Add Zephyr infrastructure for ed25519

Signed-off-by: Fabio Utzig <[email protected]>

Author: utzig

boot/zephyr/CMakeLists.txt

@@ -62,6 +62,9 @@ get_filename_component(MCUBOOT_DIR ${BOOT_DIR} DIRECTORY)
 # Path to tinycrypt library source subdirectory of MCUBOOT_DIR.
 set(TINYCRYPT_DIR "${MCUBOOT_DIR}/ext/tinycrypt/lib")
 assert_exists(TINYCRYPT_DIR)
+# Path to crypto-fiat
+set(FIAT_DIR "${MCUBOOT_DIR}/ext/fiat")
+assert_exists(FIAT_DIR)
 # Path to mbed-tls' asn1 parser library.
 set(MBEDTLS_ASN1_DIR "${MCUBOOT_DIR}/ext/mbedtls")
 assert_exists(MBEDTLS_ASN1_DIR)
@@ -105,6 +108,7 @@ zephyr_library_sources(
   ${BOOT_DIR}/bootutil/src/encrypted.c
   ${BOOT_DIR}/bootutil/src/image_rsa.c
   ${BOOT_DIR}/bootutil/src/image_ec256.c
+  ${BOOT_DIR}/bootutil/src/image_ed25519.c
   ${BOOT_DIR}/bootutil/src/caps.c
   )
 
@@ -146,6 +150,18 @@ elseif(CONFIG_BOOT_SIGNATURE_TYPE_RSA)
   # Use mbedTLS provided by Zephyr for RSA signatures. (Its config file
   # is set using Kconfig.)
   zephyr_include_directories(include)
+elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519)
+  # For ed25519, mbedTLS is used for ASN1 parsing and SHA512
+  zephyr_include_directories(include)
+
+  zephyr_library_include_directories(
+    ${BOOT_DIR}/zephyr/include
+    ${FIAT_DIR}/include/
+  )
+
+  zephyr_library_sources(
+    ${FIAT_DIR}/src/curve25519.c
+  )
 endif()
 
 if(CONFIG_MCUBOOT_SERIAL)

boot/zephyr/Kconfig

@@ -76,6 +76,11 @@ endif
 config BOOT_SIGNATURE_TYPE_ECDSA_P256
 	bool "Elliptic curve digital signatures with curve P-256"
 
+config BOOT_SIGNATURE_TYPE_ED25519
+	bool "Edwards curve digital signatures using ed25519"
+	select BOOT_USE_MBEDTLS
+	select MBEDTLS
+
 if BOOT_SIGNATURE_TYPE_ECDSA_P256
 choice
 	prompt "Ecdsa implementation"

boot/zephyr/include/config-ed25519.h

@@ -0,0 +1,76 @@
+/*
+ *  Configuration of mbedTLS containing only the ASN.1 parser.
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  Copyright (C) 2016, Linaro Ltd
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * Minimal configuration for using TLS in the bootloader
+ *
+ * - ed25519 signature verification
+ */
+
+#ifndef MCUBOOT_MBEDTLS_CONFIG_ED25519
+#define MCUBOOT_MBEDTLS_CONFIG_ED25519
+
+#ifdef CONFIG_MCUBOOT_SERIAL
+/* Mcuboot uses mbedts-base64 for serial protocol encoding. */
+#define MBEDTLS_BASE64_C
+#endif
+
+/* System support */
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+
+/* STD functions */
+#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+
+#define MBEDTLS_PLATFORM_EXIT_ALT
+#define MBEDTLS_PLATFORM_PRINTF_ALT
+#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+
+#if !defined(CONFIG_ARM)
+#define MBEDTLS_HAVE_ASM
+#endif
+
+/* mbed TLS modules */
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA512_C
+#define MBEDTLS_AES_C
+
+/* Save RAM by adjusting to our exact needs */
+//#define MBEDTLS_ECP_MAX_BITS             2048
+
+#define MBEDTLS_MPI_MAX_SIZE              64
+
+//#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
+
+/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
+#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
+
+#include "mbedtls/check_config.h"
+
+#endif /* MCUBOOT_MBEDTLS_CONFIG_RSA */

boot/zephyr/include/mcuboot-mbedtls-cfg.h

@@ -25,6 +25,8 @@
 #include "config-rsa.h"
 #elif defined(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256)
 #include "config-asn1.h"
+#elif defined(CONFIG_BOOT_SIGNATURE_TYPE_ED25519)
+#include "config-ed25519.h"
 #else
 #error "Cannot configure mbedTLS; signature type is unknown."
 #endif

boot/zephyr/include/mcuboot_config/mcuboot_config.h

@@ -28,6 +28,8 @@
 #  endif
 #elif defined(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256)
 #define MCUBOOT_SIGN_EC256
+#elif defined(CONFIG_BOOT_SIGNATURE_TYPE_ED25519)
+#define MCUBOOT_SIGN_ED25519
 #endif
 
 #ifdef CONFIG_BOOT_USE_MBEDTLS

boot/zephyr/keys.c

@@ -36,6 +36,10 @@ extern unsigned int rsa_pub_key_len;
 #define HAVE_KEYS
 extern const unsigned char ecdsa_pub_key[];
 extern unsigned int ecdsa_pub_key_len;
+#elif defined(MCUBOOT_SIGN_ED25519)
+#define HAVE_KEYS
+extern const unsigned char ed25519_pub_key[];
+extern unsigned int ed25519_pub_key_len;
 #else
 #error "No public key available for given signing algorithm."
 #endif
@@ -54,6 +58,9 @@ const struct bootutil_key bootutil_keys[] = {
 #elif defined(MCUBOOT_SIGN_EC256)
         .key = ecdsa_pub_key,
         .len = &ecdsa_pub_key_len,
+#elif defined(MCUBOOT_SIGN_ED25519)
+        .key = ed25519_pub_key,
+        .len = &ed25519_pub_key_len,
 #endif
     },
 };

boot/zephyr/prj.conf

@@ -14,6 +14,7 @@ CONFIG_BOOT_BOOTSTRAP=n
 CONFIG_BOOT_SIGNATURE_TYPE_RSA=y
 CONFIG_BOOT_SIGNATURE_TYPE_RSA_LEN=2048
 CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=n
+CONFIG_BOOT_SIGNATURE_TYPE_ED25519=n
 
 ### The bootloader generates its own signature verification based on a
 ### key file which needs to be provided and needs to match the selected signing
@@ -22,6 +23,7 @@ CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=n
 CONFIG_BOOT_SIGNATURE_KEY_FILE="root-rsa-2048.pem"
 #CONFIG_BOOT_SIGNATURE_KEY_FILE="root-rsa-3072.pem"
 #CONFIG_BOOT_SIGNATURE_KEY_FILE="root-ec-p256.pem"
+#CONFIG_BOOT_SIGNATURE_KEY_FILE="root-ed25519.pem"
 
 ### mbedTLS has its own heap
 # CONFIG_HEAP_MEM_POOL_SIZE is not set