Added support for SHA3

2020-01-07 20:35:31 +01:00 · 2020-01-07 20:35:31 +01:00 · d33c5acac8
parent daa706b893
commit d33c5acac8
8 changed files with 211 additions and 72 deletions
--- a/21
+++ b/21
@ -27,17 +27,17 @@ endif
 ## Architecture/CPU configuration
 include arch.mk

+
 ## DSA Settings
 ifeq ($(SIGN),ECC256)
-  KEYGEN_OPTIONS=--ecc256
-  SIGN_OPTIONS=--ecc256
+  KEYGEN_OPTIONS+=--ecc256
+  SIGN_OPTIONS+=--ecc256
  PRIVATE_KEY=ecc256.der
  WOLFCRYPT_OBJS+= \
    $(MATH_OBJS) \
 	./lib/wolfssl/wolfcrypt/src/ecc.o \
 	./lib/wolfssl/wolfcrypt/src/memory.o \
 	./lib/wolfssl/wolfcrypt/src/wc_port.o \
-    ./lib/wolfssl/wolfcrypt/src/sha256.o \
    ./lib/wolfssl/wolfcrypt/src/hash.o \
    ./src/xmalloc_ecc.o
  CFLAGS+=-DWOLFBOOT_SIGN_ECC256 -DXMALLOC_USER \
@ -46,13 +46,12 @@ ifeq ($(SIGN),ECC256)
 endif

 ifeq ($(SIGN),ED25519)
-  KEYGEN_OPTIONS=--ed25519
-  SIGN_OPTIONS=--ed25519
+  KEYGEN_OPTIONS+=--ed25519
+  SIGN_OPTIONS+=--ed25519
  PRIVATE_KEY=ed25519.der
  WOLFCRYPT_OBJS+= ./lib/wolfssl/wolfcrypt/src/sha512.o \
 	./lib/wolfssl/wolfcrypt/src/ed25519.o \
 	./lib/wolfssl/wolfcrypt/src/ge_low_mem.o \
-    ./lib/wolfssl/wolfcrypt/src/sha256.o \
    ./lib/wolfssl/wolfcrypt/src/hash.o \
 	./lib/wolfssl/wolfcrypt/src/wolfmath.o \
    ./lib/wolfssl/wolfcrypt/src/fe_low_mem.o
@ -63,15 +62,14 @@ ifeq ($(SIGN),ED25519)
 endif

 ifeq ($(SIGN),RSA2048)
-  KEYGEN_OPTIONS=--rsa2048
-  SIGN_OPTIONS=--rsa2048
+  KEYGEN_OPTIONS+=--rsa2048
+  SIGN_OPTIONS+=--rsa2048
  PRIVATE_KEY=rsa2048.der
  IMAGE_HEADER_SIZE=512
  WOLFCRYPT_OBJS+= \
    $(RSA_EXTRA_OBJS) \
    $(MATH_OBJS) \
 	./lib/wolfssl/wolfcrypt/src/rsa.o \
-	./lib/wolfssl/wolfcrypt/src/sha256.o \
 	./lib/wolfssl/wolfcrypt/src/asn.o \
 	./lib/wolfssl/wolfcrypt/src/hash.o \
 	./src/xmalloc_rsa.o
@ -81,15 +79,14 @@ ifeq ($(SIGN),RSA2048)
 endif

 ifeq ($(SIGN),RSA4096)
-  KEYGEN_OPTIONS=--rsa4096
-  SIGN_OPTIONS=--rsa4096
+  KEYGEN_OPTIONS+=--rsa4096
+  SIGN_OPTIONS+=--rsa4096
  PRIVATE_KEY=rsa4096.der
  IMAGE_HEADER_SIZE=1024
  WOLFCRYPT_OBJS+= \
    $(RSA_EXTRA_OBJS) \
    $(MATH_OBJS) \
 	./lib/wolfssl/wolfcrypt/src/rsa.o \
-	./lib/wolfssl/wolfcrypt/src/sha256.o \
 	./lib/wolfssl/wolfcrypt/src/asn.o \
 	./lib/wolfssl/wolfcrypt/src/hash.o \
 	./lib/wolfssl/wolfcrypt/src/wolfmath.o \
--- a/arch.mk
+++ b/arch.mk
@ -13,6 +13,18 @@ ARCH_FLASH_OFFSET=0x0
 # Default SPI driver name
 SPI_TARGET=$(TARGET)

