Revert "[nrf noup] bootutil: Add support for KMU stored ED25519 signature key"

tomchy · rlubos · commit ca06ffbaf6d5 · 2025-09-10T11:28:09.000+02:00
This reverts commit 26192ca. Signed-off-by: Tomasz Chyrowicz <tomasz.chyrowicz@nordicsemi.no>
diff --git a/boot/bootutil/src/ed25519_psa.c b/boot/bootutil/src/ed25519_psa.c
@@ -12,28 +12,13 @@
 
 #include <psa/crypto.h>
 #include <psa/crypto_types.h>
-#if defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
-#include <cracen_psa_kmu.h>
-#endif
 
 BOOT_LOG_MODULE_REGISTER(ed25519_psa);
 
 #define SHA512_DIGEST_LENGTH    64
 #define EDDSA_KEY_LENGTH        32
 #define EDDSA_SIGNAGURE_LENGTH  64
 
-#if defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
-/* List of KMU stored key ids available for MCUboot */
-#define MAKE_PSA_KMU_KEY_ID(id) PSA_KEY_HANDLE_FROM_CRACEN_KMU_SLOT(CRACEN_KMU_KEY_USAGE_SCHEME_RAW, id)
-static psa_key_id_t kmu_key_ids[3] =  {
-    MAKE_PSA_KMU_KEY_ID(226),
-    MAKE_PSA_KMU_KEY_ID(228),
-    MAKE_PSA_KMU_KEY_ID(230)
-};
-#define KMU_KEY_COUNT (sizeof(kmu_key_ids)/sizeof(kmu_key_ids[0]))
-#endif
-
-#if !defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
 int ED25519_verify(const uint8_t *message, size_t message_len,
                    const uint8_t signature[EDDSA_SIGNAGURE_LENGTH],
                    const uint8_t public_key[EDDSA_KEY_LENGTH])
@@ -86,39 +71,3 @@ int ED25519_verify(const uint8_t *message, size_t message_len,
 
     return ret;
 }
-#else
-int ED25519_verify(const uint8_t *message, size_t message_len,
-                          const uint8_t signature[EDDSA_SIGNAGURE_LENGTH],
-                          const uint8_t public_key[EDDSA_KEY_LENGTH])
-{
-    ARG_UNUSED(public_key);
-    /* Set to any error */
-    psa_status_t status = PSA_ERROR_BAD_STATE;
-    int ret = 0;        /* Fail by default */
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS) {
-        BOOT_LOG_ERR("PSA crypto init failed %d", status);
-        return 0;
-    }
-
-    status = PSA_ERROR_BAD_STATE;
-
-    for (int i = 0; i < KMU_KEY_COUNT; ++i) {
-        psa_key_id_t kid = kmu_key_ids[i];
-
-        status = psa_verify_message(kid, PSA_ALG_PURE_EDDSA, message,
-                                    message_len, signature,
-                                    EDDSA_SIGNAGURE_LENGTH);
-        if (status == PSA_SUCCESS) {
-            ret = 1;
-            break;
-        }
-
-        BOOT_LOG_ERR("ED25519 signature verification failed %d", status);
-    }
-
-    return ret;
-}
-#endif
diff --git a/boot/bootutil/src/image_ed25519.c b/boot/bootutil/src/image_ed25519.c
@@ -34,7 +34,6 @@ extern int ED25519_verify(const uint8_t *message, size_t message_len,
                           const uint8_t signature[EDDSA_SIGNATURE_LENGTH],
                           const uint8_t public_key[NUM_ED25519_BYTES]);
 
-#if !defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
 #if !defined(MCUBOOT_KEY_IMPORT_BYPASS_ASN)
 /*
  * Parse the public key used for signing.
@@ -77,7 +76,6 @@ bootutil_import_key(uint8_t **cp, uint8_t *end)
     return 0;
 }
 #endif /* !defined(MCUBOOT_KEY_IMPORT_BYPASS_ASN) */
-#endif
 
 /* Signature verification base function.
  * The function takes buffer of specified length and tries to verify
@@ -92,10 +90,8 @@ bootutil_verify(uint8_t *buf, uint32_t blen,
 {
     int rc;
     FIH_DECLARE(fih_rc, FIH_FAILURE);
-    uint8_t *pubkey = NULL;
-#if !defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
+    uint8_t *pubkey;
     uint8_t *end;
-#endif
 
     BOOT_LOG_DBG("bootutil_verify: ED25519 key_id %d", (int)key_id);
 
@@ -106,7 +102,6 @@ bootutil_verify(uint8_t *buf, uint32_t blen,
         goto out;
     }
 
-#if !defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
     pubkey = (uint8_t *)bootutil_keys[key_id].key;
     end = pubkey + *bootutil_keys[key_id].len;
 
@@ -130,8 +125,6 @@ bootutil_verify(uint8_t *buf, uint32_t blen,
     }
 
     pubkey = end - NUM_ED25519_BYTES;
-#endif
-
 #endif
 
     rc = ED25519_verify(buf, blen, sig, pubkey);
diff --git a/boot/bootutil/src/image_validate.c b/boot/bootutil/src/image_validate.c
@@ -292,7 +292,6 @@ bootutil_img_hash(struct boot_loader_state *state,
 #   define KEY_BUF_SIZE         (SIG_BUF_SIZE + 24)
 #endif /* !MCUBOOT_HW_KEY */
 
-#if !defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
 #if !defined(MCUBOOT_HW_KEY)
 static int
 bootutil_find_key(uint8_t *keyhash, uint8_t keyhash_len)
@@ -361,7 +360,6 @@ bootutil_find_key(uint8_t image_index, uint8_t *key, uint16_t key_len)
 }
 #endif /* !MCUBOOT_HW_KEY */
 #endif /* !MCUBOOT_BUILTIN_KEY */
-#endif /* !defined(CONFIG_BOOT_SIGNATURE_USING_KMU) */
 #endif /* EXPECTED_SIG_TLV */
 
