bootutil: Add TLV for correct ED25519 usage

The pure ED25519 TLV has stores ED25519 signature over SHA512 of image, rather than signature over SHA512 of SHA256 of image. Signed-off-by: Dominik Ermel <[email protected]>
mcu-tools · Aug 20, 2024 · b182ce4 · b182ce4
1 parent f763c5f
commit b182ce4
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 0 deletions.
diff --git a/boot/bootutil/include/bootutil/image.h b/boot/bootutil/include/bootutil/image.h
@@ -94,6 +94,7 @@ struct flash_area;
 #define IMAGE_TLV_ECDSA_SIG         0x22   /* ECDSA of hash output */
 #define IMAGE_TLV_RSA3072_PSS       0x23   /* RSA3072 of hash output */
 #define IMAGE_TLV_ED25519           0x24   /* ed25519 of hash output */
+#define IMAGE_TLV_ED25519_PROPER    0x25   /* ed25519 over SHA512 of the image */
 #define IMAGE_TLV_ENC_RSA2048       0x30   /* Key encrypted with RSA-OAEP-2048 */
 #define IMAGE_TLV_ENC_KW            0x31   /* Key encrypted with AES-KW 128 or 256*/
 #define IMAGE_TLV_ENC_EC256         0x32   /* Key encrypted with ECIES-EC256 */

diff --git a/scripts/imgtool/image.py b/scripts/imgtool/image.py
@@ -69,6 +69,7 @@
         'ECDSASIG': 0x22,
         'RSA3072': 0x23,
         'ED25519': 0x24,
+        'ED25519_PROPER': 0x25,
         'ENCRSA2048': 0x30,
         'ENCKW': 0x31,
         'ENCEC256': 0x32,