You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by cc...@apache.org on 2019/06/21 21:25:35 UTC

[mynewt-artifact] 11/23: Add RSA3072 support

This is an automated email from the ASF dual-hosted git repository.

ccollins pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-artifact.git

commit dc98b6ddc9af4a4cb4e69e36bb5b84fd6326b9ad
Author: Fabio Utzig <ut...@apache.org>
AuthorDate: Wed May 8 12:18:39 2019 -0300

    Add RSA3072 support
---
 image/create.go | 10 +++++++++-
 image/image.go  |  3 +++
 sec/key.go      |  3 ++-
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/image/create.go b/image/create.go
index 3ec8770..cbbc410 100644
--- a/image/create.go
+++ b/image/create.go
@@ -71,7 +71,15 @@ func sigTlvType(key sec.SignKey) uint8 {
 	key.AssertValid()
 
 	if key.Rsa != nil {
-		return IMAGE_TLV_RSA2048
+		pubk := key.Rsa.Public().(*rsa.PublicKey)
+		switch pubk.Size() {
+		case 256:
+			return IMAGE_TLV_RSA2048
+		case 384:
+			return IMAGE_TLV_RSA3072
+		default:
+			return 0
+		}
 	} else {
 		switch key.Ec.Curve.Params().Name {
 		case "P-224":
diff --git a/image/image.go b/image/image.go
index 6bd0050..7f74cbc 100644
--- a/image/image.go
+++ b/image/image.go
@@ -63,6 +63,7 @@ const (
 	IMAGE_TLV_RSA2048  = 0x20
 	IMAGE_TLV_ECDSA224 = 0x21
 	IMAGE_TLV_ECDSA256 = 0x22
+	IMAGE_TLV_RSA3072  = 0x23
 	IMAGE_TLV_ENC_RSA  = 0x30
 	IMAGE_TLV_ENC_KEK  = 0x31
 )
@@ -73,6 +74,7 @@ var imageTlvTypeNameMap = map[uint8]string{
 	IMAGE_TLV_RSA2048:  "RSA2048",
 	IMAGE_TLV_ECDSA224: "ECDSA224",
 	IMAGE_TLV_ECDSA256: "ECDSA256",
+	IMAGE_TLV_RSA3072:  "RSA3072",
 	IMAGE_TLV_ENC_RSA:  "ENC_RSA",
 	IMAGE_TLV_ENC_KEK:  "ENC_KEK",
 }
@@ -137,6 +139,7 @@ func ImageTlvTypeName(tlvType uint8) string {
 
 func ImageTlvTypeIsSig(tlvType uint8) bool {
 	return tlvType == IMAGE_TLV_RSA2048 ||
+		tlvType == IMAGE_TLV_RSA3072 ||
 		tlvType == IMAGE_TLV_ECDSA224 ||
 		tlvType == IMAGE_TLV_ECDSA256
 }
diff --git a/sec/key.go b/sec/key.go
index 89b5f49..9d073bd 100644
--- a/sec/key.go
+++ b/sec/key.go
@@ -190,7 +190,8 @@ func (key *SignKey) SigLen() uint16 {
 	key.AssertValid()
 
 	if key.Rsa != nil {
-		return 256
+		pubk := key.Rsa.Public().(*rsa.PublicKey)
+		return uint16(pubk.Size())
 	} else {
 		switch key.Ec.Curve.Params().Name {
 		case "P-224":