Skip to content

Commit 04c71e3

Browse files
de-nordicnvlsianpu
de-nordic
authored and
nvlsianpu
committed
[nrf fromtree] zephyr: Add missing selection for allowed SHA algorithms
All of ED25519 backends allow SHA512, together with SHA512. The ED25519 internally requires SHA512 for calculations, but image may be hashed with any SHA algorithm. The PSA has also been missing selecting of any SHA as allowed. Signed-off-by: Dominik Ermel <[email protected]> (cherry picked from commit e5d8640)
1 parent de7aeef commit 04c71e3

File tree

1 file changed

+7
-2
lines changed

1 file changed

+7
-2
lines changed

boot/zephyr/Kconfig

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -290,11 +290,13 @@ choice BOOT_ED25519_IMPLEMENTATION
290290
config BOOT_ED25519_TINYCRYPT
291291
bool "Use tinycrypt"
292292
select BOOT_USE_TINYCRYPT
293+
select BOOT_IMG_HASH_ALG_SHA256_ALLOW
293294
select BOOT_IMG_HASH_ALG_SHA512_ALLOW
294295

295296
config BOOT_ED25519_MBEDTLS
296297
bool "Use mbedTLS"
297298
select BOOT_USE_MBEDTLS
299+
select BOOT_IMG_HASH_ALG_SHA256_ALLOW
298300
select BOOT_IMG_HASH_ALG_SHA512_ALLOW
299301
select MBEDTLS
300302
select MBEDTLS_SHA512
@@ -305,10 +307,13 @@ config BOOT_ED25519_PSA
305307
bool "Use PSA crypto"
306308
select MBEDTLS
307309
select BOOT_USE_PSA_CRYPTO
308-
select MBEDTLS_PSA_CRYPTO_C
309-
select MBEDTLS_ASN1_PARSE_C if MBEDTLS_BUILTIN
310310
select PSA_CRYPTO_CLIENT
311311
select PSA_CRYPTO_C
312+
select MBEDTLS_PSA_CRYPTO_C
313+
select MBEDTLS_ASN1_PARSE_C if MBEDTLS_BUILTIN
314+
select MBEDTLS_ENABLE_HEAP
315+
select BOOT_IMG_HASH_ALG_SHA256_ALLOW
316+
select BOOT_IMG_HASH_ALG_SHA512_ALLOW
312317
select BOOT_ED25519_PSA_DEPENDENCIES
313318
select BOOT_X25519_PSA_DEPENDENCIES if BOOT_ENCRYPT_IMAGE
314319

0 commit comments

Comments
 (0)