@@ -31,6 +31,12 @@ extern "C" {
3131
3232#include <stdint.h>
3333#ifdef __WOLFBOOT
34+ /* Either hand-craft a device target.h file in [WOLFBOOT_ROOT]/include
35+ * or let build process auto-create one from .config file or cmake presets.
36+ *
37+ * See template: [WOLFBOOT_ROOT]/include/target.h.in
38+ * or unit test: [WOLFBOOT_ROOT]/tools/unit-tests/target.h
39+ */
3440#include "target.h"
3541#endif
3642#include "wolfboot/version.h"
@@ -93,8 +99,49 @@ extern "C" {
9399
94100
95101#ifndef IMAGE_HEADER_SIZE
96- # define IMAGE_HEADER_SIZE 256
97- #endif
102+ /* Largest cases first */
103+ # if defined(WOLFBOOT_SIGN_RSA4096 )
104+ # define IMAGE_HEADER_SIZE 1024
105+
106+ /* RSA3072 + strong hash */
107+ # elif (defined(WOLFBOOT_SIGN_RSA3072 ) && \
108+ (defined(WOLFBOOT_HASH_SHA384 ) || defined(WOLFBOOT_HASH_SHA3_384 )))
109+ # define IMAGE_HEADER_SIZE 1024
110+
111+ /* RSA2048 + SHA256 */
112+ # elif defined(WOLFBOOT_SIGN_RSA2048 ) && defined(WOLFBOOT_HASH_SHA256 )
113+ # define IMAGE_HEADER_SIZE 512
114+
115+ /* ECC384 requires 512 with SHA256 */
116+ # elif defined(WOLFBOOT_SIGN_ECC384 ) && defined(WOLFBOOT_HASH_SHA256 )
117+ # define IMAGE_HEADER_SIZE 512
118+
119+ /* ED25519 + any 384-bit or SHA3 hash */
120+ # elif defined(WOLFBOOT_SIGN_ED25519 ) && \
121+ (defined(WOLFBOOT_HASH_SHA384 ) || \
122+ defined(WOLFBOOT_HASH_SHA3 ) || \
123+ defined(WOLFBOOT_HASH_SHA3_384 ))
124+ # define IMAGE_HEADER_SIZE 256
125+
126+ /* ECC256 + any 384-bit hash */
127+ # elif defined(WOLFBOOT_SIGN_ECC256 ) && \
128+ (defined(WOLFBOOT_HASH_SHA384 ) || defined(WOLFBOOT_HASH_SHA3_384 ))
129+ # define IMAGE_HEADER_SIZE 256
130+
131+ /* Secondary 512-byte fallbacks */
132+ # elif defined(WOLFBOOT_SIGN_RSA3072 ) || \
133+ defined(WOLFBOOT_SIGN_ECC521 ) || \
134+ defined(WOLFBOOT_SIGN_ED448 ) || \
135+ defined(WOLFBOOT_HASH_SHA384 ) || \
136+ defined(WOLFBOOT_HASH_SHA3_384 )
137+ # define IMAGE_HEADER_SIZE 512
138+
139+ /* Default header size */
140+ # else
141+ # define IMAGE_HEADER_SIZE 256
142+ # endif
143+
144+ #endif /* IMAGE_HEADER_SIZE */
98145#define IMAGE_HEADER_OFFSET (2 * sizeof(uint32_t))
99146
100147#ifndef FLASHBUFFER_SIZE
@@ -230,6 +277,13 @@ extern "C" {
230277
231278/* Hashing configuration */
232279#if defined(WOLFBOOT_HASH_SHA256 )
280+ # ifdef WOLFBOOT_HASH_SHA384
281+ # error "Found WOLFBOOT_HASH_SHA384 with WOLFBOOT_HASH_SHA256. Pick one"
282+ # endif
283+ # ifdef WOLFBOOT_HASH_SHA3_384
284+ # error "Found WOLFBOOT_HASH_SHA3_384 with WOLFBOOT_HASH_SHA256. Pick one"
285+ # endif
286+
233287 #include "wolfssl/wolfcrypt/sha256.h"
234288# ifndef WOLFBOOT_SHA_BLOCK_SIZE
235289# define WOLFBOOT_SHA_BLOCK_SIZE (256)
@@ -245,6 +299,13 @@ extern "C" {
245299 typedef wc_Sha256 wolfBoot_hash_t ;
246300# define HDR_HASH HDR_SHA256
247301#elif defined(WOLFBOOT_HASH_SHA384 )
302+ # ifdef WOLFBOOT_HASH_SHA256
303+ # error "Found WOLFBOOT_HASH_SHA256 with WOLFBOOT_HASH_SHA384. Pick one"
304+ # endif
305+ # ifdef WOLFBOOT_HASH_SHA3_384
306+ # error "Found WOLFBOOT_HASH_SHA3_384 with WOLFBOOT_HASH_SHA384. Pick one"
307+ # endif
308+
248309 #include "wolfssl/wolfcrypt/sha512.h"
249310# ifndef WOLFBOOT_SHA_BLOCK_SIZE
250311# define WOLFBOOT_SHA_BLOCK_SIZE (256)
@@ -260,6 +321,13 @@ extern "C" {
260321 typedef wc_Sha384 wolfBoot_hash_t ;
261322# define HDR_HASH HDR_SHA384
262323#elif defined(WOLFBOOT_HASH_SHA3_384 )
324+ # ifdef WOLFBOOT_HASH_SHA256
325+ # error "Found WOLFBOOT_HASH_SHA256 with WOLFBOOT_HASH_SHA3_384. Pick one"
326+ # endif
327+ # ifdef WOLFBOOT_HASH_SHA384
328+ # error "Found WOLFBOOT_HASH_SHA384 with WOLFBOOT_HASH_SHA3_384. Pick one"
329+ # endif
330+
263331 #include "wolfssl/wolfcrypt/sha3.h"
264332# ifndef WOLFBOOT_SHA_BLOCK_SIZE
265333# define WOLFBOOT_SHA_BLOCK_SIZE (256)
0 commit comments