-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for hybrid authentication (two ciphers) #510
Conversation
2168518
to
2b7b5d8
Compare
eaaac1b
to
31fd115
Compare
Benchmark
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is really cool!
Still looking and testing, but things I noticed so far:
arch.mk
Outdated
@@ -1030,9 +1034,12 @@ ifeq ($(TARGET),sim) | |||
LD_END_GROUP= | |||
BOOT_IMG=test-app/image.elf | |||
CFLAGS+=-DARCH_SIM | |||
CFLAGS+=-DWOLFBOOT_USE_STDLIBC | |||
LDFLAGS +=-Wl,-gc-sections -Wl,-Map=wolfboot.map |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Adding these LDFLAGS breaks my ability to build and run the simulator on the Mac. Could you gate around USE_GCC perhaps?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess you are referring to the -DWOLFBOOT_USE_STDLIBC. I've gated that behind USE_GCC as suggested.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It was LDFLAGS +=-Wl,-gc-sections -Wl,-Map=wolfboot.map
causing issue with MacOS.
Key buffer size: 144 | ||
Secondary ECC key, size: 96 | ||
image header size overridden by config value (8192 bytes) | ||
Creating hybrid signature |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried re-building key tools 'make keytools. I am using the
cp config/examples/sim-ml-dsa-ecc-hybrid.config .config `.
wolfBoot KeyTools (Compiled C version)
wolfBoot version 2020000
Parsing arguments in hybrid mode
Secondary private key: wolfboot_signing_second_private_key.der
Secondary cipher: ECC384
Version: 1
Update type: Firmware
Input image: test-app/image.elf
Selected cipher: ML-DSA
Selected hash : SHA256
Private key: wolfboot_signing_private_key.der
Secondary cipher: ECC384
Secondary private key: wolfboot_signing_second_private_key.der
Output image: test-app/image_v1_signed.bin
Target partition id : 1
info: using ML-DSA parameters: 3
error: unrecognized ml-dsa key size: 144
Key decode error -1
[MERGE] internal_flash.dd
4096+0 records in
4096+0 records out
4096 bytes transferred in 0.015564 secs (263171 bytes/sec)
make assemble_internal_flash.dd
unable to stat test-app/image_v1_signed.bin: No such file or directory
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like the signing failed because the primary key is invalid (stale? created with keygen --ecc384 -g?). I cannot reproduce, it would be helpful to see what goes wrong in keys creation from make distclean
make keysclean
make V=1
671b232
to
e78755d
Compare
Removed some debug leftovers
e78755d
to
dbf32e6
Compare
No description provided.