+## Hash settings
+ifeq ($(HASH),SHA256)
+  WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/sha256.o
+  CFLAGS+=-DWOLFBOOT_HASH_SHA256
+endif
+
+ifeq ($(HASH),SHA3)
+  WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/sha3.o
+  CFLAGS+=-DWOLFBOOT_HASH_SHA3_384
+  SIGN_OPTIONS+=--sha3
+endif
+
 ## ARM
 ifeq ($(ARCH),ARM)
  CROSS_COMPILE:=arm-none-eabi-
--- a/include/user_settings.h
+++ b/include/user_settings.h
@ -108,6 +108,10 @@
 #  define TFM_TIMING_RESISTANT
 #endif

+#ifdef WOLFBOOT_HASH_SHA3_384
+# define WOLFSSL_SHA3
+#endif
+
 /* Disables - For minimum wolfCrypt build */
 #define NO_AES
 #define NO_CMAC
--- a/include/wolfboot/wolfboot.h
+++ b/include/wolfboot/wolfboot.h
@ -44,6 +44,7 @@
 #define HDR_IMG_TYPE    0x04
 #define HDR_PUBKEY      0x10
 #define HDR_SIGNATURE   0x20
+#define HDR_SHA3_384    0x13
 #define HDR_PADDING     0xFF

 #define HDR_IMG_TYPE_AUTH_ED25519 0x0100
@ -86,4 +87,21 @@ uint16_t wolfBoot_get_image_type(uint8_t part);
 #define wolfBoot_current_firmware_version() wolfBoot_get_image_version(PART_BOOT)
 #define wolfBoot_update_firmware_version() wolfBoot_get_image_version(PART_UPDATE)

+
+/* Hashing function configuration */
+#define WOLFBOOT_SHA_BLOCK_SIZE (16)
+#if defined(WOLFBOOT_HASH_SHA256)
+#   define WOLFBOOT_SHA_HDR HDR_SHA256
+#   define WOLFBOOT_SHA_DIGEST_SIZE (32)
+#   define image_hash image_sha256
+#   define key_hash key_sha256
+#elif defined(WOLFBOOT_HASH_SHA3_384)
+#   define WOLFBOOT_SHA_HDR HDR_SHA3_384
+#   define WOLFBOOT_SHA_DIGEST_SIZE (48)
+#   define image_hash image_sha3_384
+#   define key_hash key_sha3_384
+#else
+#   error "No valid hash algorithm defined!"
+#endif
+
 #endif /* !WOLFBOOT_H */
--- a/src/image.c
+++ b/src/image.c
@ -26,7 +26,14 @@

 #ifndef WOLFTPM2_NO_WOLFCRYPT
 #include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFBOOT_HASH_SHA256
 #include <wolfssl/wolfcrypt/sha256.h>
+#endif
+
+#ifdef WOLFBOOT_HASH_SHA3_384
+#include <wolfssl/wolfcrypt/sha3.h>
+#endif

 #ifdef WOLFBOOT_SIGN_ED25519
 #include <wolfssl/wolfcrypt/ed25519.h>
@ -45,7 +52,7 @@ static int wolfBoot_verify_signature(uint8_t *hash, uint8_t *sig)
        /* Failed to import ed25519 key */
        return -1;
    }
-    ret = wc_ed25519_verify_msg(sig, IMAGE_SIGNATURE_SIZE, hash, SHA256_DIGEST_SIZE, &res, &ed);
+    ret = wc_ed25519_verify_msg(sig, IMAGE_SIGNATURE_SIZE, hash, WOLFBOOT_SHA_DIGEST_SIZE, &res, &ed);
    if ((ret < 0) || (res == 0)) {
        return -1;
    }
@ -82,7 +89,7 @@ static int wolfBoot_verify_signature(uint8_t *hash, uint8_t *sig)
    mp_init(&s);
    mp_read_unsigned_bin(&r, sig, ECC_KEY_SIZE);
    mp_read_unsigned_bin(&s, sig + ECC_KEY_SIZE, ECC_KEY_SIZE);
-    ret = wc_ecc_verify_hash_ex(&r, &s, hash, SHA256_DIGEST_SIZE, &res, &ecc);
+    ret = wc_ecc_verify_hash_ex(&r, &s, hash, WOLFBOOT_SHA_DIGEST_SIZE, &res, &ecc);
    if ((ret < 0) || (res == 0)) {
        return -1;
    }
@ -122,7 +129,7 @@ static int wolfBoot_verify_signature(uint8_t *hash, uint8_t *sig)
        return -1;
    }
    ret = wc_RsaSSL_Verify(sig, RSA_SIG_SIZE, digest_out, RSA_SIG_SIZE, &rsa);
-    if (ret == SHA256_DIGEST_SIZE) {
+    if (ret == WOLFBOOT_SHA_DIGEST_SIZE) {
        if (memcmp(digest_out, hash, ret) == 0)
            return 0;
    }
@ -137,9 +144,6 @@ static int wolfBoot_verify_signature(uint8_t *hash, uint8_t *sig)
 #include "wolftpm/tpm2_wrap.h"
 static WOLFTPM2_DEV wolftpm_dev;

