @@ #define EC256_PUBK_LEN (65) #endif /* MCUBOOT_USE_MBED_TLS */ -#if defined(MCUBOOT_USE_TINYCRYPT) - #include - #include - #define BOOTUTIL_CRYPTO_ECDH_P256_HASH_SIZE (4 * 8) -#endif /* MCUBOOT_USE_TINYCRYPT */ - #ifdef __cplusplus extern "C" { #endif -#if defined(MCUBOOT_USE_TINYCRYPT) -typedef uintptr_t bootutil_ecdh_p256_context; -typedef bootutil_ecdh_p256_context bootutil_key_exchange_ctx; -static inline void bootutil_ecdh_p256_init(bootutil_ecdh_p256_context *ctx) -{ - (void)ctx; -} - -static inline void bootutil_ecdh_p256_drop(bootutil_ecdh_p256_context *ctx) -{ - (void)ctx; -} - -static inline int bootutil_ecdh_p256_shared_secret(bootutil_ecdh_p256_context *ctx, const uint8_t *pk, const uint8_t *sk, uint8_t *z) -{ - int rc; - (void)ctx; - - if (pk[0] != 0x04) { - return -1; - } - - rc = uECC_valid_public_key(&pk[1], uECC_secp256r1()); - if (rc != 0) { - return -1; - } - - rc = uECC_shared_secret(&pk[1], sk, z, uECC_secp256r1()); - if (rc != TC_CRYPTO_SUCCESS) { - return -1; - } - return 0; -} -#endif /* MCUBOOT_USE_TINYCRYPT */ - #if defined(MCUBOOT_USE_MBED_TLS) #define NUM_ECC_BYTES 32 diff --git a/boot/bootutil/include/bootutil/crypto/ecdsa.h b/boot/bootutil/include/bootutil/crypto/ecdsa.h index 35f0930fa..6350e5092 100644 --- a/boot/bootutil/include/bootutil/crypto/ecdsa.h +++ b/boot/bootutil/include/bootutil/crypto/ecdsa.h @@ -8,7 +8,7 @@ * This module provides a thin abstraction over some of the crypto * primitives to make it easier to swap out the used crypto library. * - * At this point, the choices are: MCUBOOT_USE_TINYCRYPT, MCUBOOT_USE_CC310, + * At this point, the choices are: MCUBOOT_USE_CC310, * MCUBOOT_USE_MBED_TLS, MCUBOOT_USE_PSA_CRYPTO. Note that support for * MCUBOOT_USE_PSA_CRYPTO is still experimental and it might not support all * the crypto abstractions that MCUBOOT_USE_MBED_TLS supports. For this @@ -32,17 +32,11 @@ #error "P384 requires PSA_CRYPTO to be defined" #endif -#if (defined(MCUBOOT_USE_TINYCRYPT) + \ - defined(MCUBOOT_USE_CC310) + \ +#if defined(MCUBOOT_USE_CC310) + \ defined(MCUBOOT_USE_PSA_OR_MBED_TLS)) != 1 - #error "One crypto backend must be defined: either CC310/TINYCRYPT/MBED_TLS/PSA_CRYPTO" + #error "One crypto backend must be defined: either CC310/MBED_TLS/PSA_CRYPTO" #endif -#if defined(MCUBOOT_USE_TINYCRYPT) - #include - #include -#endif /* MCUBOOT_USE_TINYCRYPT */ - #if defined(MCUBOOT_USE_CC310) #include #endif /* MCUBOOT_USE_CC310 */ @@ -76,7 +70,7 @@ extern "C" { #endif -#if (defined(MCUBOOT_USE_TINYCRYPT) || defined(MCUBOOT_USE_MBED_TLS) || \ +#if (defined(MCUBOOT_USE_MBED_TLS) || \ defined(MCUBOOT_USE_CC310)) && !defined(MCUBOOT_USE_PSA_CRYPTO) /* * Declaring these like this adds NULL termination. @@ -127,109 +121,7 @@ static int bootutil_import_key(uint8_t **cp, uint8_t *end) return 0; } -#endif /* (MCUBOOT_USE_TINYCRYPT || MCUBOOT_USE_MBED_TLS || MCUBOOT_USE_CC310) && !MCUBOOT_USE_PSA_CRYPTO */ - -#if defined(MCUBOOT_USE_TINYCRYPT) -#ifndef MCUBOOT_ECDSA_NEED_ASN1_SIG -/* - * cp points to ASN1 string containing an integer. - * Verify the tag, and that the length is 32 bytes. Helper function. - */ -static int bootutil_read_bigint(uint8_t i[NUM_ECC_BYTES], uint8_t **cp, uint8_t *end) -{ - size_t len; - - if (mbedtls_asn1_get_tag(cp, end, &len, MBEDTLS_ASN1_INTEGER)) { - return -3; - } - - if (len >= NUM_ECC_BYTES) { - memcpy(i, *cp + len - NUM_ECC_BYTES, NUM_ECC_BYTES); - } else { - memset(i, 0, NUM_ECC_BYTES - len); - memcpy(i + NUM_ECC_BYTES - len, *cp, len); - } - *cp += len; - return 0; -} - -/* - * Read in signature. Signature has r and s encoded as integers. Helper function. - */ -static int bootutil_decode_sig(uint8_t signature[NUM_ECC_BYTES * 2], uint8_t *cp, uint8_t *end) -{ - int rc; - size_t len; - - rc = mbedtls_asn1_get_tag(&cp, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); - if (rc) { - return -1; - } - if (cp + len > end) { - return -2; - } - - rc = bootutil_read_bigint(signature, &cp, end); - if (rc) { - return -3; - } - rc = bootutil_read_bigint(signature + NUM_ECC_BYTES, &cp, end); - if (rc) { - return -4; - } - return 0; -} -#endif /* not MCUBOOT_ECDSA_NEED_ASN1_SIG */ - -typedef uintptr_t bootutil_ecdsa_context; -static inline void bootutil_ecdsa_init(bootutil_ecdsa_context *ctx) -{ - (void)ctx; -} - -static inline void bootutil_ecdsa_drop(bootutil_ecdsa_context *ctx) -{ - (void)ctx; -} - -static inline int bootutil_ecdsa_verify(bootutil_ecdsa_context *ctx, - uint8_t *pk, size_t pk_len, - uint8_t *hash, size_t hash_len, - uint8_t *sig, size_t sig_len) -{ - int rc; - (void)ctx; - (void)pk_len; - (void)sig_len; - (void)hash_len; - - uint8_t signature[2 * NUM_ECC_BYTES]; - rc = bootutil_decode_sig(signature, sig, sig + sig_len); - if (rc) { - return -1; - } - - /* Only support uncompressed keys. */ - if (pk[0] != 0x04) { - return -1; - } - pk++; - - rc = uECC_verify(pk, hash, BOOTUTIL_CRYPTO_ECDSA_P256_HASH_SIZE, signature, uECC_secp256r1()); - if (rc != TC_CRYPTO_SUCCESS) { - return -1; - } - return 0; -} - -static inline int bootutil_ecdsa_parse_public_key(bootutil_ecdsa_context *ctx, - uint8_t **cp,uint8_t *end) -{ - (void)ctx; - return bootutil_import_key(cp, end); -} -#endif /* MCUBOOT_USE_TINYCRYPT */ +#endif /* (MCUBOOT_USE_MBED_TLS || MCUBOOT_USE_CC310) && !MCUBOOT_USE_PSA_CRYPTO */ #if defined(MCUBOOT_USE_CC310) typedef uintptr_t bootutil_ecdsa_context; diff --git a/sim/Cargo.toml b/sim/Cargo.toml index f7d3505a5..1ce2e7188 100644 --- a/sim/Cargo.toml +++ b/sim/Cargo.toml @@ -9,7 +9,6 @@ default = [] sig-rsa = ["mcuboot-sys/sig-rsa"] sig-rsa3072 = ["mcuboot-sys/sig-rsa3072"] -sig-ecdsa = ["mcuboot-sys/sig-ecdsa"] sig-ecdsa-mbedtls = ["mcuboot-sys/sig-ecdsa-mbedtls"] sig-ecdsa-psa = ["mcuboot-sys/sig-ecdsa-psa", "mcuboot-sys/psa-crypto-api"] sig-p384 = ["mcuboot-sys/sig-p384"] @@ -22,7 +21,6 @@ enc-rsa = ["mcuboot-sys/enc-rsa"] enc-aes256-rsa = ["mcuboot-sys/enc-aes256-rsa"] enc-kw = ["mcuboot-sys/enc-kw"] enc-aes256-kw = ["mcuboot-sys/enc-aes256-kw"] -enc-ec256 = ["mcuboot-sys/enc-ec256"] enc-ec256-mbedtls = ["mcuboot-sys/enc-ec256-mbedtls"] enc-aes256-ec256 = ["mcuboot-sys/enc-aes256-ec256"] enc-x25519 = ["mcuboot-sys/enc-x25519"] diff --git a/sim/mcuboot-sys/Cargo.toml b/sim/mcuboot-sys/Cargo.toml index b3e46082f..297bed38f 100644 --- a/sim/mcuboot-sys/Cargo.toml +++ b/sim/mcuboot-sys/Cargo.toml @@ -18,9 +18,6 @@ sig-rsa = [] # Verify