Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

image: Implement new methods for RustCrypto provider #1942

Merged
merged 5 commits into from
Feb 7, 2025
Merged

image: Implement new methods for RustCrypto provider #1942

merged 5 commits into from
Feb 7, 2025

Conversation

swenson
Copy link
Contributor

@swenson swenson commented Feb 5, 2025

Some new methods were added to the ImageGeneratorCrypto trait but the RustCrypto implementation was not updated, so the build was failing when using the rustcrypto feature flag.

Also, the RustCrypto provider was specifying compressed points for ECDSA public keys, even though for OpenSSL we always use uncompressed, which was causing keys not to be parsed correctly with the RustCrypto provider.

To ensure that won't happen again, we also add a test that the workspace members that use the rustcrypto feature flag are now built with both sets of flags.

We also add an option to print the vendor and owner PK hashes when building a firmware image bundle. This makes it easier to test the recovery flow.

@swenson swenson requested a review from jhand2 February 5, 2025 00:02
@swenson swenson added the Caliptra v2.0 Items to be considered for v2.0 Release label Feb 5, 2025
@swenson swenson force-pushed the print-hashes-rustcrypto-fixes branch from 2cbfc02 to 1385adc Compare February 5, 2025 17:42
@swenson
image: Implement new methods for RustCrypto provider
3dcd6a3 
Some new methods were added to the image crypto trait but the rustcrypto
provider was not updated, so the build was failing with rustcrypto.

Also, the rustcrypto provider was specifying compressed points for ECDSA
public keys, even though for OpenSSL we always use uncompressed, which
was causing keys not to be parsed correctly in RustCrypto.

To ensure that won't happen again, we also add a test that the workspace
members that use rustcrypto are now built with both sets of flags.

We also add an option to print the vendor and owner PK hashes when
building an firmware image bundle. This makes it easier to test the
recovery flow.
@swenson swenson force-pushed the print-hashes-rustcrypto-fixes branch from 1385adc to 3dcd6a3 Compare February 5, 2025 18:13
jhand2
jhand2 reviewed Feb 5, 2025
View reviewed changes
image/app/src/create/mod.rs Outdated Show resolved Hide resolved
image/crypto/src/rustcrypto.rs Outdated Show resolved Hide resolved
@swenson
Copy link
Contributor Author

swenson commented Feb 7, 2025

Thanks!

@mhatrevi mhatrevi enabled auto-merge (squash) February 7, 2025 23:14
@mhatrevi mhatrevi merged commit 848fc8a into main-2.x Feb 7, 2025
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jhand2 jhand2 jhand2 approved these changes

@ArthurHeymans ArthurHeymans ArthurHeymans approved these changes

@mhatrevi mhatrevi mhatrevi approved these changes

@ajisaxena ajisaxena Awaiting requested review from ajisaxena ajisaxena is a code owner

@vsonims vsonims Awaiting requested review from vsonims vsonims is a code owner

@korran korran Awaiting requested review from korran korran is a code owner

@JohnTraverAmd JohnTraverAmd Awaiting requested review from JohnTraverAmd JohnTraverAmd is a code owner

Assignees
No one assigned
Labels
Caliptra v2.0 Items to be considered for v2.0 Release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@swenson @jhand2 @ArthurHeymans @mhatrevi