-#define SHA256_BLOCK_SIZE 16
-#define SHA256_DIGEST_SIZE 32
-
 #endif /* WOLFTPM2_NO_WOLFCRYPT */

 static uint16_t get_header_ext(struct wolfBoot_image *img, uint16_t type, uint8_t **ptr);
@ -153,7 +157,7 @@ static uint16_t get_header(struct wolfBoot_image *img, uint16_t type, uint8_t **
    return wolfBoot_find_header(img->hdr + IMAGE_HEADER_OFFSET, type, ptr);
 }

-static uint8_t ext_hash_block[SHA256_BLOCK_SIZE];
+static uint8_t ext_hash_block[WOLFBOOT_SHA_BLOCK_SIZE];

 static uint8_t *get_sha_block(struct wolfBoot_image *img, uint32_t offset)
 {
@ -161,14 +165,14 @@ static uint8_t *get_sha_block(struct wolfBoot_image *img, uint32_t offset)
        return NULL;
 #ifdef PART_UPDATE_EXT
    if (img->part == PART_UPDATE) {
-        ext_flash_read((uint32_t)(img->fw_base) + offset, ext_hash_block, SHA256_BLOCK_SIZE);
+        ext_flash_read((uint32_t)(img->fw_base) + offset, ext_hash_block, WOLFBOOT_SHA_BLOCK_SIZE);
        return ext_hash_block;
    }
 #endif
    return (uint8_t *)(img->fw_base + offset);
 }

-static uint8_t digest[SHA256_DIGEST_SIZE];
+static uint8_t digest[WOLFBOOT_SHA_DIGEST_SIZE];
 static uint8_t verification[IMAGE_SIGNATURE_SIZE];
 #ifdef EXT_FLASH

@ -202,7 +206,9 @@ static uint8_t *get_img_hdr(struct wolfBoot_image *img)
 }

 #ifndef WOLFTPM2_NO_WOLFCRYPT
-static int image_hash(struct wolfBoot_image *img, uint8_t *hash)
+
+#if defined(WOLFBOOT_HASH_SHA256)
+static int image_sha256(struct wolfBoot_image *img, uint8_t *hash)
 {
    uint8_t *stored_sha, *end_sha;
    uint16_t stored_sha_len;
@ -214,12 +220,12 @@ static int image_hash(struct wolfBoot_image *img, uint8_t *hash)
        return -1;
    p = get_img_hdr(img);
    stored_sha_len = get_header(img, HDR_SHA256, &stored_sha);
-    if (stored_sha_len != SHA256_DIGEST_SIZE)
+    if (stored_sha_len != WOLFBOOT_SHA_DIGEST_SIZE)
        return -1;
    wc_InitSha256(&sha256_ctx);
    end_sha = stored_sha - (2 * sizeof(uint16_t)); /* Subtract 2 Type + 2 Len */
    while (p < end_sha) {
-        blksz = SHA256_BLOCK_SIZE;
+        blksz = WOLFBOOT_SHA_BLOCK_SIZE;
        if (end_sha - p < blksz)
            blksz = end_sha - p;
        wc_Sha256Update(&sha256_ctx, p, blksz);
@ -229,7 +235,7 @@ static int image_hash(struct wolfBoot_image *img, uint8_t *hash)
        p = get_sha_block(img, position);
        if (p == NULL)
            break;
-        blksz = SHA256_BLOCK_SIZE;
+        blksz = WOLFBOOT_SHA_BLOCK_SIZE;
        if (position + blksz > img->fw_size)
            blksz = img->fw_size - position;
        wc_Sha256Update(&sha256_ctx, p, blksz);
@ -240,7 +246,7 @@ static int image_hash(struct wolfBoot_image *img, uint8_t *hash)
    return 0;
 }

