| /mcuboot-latest/scripts/imgtool/keys/ |
| D | ecdsa.py | 175 def verify(self, signature, payload): argument
177 signature = signature[:signature[1] + 2]
181 return k.verify(signature=signature, data=payload,
248 def verify(self, signature, payload): argument
250 signature = signature[:signature[1] + 2]
254 return k.verify(signature=signature, data=payload,
|
| D | ed25519.py | 64 def verify_digest(self, signature, digest): argument
69 return k.verify(signature=signature, data=digest)
|
| D | x25519.py | 114 def verify_digest(self, signature, digest): argument
119 return k.verify(signature=signature, data=digest)
|
| D | rsa.py | 76 def verify(self, signature, payload): argument
80 return k.verify(signature=signature, data=payload,
|
| D | ecdsa_test.py | 108 signature=sig,
115 signature=sig,
|
| D | ed25519_test.py | 111 k.key.public_key().verify(signature=sig, data=digest)
119 signature=sig,
|
| D | rsa_test.py | 121 signature=sig,
129 signature=sig,
|
| /mcuboot-latest/docs/ |
| D | ecdsa.md | 1 # ECDSA signature format
3 When the ECDSA SECP256R1 (EC256) signature support was added to MCUboot, a
7 TLS) are fairly strict about the formatting of the ECDSA signature.
20 that the length does not need to be known until the signature is
45 the `--no-pad-sig` signature to be able to boot all generated
59 The signature generation in the simulator can be changed at the same
66 ECDSA signatures are encoded as ASN.1, notably with the signature
80 signature will vary by a couple of bytes, depending on whether one or
83 Originally, MCUboot added padding to the entire signature and just
85 times, each time the last byte of the signature was non-zero, but if the
[all …]
|
| D | readme-riot.md | 11 not a signature check. In order to configure the bootloader for
12 signature check it is necessary to re-compile it either with Mynewt
|
| D | readme-espressif.md | 185 section [MCUboot image signature verification](#mcuboot-image-signature-verification) below.*
230 signature verification, the hardware-assisted Secure Boot and Flash Encryption were made available
233 ## [MCUboot image signature verification](#mcuboot-image-signature-verification)
303 bootloader signature checking by the ROM bootloader.
406 Secure boot uses a signature block appended to the bootloader image in order to verify the
407 authenticity. The signature block contains the RSA-3072 signature of that image and the RSA-3072
426 2. ROM bootloader verifies the bootloader's signature block integrity (magic number and CRC).
429 1. Compare the SHA-256 hash digest of the public key embedded in the bootloader’s signature
431 2. Generate the application image digest and match it with the image digest in the signature
433 3. Use the public key to verify the signature of the bootloader image, using RSA-PSS with the
[all …]
|
| /mcuboot-latest/ext/nrf/ |
| D | cc310_glue.c | 58 uint8_t *signature, in cc310_ecdsa_verify_secp256r1() argument
67 … (nrf_cc310_bl_ecc_signature_secp256r1_t *) signature, in cc310_ecdsa_verify_secp256r1()
|
| D | cc310_glue.h | 39 uint8_t *signature,
|
| /mcuboot-latest/ext/tinycrypt/lib/source/ |
| D | ecc_dsa.c | 100 unsigned hash_size, uECC_word_t *k, uint8_t *signature, in uECC_sign_with_k() argument
141 uECC_vli_nativeToBytes(signature, curve->num_bytes, p); /* store r */ in uECC_sign_with_k()
157 uECC_vli_nativeToBytes(signature + curve->num_bytes, curve->num_bytes, s); in uECC_sign_with_k()
162 unsigned hash_size, uint8_t *signature, uECC_Curve curve) in uECC_sign() argument
179 if (uECC_sign_with_k(private_key, message_hash, hash_size, k, signature, in uECC_sign()