RSA-3072 signatures. sig-rsa3072 = [] -# Verify ECDSA (secp256r1) signatures. -sig-ecdsa = [] - # Verify ECDSA (secp256r1) signatures using mbed TLS sig-ecdsa-mbedtls = [] @@ -57,9 +54,6 @@ enc-kw = [] # Encrypt image in the secondary slot using AES-256-CTR and AES-KW-256 enc-aes256-kw = [] -# Encrypt image in the secondary slot using ECIES-P256 -enc-ec256 = [] - # Encrypt image in the secondary slot using AES-256-CTR and ECIES-P256 enc-aes256-ec256 = [] diff --git a/sim/mcuboot-sys/build.rs b/sim/mcuboot-sys/build.rs index 5276fbeb7..f926c3800 100644 --- a/sim/mcuboot-sys/build.rs +++ b/sim/mcuboot-sys/build.rs @@ -13,7 +13,6 @@ fn main() { let psa_crypto_api = env::var("CARGO_FEATURE_PSA_CRYPTO_API").is_ok(); let sig_rsa = env::var("CARGO_FEATURE_SIG_RSA").is_ok(); let sig_rsa3072 = env::var("CARGO_FEATURE_SIG_RSA3072").is_ok(); - let sig_ecdsa = env::var("CARGO_FEATURE_SIG_ECDSA").is_ok(); let sig_ecdsa_mbedtls = env::var("CARGO_FEATURE_SIG_ECDSA_MBEDTLS").is_ok(); let sig_ecdsa_psa = env::var("CARGO_FEATURE_SIG_ECDSA_PSA").is_ok(); let sig_p384 = env::var("CARGO_FEATURE_SIG_P384").is_ok(); @@ -27,7 +26,6 @@ fn main() { let enc_aes256_rsa = env::var("CARGO_FEATURE_ENC_AES256_RSA").is_ok(); let enc_kw = env::var("CARGO_FEATURE_ENC_KW").is_ok(); let enc_aes256_kw = env::var("CARGO_FEATURE_ENC_AES256_KW").is_ok(); - let enc_ec256 = env::var("CARGO_FEATURE_ENC_EC256").is_ok(); let enc_ec256_mbedtls = env::var("CARGO_FEATURE_ENC_EC256_MBEDTLS").is_ok(); let enc_aes256_ec256 = env::var("CARGO_FEATURE_ENC_AES256_EC256").is_ok(); let enc_x25519 = env::var("CARGO_FEATURE_ENC_X25519").is_ok(); @@ -91,13 +89,13 @@ fn main() { } // Currently no more than one sig type can be used simultaneously. - if vec![sig_rsa, sig_rsa3072, sig_ecdsa, sig_ed25519].iter() + if vec![sig_rsa, sig_rsa3072, sig_ed25519].iter() .fold(0, |sum, &v| sum + v as i32) > 1 { panic!("mcuboot does not support more than one sig type at the same time"); } if psa_crypto_api { - if sig_ecdsa || enc_ec256 || enc_x25519 || + if enc_x25519 || enc_aes256_ec256 || sig_ecdsa_mbedtls || enc_aes256_x25519 || enc_kw || enc_aes256_kw { conf.file("csupport/psa_crypto_init_stub.c"); @@ -184,24 +182,6 @@ fn main() { conf.file("../../ext/mbedtls/library/asn1parse.c"); conf.file("../../ext/mbedtls/library/md.c"); - } else if sig_ecdsa { - conf.conf.define("MCUBOOT_SIGN_EC256", None); - conf.conf.define("MCUBOOT_USE_TINYCRYPT", None); - - if !enc_kw { - conf.conf.include("../../ext/mbedtls/include"); - } - conf.conf.include("../../ext/tinycrypt/lib/include"); - - conf.file("csupport/keys.c"); - - conf.file("../../ext/tinycrypt/lib/source/utils.c"); - conf.file("../../ext/tinycrypt/lib/source/sha256.c"); - conf.file("../../ext/tinycrypt/lib/source/ecc.c"); - conf.file("../../ext/tinycrypt/lib/source/ecc_dsa.c"); - conf.file("../../ext/tinycrypt/lib/source/ecc_platform_specific.c"); - conf.file("../../ext/mbedtls/library/platform_util.c"); - conf.file("../../ext/mbedtls/library/asn1parse.c"); } else if sig_ecdsa_mbedtls { conf.conf.define("MCUBOOT_SIGN_EC256", None); conf.conf.define("MCUBOOT_USE_MBED_TLS", None); @@ -255,7 +235,7 @@ fn