-static void key_hash(uint8_t *hash)
+static void key_sha256(uint8_t *hash)
 {
    int blksz;
    unsigned int i = 0;
@ -248,7 +254,7 @@ static void key_hash(uint8_t *hash)
    wc_InitSha256(&sha256_ctx);
    while(i < KEY_LEN)
    {
-        blksz = SHA256_BLOCK_SIZE;
+        blksz = WOLFBOOT_SHA_BLOCK_SIZE;
        if ((i + blksz) > KEY_LEN)
            blksz = KEY_LEN - i;
        wc_Sha256Update(&sha256_ctx, (KEY_BUFFER + i), blksz);
@ -256,6 +262,63 @@ static void key_hash(uint8_t *hash)
    }
    wc_Sha256Final(&sha256_ctx, hash);
 }
+#endif /* SHA2 256 */
+#if defined(WOLFBOOT_HASH_SHA3_384)
+static int image_sha3_384(struct wolfBoot_image *img, uint8_t *hash)
+{
+    uint8_t *stored_sha, *end_sha;
+    uint16_t stored_sha_len;
+    uint8_t *p;
+    int blksz;
+    uint32_t position = 0;
+    wc_Sha3 sha3_ctx;
+    if (!img)
+        return -1;
+    p = get_img_hdr(img);
+    stored_sha_len = get_header(img, HDR_SHA3_384, &stored_sha);
+    if (stored_sha_len != WOLFBOOT_SHA_DIGEST_SIZE)
+        return -1;
+    wc_InitSha3_384(&sha3_ctx, NULL, 0);
+    end_sha = stored_sha - (2 * sizeof(uint16_t)); /* Subtract 2 Type + 2 Len */
+    while (p < end_sha) {
+        blksz = WOLFBOOT_SHA_BLOCK_SIZE;
+        if (end_sha - p < blksz)
+            blksz = end_sha - p;
+        wc_Sha3_384_Update(&sha3_ctx, p, blksz);
+        p += blksz;
+    }
+    do {
+        p = get_sha_block(img, position);
+        if (p == NULL)
+            break;
+        blksz = WOLFBOOT_SHA_BLOCK_SIZE;
+        if (position + blksz > img->fw_size)
+            blksz = img->fw_size - position;
+        wc_Sha3_384_Update(&sha3_ctx, p, blksz);
+        position += blksz;
+    } while(position < img->fw_size);
+
+    wc_Sha3_384_Final(&sha3_ctx, hash);
+    return 0;
+}
+
+static void key_sha3_384(uint8_t *hash)
+{
+    int blksz;
+    unsigned int i = 0;
+    wc_Sha3 sha3_ctx;
+    wc_InitSha3_384(&sha3_ctx, NULL, 0);
+    while(i < KEY_LEN)
+    {
+        blksz = WOLFBOOT_SHA_BLOCK_SIZE;
+        if ((i + blksz) > KEY_LEN)
+            blksz = KEY_LEN - i;
+        wc_Sha3_384_Update(&sha3_ctx, (KEY_BUFFER + i), blksz);
+        i += blksz;
+    }
+    wc_Sha3_384_Final(&sha3_ctx, hash);
+}
+#endif

 #else /* WOLFTPM2_NO_WOLFCRYPT */

@ -296,7 +359,7 @@ static int wolfBoot_verify_signature(uint8_t *hash, uint8_t *sig)
            KEY_BUFFER + ECC_INT_SIZE, ECC_INT_SIZE);
    if (rc < 0)
        return -1;
-    rc = wolfTPM2_VerifyHash(&wolftpm_dev, &tpmKey, sig, 2 * ECC_INT_SIZE, hash, SHA256_DIGEST_SIZE);
+    rc = wolfTPM2_VerifyHash(&wolftpm_dev, &tpmKey, sig, 2 * ECC_INT_SIZE, hash, WOLFBOOT_SHA_DIGEST_SIZE);
    wolfTPM2_UnloadHandle(&wolftpm_dev, &tpmKey.handle);
    if (rc < 0)
        return -1;
@ -324,13 +387,12 @@ int wolfBoot_tpm2_init(void)
    return 0;
 }