 /**
@@ -734,7 +732,6 @@ bootutil_img_validate(struct boot_loader_state *state,
             break;
         }
 #endif /* defined(EXPECTED_HASH_TLV) && !defined(MCUBOOT_SIGN_PURE) */
-#if !defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
 #ifdef EXPECTED_KEY_TLV
         case EXPECTED_KEY_TLV:
         {
@@ -766,18 +763,15 @@ bootutil_img_validate(struct boot_loader_state *state,
             break;
         }
 #endif /* EXPECTED_KEY_TLV */
-#endif /* !defined(CONFIG_BOOT_SIGNATURE_USING_KMU) */
 #ifdef EXPECTED_SIG_TLV
         case EXPECTED_SIG_TLV:
         {
             BOOT_LOG_DBG("bootutil_img_validate: EXPECTED_SIG_TLV == %d", EXPECTED_SIG_TLV);
-#if !defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
             /* Ignore this signature if it is out of bounds. */
             if (key_id < 0 || key_id >= bootutil_key_cnt) {
                 key_id = -1;
                 continue;
             }
-#endif /* !defined(CONFIG_BOOT_SIGNATURE_USING_KMU) */
             if (!EXPECTED_SIG_LEN(len) || len > sizeof(buf)) {
                 rc = -1;
                 goto out;
@@ -952,7 +946,7 @@ bootutil_img_validate(struct boot_loader_state *state,
         }
 
 #ifdef EXPECTED_SIG_TLV
-#if !defined(CONFIG_BOOT_SIGNATURE_USING_KMU) && defined(EXPECTED_KEY_TLV)
+#ifdef EXPECTED_KEY_TLV
         rc = bootutil_tlv_iter_begin(&it, hdr, fap, EXPECTED_KEY_TLV, false);
         if (rc) {
             goto out;
@@ -998,7 +992,7 @@ bootutil_img_validate(struct boot_loader_state *state,
                  */
             }
         }
-#endif /* !CONFIG_BOOT_SIGNATURE_USING_KMU && EXPECTED_KEY_TLV */
+#endif /* EXPECTED_KEY_TLV */
 
         rc = bootutil_tlv_iter_begin(&it, hdr, fap, IMAGE_TLV_DECOMP_SIGNATURE, true);
         if (rc) {
@@ -1021,12 +1015,10 @@ bootutil_img_validate(struct boot_loader_state *state,
 
             if (type == IMAGE_TLV_DECOMP_SIGNATURE) {
                 /* Ignore this signature if it is out of bounds. */
-#if !defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
                 if (key_id < 0 || key_id >= bootutil_key_cnt) {
                     key_id = -1;
                     continue;
                 }
-#endif
 
                 if (!EXPECTED_SIG_LEN(len) || len > sizeof(buf)) {
                     rc = -1;
diff --git a/boot/zephyr/CMakeLists.txt b/boot/zephyr/CMakeLists.txt
@@ -361,7 +361,7 @@ if(CONFIG_MCUBOOT_SERIAL)
   endif()
 endif()
 
-if(NOT CONFIG_BOOT_SIGNATURE_USING_KMU AND NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "")
+if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "")
   # CONF_FILE points to the KConfig configuration files of the bootloader.
   foreach (filepath ${CONF_FILE})
     file(READ ${filepath} temp_text)
diff --git a/boot/zephyr/Kconfig b/boot/zephyr/Kconfig
@@ -384,22 +384,6 @@ endif
 
 endchoice
 
-config BOOT_SIGNATURE_USING_KMU
-	bool "Use KMU stored keys for signature verification"
-	depends on NRF_SECURITY
-	depends on CRACEN_LIB_KMU
-	select PSA_WANT_ALG_GCM
-	select PSA_WANT_KEY_TYPE_AES
-	select PSA_WANT_AES_KEY_SIZE_256
-	select PSA_WANT_ALG_SP800_108_COUNTER_CMAC
-	select PSA_WANT_ALG_CMAC
-	select PSA_WANT_ALG_ECB_NO_PADDING
-	help
-	  MCUboot will use keys provisioned to the device key management unit for signature
-	  verification instead of compiling in key data from a file.
-
-if !BOOT_SIGNATURE_USING_KMU
-
 config BOOT_SIGNATURE_KEY_FILE
 	string "PEM key file"
 	default "root-ec-p256.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256
@@ -417,8 +401,6 @@ config BOOT_SIGNATURE_KEY_FILE
 	  with the public key information will be written in a format expected by
 	  MCUboot.
 
-endif
-
 config MCUBOOT_CLEANUP_ARM_CORE
 	bool "Perform core cleanup before chain-load the application"
 	depends on CPU_CORTEX_M
@@ -455,14 +437,6 @@ config MCUBOOT_INFINITE_LOOP_AFTER_RAM_CLEANUP
 	  Verification option that keeps execution in infinite loop after
 	  RAM cleanup has been performed.
 
-# Disable MBEDTLS from being selected if NRF_SECURITY is enabled, and use default NRF_SECURITY
-# configuration file for MBEDTLS
-config MBEDTLS
-	depends on !NRF_SECURITY
-
-config NRF_SECURITY
-	select MBEDTLS_PROMPTLESS
-
 config MBEDTLS_CFG_FILE
 	# It might be awkward to define an Mbed TLS header file when TinyCrypt
 	# is used, but the fact is that Mbed TLS' ASN1 parse module is used
