From 3eb0b8da3651571e7affb6ed0a901d41b2461f78 Mon Sep 17 00:00:00 2001 From: Dominik Ermel Date: Fri, 2 Aug 2024 14:48:15 +0000 Subject: [PATCH] bootutil: Add SIG_PURE TLV The commit adds SIG_PURE TLV that should be used as TLV indicating that the signature attached to image has been calculated over entire image, rather than digest of image. This is generic flag as the "pure" usage may be applied to, potentially, any signature algorithm. Signed-off-by: Dominik Ermel --- boot/bootutil/include/bootutil/image.h | 3 +++ scripts/imgtool/image.py | 1 + 2 files changed, 4 insertions(+) diff --git a/boot/bootutil/include/bootutil/image.h b/boot/bootutil/include/bootutil/image.h index 3e03f80dd..72a41c95d 100644 --- a/boot/bootutil/include/bootutil/image.h +++ b/boot/bootutil/include/bootutil/image.h @@ -101,6 +101,9 @@ struct flash_area; #define IMAGE_TLV_ECDSA_SIG 0x22 /* ECDSA of hash output */ #define IMAGE_TLV_RSA3072_PSS 0x23 /* RSA3072 of hash output */ #define IMAGE_TLV_ED25519 0x24 /* ed25519 of hash output */ +#define IMAGE_TLV_SIG_PURE 0x25 /* Indicator that attached signature has been prepared + * over image rather than its digest. + */ #define IMAGE_TLV_ENC_RSA2048 0x30 /* Key encrypted with RSA-OAEP-2048 */ #define IMAGE_TLV_ENC_KW 0x31 /* Key encrypted with AES-KW 128 or 256*/ #define IMAGE_TLV_ENC_EC256 0x32 /* Key encrypted with ECIES-EC256 */ diff --git a/scripts/imgtool/image.py b/scripts/imgtool/image.py index 5c4732b53..bb63f30c0 100644 --- a/scripts/imgtool/image.py +++ b/scripts/imgtool/image.py @@ -69,6 +69,7 @@ 'ECDSASIG': 0x22, 'RSA3072': 0x23, 'ED25519': 0x24, + 'SIG_PURE': 0x25, 'ENCRSA2048': 0x30, 'ENCKW': 0x31, 'ENCEC256': 0x32,