-
-static void key_hash(uint8_t *hashBuf)
+static void key_sha256(uint8_t *hashBuf)
 {
    int blksz, rc;
    unsigned int i = 0;
    const char gUsageAuth[]="wolfBoot TPM Usage Auth";
-    uint32_t hashSz = SHA256_DIGEST_SIZE;
+    uint32_t hashSz = WOLFBOOT_SHA_DIGEST_SIZE;
    WOLFTPM2_HASH hash;
    XMEMSET(&hash, 0, sizeof(hash));
    rc = wolfTPM2_HashStart(&wolftpm_dev, &hash, TPM_ALG_SHA256,
@ -339,7 +401,7 @@ static void key_hash(uint8_t *hashBuf)
        return;
    while(i < KEY_LEN)
    {
-        blksz = SHA256_BLOCK_SIZE;
+        blksz = WOLFBOOT_SHA_BLOCK_SIZE;
        if ((i + blksz) > KEY_LEN)
            blksz = KEY_LEN - i;
        wolfTPM2_HashUpdate(&wolftpm_dev, &hash, KEY_BUFFER + i, blksz);
@ -348,7 +410,7 @@ static void key_hash(uint8_t *hashBuf)
    wolfTPM2_HashFinish(&wolftpm_dev, &hash, hashBuf, &hashSz);
 }

-static int image_hash(struct wolfBoot_image *img, uint8_t *hashBuf)
+static int image_sha256(struct wolfBoot_image *img, uint8_t *hashBuf)
 {
    const char gUsageAuth[]="wolfBoot TPM Usage Auth";
    uint8_t *stored_sha, *end_sha;
@ -357,13 +419,13 @@ static int image_hash(struct wolfBoot_image *img, uint8_t *hashBuf)
    int blksz;
    uint32_t position = 0;
    WOLFTPM2_HASH hash;
-    uint32_t hashSz = SHA256_DIGEST_SIZE;
+    uint32_t hashSz = WOLFBOOT_SHA_DIGEST_SIZE;
    int rc;
    if (!img)
        return -1;
    p = get_img_hdr(img);
    stored_sha_len = get_header(img, HDR_SHA256, &stored_sha);
-    if (stored_sha_len != SHA256_DIGEST_SIZE)
+    if (stored_sha_len != WOLFBOOT_SHA_DIGEST_SIZE)
        return -1;
    XMEMSET(&hash, 0, sizeof(hash));
    rc = wolfTPM2_HashStart(&wolftpm_dev, &hash, TPM_ALG_SHA256,
@ -372,7 +434,7 @@ static int image_hash(struct wolfBoot_image *img, uint8_t *hashBuf)
        return -1;
    end_sha = stored_sha - (2 * sizeof(uint16_t)); /* Subtract 2 Type + 2 Len */
    while (p < end_sha) {
-        blksz = SHA256_BLOCK_SIZE;
+        blksz = WOLFBOOT_SHA_BLOCK_SIZE;
        if (end_sha - p < blksz)
            blksz = end_sha - p;
        wolfTPM2_HashUpdate(&wolftpm_dev, &hash, p, blksz);
@ -382,7 +444,7 @@ static int image_hash(struct wolfBoot_image *img, uint8_t *hashBuf)
        p = get_sha_block(img, position);
        if (p == NULL)
            break;
-        blksz = SHA256_BLOCK_SIZE;
+        blksz = WOLFBOOT_SHA_BLOCK_SIZE;
        if (position + blksz > img->fw_size)
            blksz = img->fw_size - position;
        wolfTPM2_HashUpdate(&wolftpm_dev, &hash, p, blksz);
@ -441,8 +503,8 @@ int wolfBoot_verify_integrity(struct wolfBoot_image *img)
 {
    uint8_t *stored_sha;
    uint16_t stored_sha_len;
-    stored_sha_len = get_header(img, HDR_SHA256, &stored_sha);
-    if (stored_sha_len != SHA256_DIGEST_SIZE)
+    stored_sha_len = get_header(img, WOLFBOOT_SHA_HDR, &stored_sha);
+    if (stored_sha_len != WOLFBOOT_SHA_DIGEST_SIZE)
        return -1;
    if (image_hash(img, digest) != 0)
        return -1;
@ -466,20 +528,17 @@ int wolfBoot_verify_authenticity(struct wolfBoot_image *img)
    if (stored_signature_size != IMAGE_SIGNATURE_SIZE)
       return -1;
    pubkey_hint_size = get_header(img, HDR_PUBKEY, &pubkey_hint);
-    if (pubkey_hint_size == SHA256_DIGEST_SIZE) {
+    if (pubkey_hint_size == WOLFBOOT_SHA_DIGEST_SIZE) {
        key_hash(digest);
-        if (memcmp(digest, pubkey_hint, SHA256_DIGEST_SIZE) != 0)
+        if (memcmp(digest, pubkey_hint, WOLFBOOT_SHA_DIGEST_SIZE) != 0)
            return -1;
    }
    image_type_size = get_header(img, HDR_IMG_TYPE, &image_type_buf);
    if (image_type_size != sizeof(uint16_t))
            return -1;
    image_type = (uint16_t)(image_type_buf[0] + (image_type_buf[1] << 8));
-
    if ((image_type & 0xFF00) != HDR_IMG_TYPE_AUTH)
        return -1;
-
-
    if (image_hash(img, digest) != 0)
        return -1;
    if (wolfBoot_verify_signature(digest, stored_signature) != 0)
--- a/test-app/Makefile
+++ b/test-app/Makefile
@ -11,6 +11,15 @@ endif
 ifeq ($(SIGN),RSA4096)
  IMAGE_HEADER_SIZE:=1024
 endif
+ifeq ($(HASH),SHA256)
+  WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/sha256.o
+  CFLAGS+=-DWOLFBOOT_HASH_SHA256
+endif
+
+ifeq ($(HASH),SHA3_384)
+  WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/sha3.o
+  CFLAGS+=-DWOLFBOOT_HASH_SHA3_384
+endif