193 unsigned hash_size, const uint8_t *signature, in uECC_verify() argument
222 uECC_vli_bytesToNative(r, signature, curve->num_bytes); in uECC_verify()
223 uECC_vli_bytesToNative(s, signature + curve->num_bytes, curve->num_bytes); in uECC_verify()
|
| /mcuboot-latest/sim/src/ |
| D | tlv.rs | 26 use ring::signature::{
564 let mut signature = vec![0; key_pair.public_modulus_len()]; in make_tlv() localVariable
566 assert_eq!(signature.len(), 256); in make_tlv()
568 assert_eq!(signature.len(), 384); in make_tlv()
570 key_pair.sign(&RSA_PSS_SHA256, &rng, &sig_payload, &mut signature).unwrap(); in make_tlv()
577 result.write_u16::<LittleEndian>(signature.len() as u16).unwrap(); in make_tlv()
578 result.extend_from_slice(&signature); in make_tlv()
583 let (signature, keyhash, keyhash_size) = if self.kinds.contains(&TlvKinds::SHA384) { in make_tlv()
606 let signature = signature.as_ref().to_vec(); in make_tlv() localVariable
607 result.write_u16::<LittleEndian>(signature.len() as u16).unwrap(); in make_tlv()
[all …]
|
| /mcuboot-latest/ext/tinycrypt/lib/include/tinycrypt/ |
| D | ecc_dsa.h | 114 unsigned int hash_size, uECC_word_t *k, uint8_t *signature,
|
| /mcuboot-latest/boot/bootutil/include/bootutil/crypto/ |
| D | ecdsa.h | 157 static int bootutil_decode_sig(uint8_t signature[NUM_ECC_BYTES * 2], uint8_t *cp, uint8_t *end) in bootutil_decode_sig()
171 rc = bootutil_read_bigint(signature, &cp, end); in bootutil_decode_sig()
175 rc = bootutil_read_bigint(signature + NUM_ECC_BYTES, &cp, end); in bootutil_decode_sig()
205 uint8_t signature[2 * NUM_ECC_BYTES]; in bootutil_ecdsa_verify() local
206 rc = bootutil_decode_sig(signature, sig, sig + sig_len); in bootutil_ecdsa_verify()
217 rc = uECC_verify(pk, hash, BOOTUTIL_CRYPTO_ECDSA_P256_HASH_SIZE, signature, uECC_secp256r1()); in bootutil_ecdsa_verify()
|
| /mcuboot-latest/boot/espressif/include/crypto_config/ |
| D | ec256.cmake | 16 message(FATAL_ERROR "EC256 signature verification using Mbed TLS lib is not supported")
|
| D | rsa.cmake | 27 message(FATAL_ERROR "RSA signature verification using Tinycrypt lib is not supported")
|
| /mcuboot-latest/boot/bootutil/src/ |
| D | image_ed25519.c | 26 const uint8_t signature[64],
|
| /mcuboot-latest/boot/espressif/hal/src/ |
| D | secure_boot.c | 113 …bool verified = ets_rsa_pss_verify(&block->key, block->signature, image_digest, temp_verified_dige… in s_calculate_image_public_key_digests()
115 …bool verified = ets_ecdsa_verify(&block->ecdsa.key.point[0], block->ecdsa.signature, block->ecdsa.… in s_calculate_image_public_key_digests()
|
| /mcuboot-latest/scripts/imgtool/ |
| D | main.py | 91 signature = base64.b64decode(f.read())
92 return signature
97 signature = base64.b64encode(sig)
98 f.write(signature)
|
| D | image.py | 258 self.signature = None
627 self.signature = sig
630 self.signature = fixed_sig['value']
681 return self.signature
|
| /mcuboot-latest/sim/mcuboot-sys/ |
| D | Cargo.toml | 11 # By default, build with simplistic signature verification.
|
| /mcuboot-latest/ci/fih_test_docker/ |
| D | damage_image.py | 180 if is_valid_signature(tlv) and args.signature:
|
| /mcuboot-latest/ext/fiat/src/ |
| D | curve25519.c | 1053 const uint8_t signature[64], const uint8_t public_key[32]) { in ED25519_verify()
1055 if ((signature[63] & 224) != 0 || in ED25519_verify()
1069 memcpy(rcopy, signature, 32); in ED25519_verify()
1074 memcpy(&scopy.u8[0], signature + 32, 32); in ED25519_verify()
1106 ret = mbedtls_sha512_update_ret(&ctx, signature, 32); in ED25519_verify()
1126 rc = tc_sha512_update(&s, signature, 32); in ED25519_verify()
|
