From 30bcd46855d34e3112f88c71a79e3f8a771fcebb Mon Sep 17 00:00:00 2001 From: Dominik Ermel Date: Fri, 2 Aug 2024 14:48:15 +0000 Subject: [PATCH] bootutil: Add SIG_PURE TLV The commit adds SIG_PURE TLV that should be used as TLV indicating that the signature attached to image has been calculated over entire image, rather than digest of image. This is generic flag as the "pure" usage may be applied to, potentially, any signature algorithm. Signed-off-by: Dominik Ermel --- boot/bootutil/include/bootutil/image.h | 3 +++ scripts/imgtool/image.py | 1 + 2 files changed, 4 insertions(+) diff --git a/boot/bootutil/include/bootutil/image.h b/boot/bootutil/include/bootutil/image.h index 9ede800a2..05e04438b 100644 --- a/boot/bootutil/include/bootutil/image.h +++ b/boot/bootutil/include/bootutil/image.h @@ -102,6 +102,9 @@ struct flash_area; #define IMAGE_TLV_ECDSA_SIG 0x22 /* ECDSA of hash output */ #define IMAGE_TLV_RSA3072_PSS 0x23 /* RSA3072 of hash output */ #define IMAGE_TLV_ED25519 0x24 /* ed25519 of hash output */ +#define IMAGE_TLV_SIG_PURE 0x25 /* Indicator that attached signature has been prepared + * over image rather than its digest. + */ #define IMAGE_TLV_ENC_RSA2048 0x30 /* Key encrypted with RSA-OAEP-2048 */ #define IMAGE_TLV_ENC_KW 0x31 /* Key encrypted with AES-KW 128 or 256*/ #define IMAGE_TLV_ENC_EC256 0x32 /* Key encrypted with ECIES-EC256 */ diff --git a/scripts/imgtool/image.py b/scripts/imgtool/image.py index 53b19ef1d..1f9149b72 100644 --- a/scripts/imgtool/image.py +++ b/scripts/imgtool/image.py @@ -72,6 +72,7 @@ 'ECDSASIG': 0x22, 'RSA3072': 0x23, 'ED25519': 0x24, + 'SIG_PURE': 0x25, 'ENCRSA2048': 0x30, 'ENCKW': 0x31, 'ENCEC256': 0x32,