 CFLAGS:=-g -ggdb -Wall -Wstack-usage=1024 -ffreestanding -Wno-unused -DPLATFORM_$(TARGET) -I../include -nostartfiles

--- a/tools/config.mk
+++ b/tools/config.mk
@ -3,6 +3,7 @@ ifeq ($(ARCH),)
  ARCH?=ARM
  TARGET?=stm32f4
  SIGN?=ED25519
+  HASH?=SHA256
  KINETIS?=$(HOME)/src/FRDM-K64F
  KINETIS_CPU=MK64FN1M0VLL12
  KINETIS_DRIVERS?=$(KINETIS)/devices/MK64F12
@ -33,7 +34,7 @@ ifeq ($(ARCH),)
 endif


-CONFIG_VARS:= ARCH TARGET SIGN KINETIS KINETIS_CPU KINETIS_DRIVERS \
+CONFIG_VARS:= ARCH TARGET SIGN HASH KINETIS KINETIS_CPU KINETIS_DRIVERS \
 	KINETIS_CMSIS FREEDOM_E_SDK STM32CUBE DEBUG VTOR CORTEX_M0 NO_ASM EXT_FLASH \
 	SPI_FLASH ALLOW_DOWNGRADE NVM_FLASH_WRITEONCE WOLFBOOT_VERSION V \
 	SPMATH RAM_CODE DUALBANK_SWAP IMAGE_HEADER_SIZE PKA WOLFTPM \
--- a/tools/keytools/sign.py
+++ b/tools/keytools/sign.py
@ -30,6 +30,7 @@ HDR_END         = 0x00
 HDR_VERSION     = 0x01
 HDR_TIMESTAMP   = 0x02
 HDR_SHA256      = 0x03
+HDR_SHA3_384    = 0x13
 HDR_IMG_TYPE    = 0x04
 HDR_PUBKEY      = 0x10
 HDR_SIGNATURE   = 0x20
@ -39,8 +40,8 @@ HDR_PADDING     = 0xFF
 HDR_VERSION_LEN     = 4
 HDR_TIMESTAMP_LEN   = 8
 HDR_SHA256_LEN      = 32
+HDR_SHA3_384_LEN    = 48
 HDR_IMG_TYPE_LEN    = 2
-HDR_PUBKEY_LEN      = 32
 HDR_SIGNATURE_LEN   = 64

