-
Notifications
You must be signed in to change notification settings - Fork 218
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ED25519 implementation with SHA512 + support to calculate SHA512 directly on storage + PureEdDSA #325
Conversation
I was finally able to develop the imgtool version that does the single hash ed25519. The problem is that while imgtool is able to verify signed image fine, the MCUboot is not. I am trying to figure out what is happening. |
4631e1b
to
8c7f38c
Compare
cd55052
to
e44f620
Compare
e44f620
to
6c8f526
Compare
boot/bootutil/zephyr/CMakeLists.txt
Outdated
target_include_directories(MCUBOOT_BOOTUTIL INTERFACE | ||
${ZEPHYR_MBEDTLS_MODULE_DIR}/include | ||
) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
2 space indent for cmake
boot/zephyr/CMakeLists.txt
Outdated
zephyr_library_include_directories( | ||
${ZEPHYR_MBEDTLS_MODULE_DIR}/include | ||
) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
etc.
boot/zephyr/Kconfig
Outdated
@@ -27,6 +27,16 @@ config BOOT_USE_MBEDTLS | |||
help | |||
Use mbedTLS for crypto primitives. | |||
|
|||
config BOOT_USE_PSA_CRYPTO | |||
bool | |||
# Hidden option |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
# Hidden option |
boot/zephyr/Kconfig
Outdated
@@ -60,6 +70,58 @@ config NRF_CC310_BL | |||
bool | |||
default n | |||
|
|||
if BOOT_USE_PSA_CRYPTO | |||
config BOOT_PSA_IMG_HASH_ALG_SHA256_DEPENDENCIES |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
newline gap
boot/zephyr/Kconfig
Outdated
Dependencies for ed25519 signature | ||
|
||
if BOOT_ENCRYPT_IMAGE | ||
config BOOT_X25519_PSA_DEPENDENCIES |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
etc.
boot/bootutil/src/ed25519_psa.c
Outdated
const uint8_t signature[64], | ||
const uint8_t public_key[32]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
use defines from above
boot/bootutil/src/encrypted_psa.c
Outdated
&buf[EC_CIPHERKEY_INDEX], | ||
sizeof(iv_and_key) - PSA_CIPHER_IV_LENGTH(PSA_KEY_TYPE_AES, PSA_ALG_CTR)); | ||
|
||
/* QQQ: are we sure that enckey has the size proper to fit the key ? */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should these comments be addressed/looked at?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed. The comments are note for improvement, where MCUboot has very poor "management" of various identifiers/constants that are hard to track.
boot/bootutil/src/image_validate.c
Outdated
@@ -126,6 +128,15 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index, | |||
/* If protected TLVs are present they are also hashed. */ | |||
size += hdr->ih_protect_tlv_size; | |||
|
|||
#ifdef MCUBOOT_HASH_STORAGE_DIRECTLY | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
boot/bootutil/src/image_validate.c
Outdated
* be directly given to hashing function. | ||
*/ | ||
bootutil_sha_update(&sha_ctx, (void *)flash_area_get_off(fap), size); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
boot/bootutil/src/image_validate.c
Outdated
bootutil_sha_update(&sha_ctx, (void *)flash_area_get_off(fap), size); | ||
|
||
#else /* MCUBOOT_HASH_STORAGE_DIRECTLY */ | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not resolved
boot/bootutil/src/image_ed25519.c
Outdated
uint8_t *pubkey; | ||
uint8_t *end; | ||
|
||
if (slen != 64) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
use define
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
uint16_t len; | ||
int32_t rc; | ||
|
||
rc = bootutil_tlv_iter_begin(&it, hdr, fap, IMAGE_TLV_SIG_PURE, false); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
security vulnerability: this can reside in protected or unprotected TLV section, so someone can manipulate an image to either have or not have this from an update that has the inverse - can that cause problems? And why is this not forced to protected area?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This only indicates that image is build with pure signature, if you turn this off the MCUboot that was build for pure will just not validate image as it expects "pure image"; if you pass image with this to something that does not understand pure, the chances of validation are slim, because it will just try to validate sha against pure signature.
The real reason for this is to be able to distinguish between images, because otherwise you can not tell the signatures apart, when trying to solve issues.
c81af6d
to
04ae52b
Compare
Use SHA512 directly calculated over image with the ED25519 signature. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
04ae52b
to
2fe6162
Compare
boot/bootutil/src/image_validate.c
Outdated
bootutil_sha_update(&sha_ctx, (void *)flash_area_get_off(fap), size); | ||
|
||
#else /* MCUBOOT_HASH_STORAGE_DIRECTLY */ | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not resolved
@@ -137,8 +137,18 @@ | |||
#endif | |||
|
|||
#ifdef CONFIG_BOOT_DECOMPRESSION | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Moved after the ifdef, to separate blocks.
boot/bootutil/src/image_validate.c
Outdated
@@ -566,8 +613,12 @@ bootutil_img_validate(struct enc_key_data *enc_state, int image_index, | |||
} | |||
|
|||
image_hash_valid = 1; | |||
break; | |||
} | |||
#endif /*def EXPECTED_HASH_TLV */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
defined(condition)
also missing correct conditions
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed.
2fe6162
to
5c7304a
Compare
#ifdef MCUBOOT_ENC_IMAGES | ||
#error "Direct hash check is currently not supported when encrypted images are enabled" | ||
#endif |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this check can go really, it's already enforced by Kconfig, doesn't make sense to check for something that isn't possible
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed, although I must admit that I do like to check these things also in code, at compile-time.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK once unneeded check is dropped
The commit add support for passing storage device address space to hash calculation functions, which allows to use hardware accelerated hash calculation on storage. This feature only works when image encryption is not enabled and all slots are defined within internal storage of device. The feature is enabled using Kconfig option CONFIG_BOOT_IMG_HASH_DIRECTLY_ON_STORAGE Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds support for PureEdDSA, which validates signature of image rather than hash. This is most secure, available, ED25519 usage in MCUboot, but due to requirement of PureEdDSA to be able to calculate signature at whole message at once, here image, it only works on setups where entire image can be mapped to device address space, so that PSA functions calculating the signature can see the whole image at once. This option is enabled with Kconfig option: CONFIG_BOOT_SIGNATURE_TYPE_PURE when the ED25519 signature type is already selected. Note that the option will enable SHA512 for calculating public key hash. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
5c7304a
to
705739c
Compare
Only top four commits are relevant here, the rest are changes the PR is based on ( #323)
The PR provides:
Note that there is upstream PR for imgtool that supports this changes:
mcu-tools/mcuboot#2063
and PR that reserves the TLV
mcu-tools/mcuboot#2029
in upstream, so that we do not get in conflict with definitions before we are able to upstream the code.
Placed on top of #323