WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Stage1: allow signing with ecc384/sha384

pull/365/head
Daniele Lacamera 2023-08-21 13:23:32 +02:00 committed by Marco Oliverio
parent e0d9e65892
commit 0babaae04a
5 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config/examples/x86_fsp_qemu.config
View File

@ -1,8 +1,8 @@
ARCH=x86_64 ARCH=x86_64
TARGET=x86_fsp_qemu TARGET=x86_fsp_qemu
WOLFBOOT_SMALL_STACK=1 WOLFBOOT_SMALL_STACK=1
SIGN?=ECC256 SIGN?=ECC384
HASH?=SHA256 HASH?=SHA384
DEBUG=1 DEBUG=1
SPMATH=1 SPMATH=1
FORCE_32BIT=1 FORCE_32BIT=1
@ -30,6 +30,7 @@ WOLFBOOT_DATA_ADDRESS=0x1000000
FSP_M_BASE=0xffe30000 FSP_M_BASE=0xffe30000
FSP_S_BASE=0xffed6000 FSP_S_BASE=0xffed6000
FSP_T_BASE=0xfffe0000 FSP_T_BASE=0xfffe0000
FSP_S_LOAD_BASE=0x0FED5F00
WOLFBOOT_ORIGIN=0xfffa0000 WOLFBOOT_ORIGIN=0xfffa0000
LINUX_PAYLOAD=1 LINUX_PAYLOAD=1

10
config/examples/x86_fsp_qemu_tpm.config
View File

@ -1,14 +1,14 @@
ARCH=x86_64 ARCH=x86_64
TARGET=x86_fsp_qemu TARGET=x86_fsp_qemu
WOLFBOOT_SMALL_STACK=1 WOLFBOOT_SMALL_STACK=1
SIGN?=ECC256 SIGN?=ECC384
HASH?=SHA256 HASH?=SHA384
DEBUG=1 DEBUG=1
SPMATH=1 SPMATH=1
FORCE_32BIT=1 FORCE_32BIT=1
ENCRYPTION=0 ENCRYPTION=0
WOLFBOOT_FIXED_PARTITIONS=1 WOLFBOOT_FIXED_PARTITIONS=1
WOLFBOOT_PARTITION_SIZE=0x800000 WOLFBOOT_PARTITION_SIZE=0x8000000
WOLFTPM=1 WOLFTPM=1
# TPM Keystore options # TPM Keystore options
@ -30,7 +30,8 @@ WOLFBOOT_DATA_ADDRESS=0x1000000
FSP_M_BASE=0xffe30000 FSP_M_BASE=0xffe30000
FSP_S_BASE=0xffed6000 FSP_S_BASE=0xffed6000
FSP_T_BASE=0xfffe0000 FSP_T_BASE=0xfffe0000
WOLFBOOT_ORIGIN=0xffff0000 FSP_S_LOAD_BASE=0x0FED5F00
WOLFBOOT_ORIGIN=0xfffa0000
LINUX_PAYLOAD=1 LINUX_PAYLOAD=1
BOOTLOADER_PARTITION_SIZE=0xa0000 BOOTLOADER_PARTITION_SIZE=0xa0000
@ -39,3 +40,4 @@ MACHINE_OBJ=src/x86/qemu_fsp.o
FSP_T_BIN=./src/x86/fsp_t.bin FSP_T_BIN=./src/x86/fsp_t.bin
FSP_M_BIN=./src/x86/fsp_m.bin FSP_M_BIN=./src/x86/fsp_m.bin
FSP_S_BIN=./src/x86/fsp_s.bin FSP_S_BIN=./src/x86/fsp_s.bin
STAGE1_AUTH=1

2
stage1/x86_fsp.mk
View File

@ -1,5 +1,5 @@
SIGN_TOOL?=../tools/keytools/sign SIGN_TOOL?=../tools/keytools/sign
SIGN_OPTIONS?=--ecc256 --sha256 SIGN_OPTIONS?=--ecc384 --sha384
SIGN_KEY?=../wolfboot_signing_private_key.der SIGN_KEY?=../wolfboot_signing_private_key.der
X86FSP_PATH?=../`dirname $(FSP_M_BIN)` X86FSP_PATH?=../`dirname $(FSP_M_BIN)`

4
tools/scripts/qemu64/qemu64dbg.sh
View File

@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
qemu-system-x86_64 -m 8G -machine q35 -serial mon:stdio -nographic \ qemu-system-x86_64 -m 1G -machine q35 -serial mon:stdio -nographic \
-pflash loader.bin -drive id=mydisk,format=raw,file=app.bin,if=none \ -pflash wolfboot_stage1.bin -drive id=mydisk,format=raw,file=app.bin,if=none \
-device ide-hd,drive=mydisk -S -s -device ide-hd,drive=mydisk -S -s

4
tools/scripts/qemu64/sign_linux.sh
View File

@ -1,7 +1,7 @@
cp /tmp/br-linux-wolfboot/output/images/bzImage . cp /tmp/br-linux-wolfboot/output/images/bzImage .
tools/keytools/sign --ecc256 --sha256 bzImage wolfboot_signing_private_key.der 8 tools/keytools/sign --ecc384 --sha384 bzImage wolfboot_signing_private_key.der 8
tools/keytools/sign --ecc256 --sha256 bzImage wolfboot_signing_private_key.der 2 tools/keytools/sign --ecc384 --sha384 bzImage wolfboot_signing_private_key.der 2
cp base-part-image app.bin cp base-part-image app.bin
dd if=bzImage_v8_signed.bin of=app.bin bs=1k seek=1024 conv=notrunc dd if=bzImage_v8_signed.bin of=app.bin bs=1k seek=1024 conv=notrunc