 HDR_IMG_TYPE_AUTH_ED25519 = 0x0100
@ -58,9 +59,10 @@ self_update=False

 argc = len(sys.argv)
 argv = sys.argv
+hash_algo='sha256'

 if (argc < 4) or (argc > 6):
-    print("Usage: %s [--ed25519 | --ecc256 | --rsa2048 | --rsa4096 ] [--wolfboot-update] image key.der fw_version\n" % sys.argv[0])
+    print("Usage: %s [--ed25519 | --ecc256 | --rsa2048 | --rsa4096 ] [--sha256 | --sha3] [--wolfboot-update] image key.der fw_version\n" % sys.argv[0])
    sys.exit(1)
 for i in range(1, len(argv)):
    if (argv[i] == '--ed25519'):
@ -71,6 +73,10 @@ for i in range(1, len(argv)):
        sign='rsa2048'
    elif (argv[i] == '--rsa4096'):
        sign='rsa4096'
+    elif (argv[i] == '--sha256'):
+        hash_algo='sha256'
+    elif (argv[i] == '--sha3'):
+        hash_algo='sha3'
    elif (argv[i] == '--wolfboot-update'):
        self_update = True
    else:
@ -188,33 +194,66 @@ if (not self_update):

 header += struct.pack('<H', img_type)

-sha = hashes.Sha256.new()
-# Sha calculation
-sha.update(header)
-img_bin = open(image_file, 'rb')
-while True:
-    buf = img_bin.read(32)
-    if (len(buf) == 0):
-        img_bin.close()
-        break
-    sha.update(buf)
-digest = sha.digest()
+print("Calculating %s digest..." % hash_algo)

-# Add SHA to the header
-header += struct.pack('<HH', HDR_SHA256, HDR_SHA256_LEN)
-header += digest
-#print("sha:")
-#print([hex(j) for j in digest])
+if hash_algo == 'sha256':
+    sha = hashes.Sha256.new()
+
+    # Sha calculation
+    sha.update(header)
+    img_bin = open(image_file, 'rb')
+    while True:
+        buf = img_bin.read(32)
+        if (len(buf) == 0):
+            img_bin.close()
+            break
+        sha.update(buf)
+    digest = sha.digest()
+
+    # Add SHA to the header
+    header += struct.pack('<HH', HDR_SHA256, HDR_SHA256_LEN)
+    header += digest
+    #print("sha:")
+    #print([hex(j) for j in digest])
+
+    # pubkey SHA calculation
+    #print([hex(j) for j in pubkey])
+    #print(len(pubkey))
+    keysha = hashes.Sha256.new()
+    keysha.update(pubkey)
+    key_digest = keysha.digest()
+    header += struct.pack('<HH', HDR_PUBKEY, HDR_SHA256_LEN)
+    header += key_digest
+    #print([hex(j) for j in key_digest])
+elif hash_algo == 'sha3':
+    sha = hashes.Sha3.new()
+    # Sha calculation
+    sha.update(header)
+    img_bin = open(image_file, 'rb')
+    while True:
+        buf = img_bin.read(32)
+        if (len(buf) == 0):
+            img_bin.close()
+            break
+        sha.update(buf)
+    digest = sha.digest()
+
+    # Add SHA to the header
+    header += struct.pack('<HH', HDR_SHA3_384, HDR_SHA3_384_LEN)
+    header += digest
+    #print("sha:")
+    #print([hex(j) for j in digest])
+
+    # pubkey SHA calculation
+    #print([hex(j) for j in pubkey])
+    #print(len(pubkey))
+    keysha = hashes.Sha3.new()
+    keysha.update(pubkey)
+    key_digest = keysha.digest()
+    header += struct.pack('<HH', HDR_PUBKEY, HDR_SHA3_384_LEN)
+    header += key_digest
+    #print([hex(j) for j in key_digest])

-# pubkey SHA calculation
-#print([hex(j) for j in pubkey])
-#print(len(pubkey))
-keysha = hashes.Sha256.new()
-keysha.update(pubkey)
-key_digest = keysha.digest()
-header += struct.pack('<HH', HDR_PUBKEY, HDR_PUBKEY_LEN)
-header += key_digest
-#print([hex(j) for j in key_digest])

 # Sign the digest
 print("Signing the firmware...")