main() { conf.file("../../ext/fiat/src/curve25519.c"); conf.file("../../ext/mbedtls/library/platform_util.c"); conf.file("../../ext/mbedtls/library/asn1parse.c"); - } else if !enc_ec256 && !enc_x25519 { + } else if !enc_x25519 { // No signature type, only sha256 validation. The default // configuration file bundled with mbedTLS is sufficient. // When using ECIES-P256 rely on Tinycrypt. @@ -331,52 +311,12 @@ fn main() { conf.file("../../ext/mbedtls/library/cipher_wrap.c"); conf.file("../../ext/mbedtls/library/aes.c"); - if sig_ecdsa { - conf.conf.define("MCUBOOT_USE_TINYCRYPT", None); - - conf.conf.include("../../ext/tinycrypt/lib/include"); - - conf.file("../../ext/tinycrypt/lib/source/utils.c"); - conf.file("../../ext/tinycrypt/lib/source/sha256.c"); - conf.file("../../ext/tinycrypt/lib/source/aes_encrypt.c"); - conf.file("../../ext/tinycrypt/lib/source/aes_decrypt.c"); - conf.file("../../ext/tinycrypt/lib/source/ctr_mode.c"); - } - if sig_ed25519 { panic!("ed25519 does not support image encryption with KW yet"); } } - if enc_ec256 { - conf.conf.define("MCUBOOT_ENCRYPT_EC256", None); - conf.conf.define("MCUBOOT_ENC_IMAGES", None); - conf.conf.define("MCUBOOT_USE_TINYCRYPT", None); - conf.conf.define("MCUBOOT_SWAP_SAVE_ENCTLV", None); - - conf.file("../../boot/bootutil/src/encrypted.c"); - conf.file("csupport/keys.c"); - - conf.conf.include("../../ext/mbedtls/include"); - conf.conf.include("../../ext/tinycrypt/lib/include"); - - /* FIXME: fail with other signature schemes ? */ - - conf.file("../../ext/tinycrypt/lib/source/utils.c"); - conf.file("../../ext/tinycrypt/lib/source/sha256.c"); - conf.file("../../ext/tinycrypt/lib/source/ecc.c"); - conf.file("../../ext/tinycrypt/lib/source/ecc_dsa.c"); - conf.file("../../ext/tinycrypt/lib/source/ecc_platform_specific.c"); - - conf.file("../../ext/mbedtls/library/platform_util.c"); - conf.file("../../ext/mbedtls/library/asn1parse.c"); - - conf.file("../../ext/tinycrypt/lib/source/aes_encrypt.c"); - conf.file("../../ext/tinycrypt/lib/source/aes_decrypt.c"); - conf.file("../../ext/tinycrypt/lib/source/ctr_mode.c"); - conf.file("../../ext/tinycrypt/lib/source/hmac.c"); - conf.file("../../ext/tinycrypt/lib/source/ecc_dh.c"); - } else if enc_ec256_mbedtls || enc_aes256_ec256 { + if enc_ec256_mbedtls || enc_aes256_ec256 { if enc_aes256_ec256 { conf.conf.define("MCUBOOT_AES_256", None); } @@ -458,8 +398,6 @@ fn main() { conf.conf.define("MBEDTLS_CONFIG_FILE", Some("")); } else if sig_ecdsa_mbedtls || enc_ec256_mbedtls || enc_aes256_ec256 { conf.conf.define("MBEDTLS_CONFIG_FILE", Some("")); - } else if (sig_ecdsa || enc_ec256) && !enc_kw { - conf.conf.define("MBEDTLS_CONFIG_FILE", Some("")); } else if sig_ed25519 || enc_x25519 { conf.conf.define("MBEDTLS_CONFIG_FILE", Some("")); } else if enc_kw || enc_aes256_kw { @@ -476,7 +414,7 @@ fn main() { conf.file("../../boot/bootutil/src/bootutil_img_security_cnt.c"); if sig_rsa || sig_rsa3072 { conf.file("../../boot/bootutil/src/image_rsa.c"); - } else if sig_ecdsa || sig_ecdsa_mbedtls || sig_ecdsa_psa { + } else if sig_ecdsa_mbedtls || sig_ecdsa_psa { conf.file("../../boot/bootutil/src/image_ecdsa.c"); } else if sig_ed25519 { conf.file("../../boot/bootutil/src/image_ed25519.c");