From 9d46ee0758dbc7a8625174370aff5fb8334f8170 Mon Sep 17 00:00:00 2001 From: Ulf Lilleengen Date: Tue, 19 Dec 2023 20:24:55 +0100 Subject: [PATCH 1/5] fix: update salty to released version --- embassy-boot/boot/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/embassy-boot/boot/Cargo.toml b/embassy-boot/boot/Cargo.toml index dd2ff8158..f0810f418 100644 --- a/embassy-boot/boot/Cargo.toml +++ b/embassy-boot/boot/Cargo.toml @@ -31,7 +31,7 @@ embassy-embedded-hal = { version = "0.1.0", path = "../../embassy-embedded-hal" embassy-sync = { version = "0.5.0", path = "../../embassy-sync" } embedded-storage = "0.3.1" embedded-storage-async = { version = "0.4.1" } -salty = { git = "https://github.com/ycrypto/salty.git", rev = "a9f17911a5024698406b75c0fac56ab5ccf6a8c7", optional = true } +salty = { version = "0.3", optional = true } signature = { version = "1.6.4", default-features = false } [dev-dependencies] From efd5dbe0196a71527777d949261cb7bbb7bee376 Mon Sep 17 00:00:00 2001 From: Ulf Lilleengen Date: Tue, 19 Dec 2023 20:25:20 +0100 Subject: [PATCH 2/5] fix: build warnings --- embassy-boot/boot/Cargo.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/embassy-boot/boot/Cargo.toml b/embassy-boot/boot/Cargo.toml index f0810f418..f63ea92cf 100644 --- a/embassy-boot/boot/Cargo.toml +++ b/embassy-boot/boot/Cargo.toml @@ -43,6 +43,7 @@ sha1 = "0.10.5" critical-section = { version = "1.1.1", features = ["std"] } [dev-dependencies.ed25519-dalek] +version = "1.0.1" default_features = false features = ["rand", "std", "u32_backend"] From 12de90e13dd564e3f3f445f00ca2be622ad2c7fe Mon Sep 17 00:00:00 2001 From: Ulf Lilleengen Date: Tue, 19 Dec 2023 21:20:30 +0100 Subject: [PATCH 3/5] fix: update ed25519-dalek to new version --- embassy-boot/boot/Cargo.toml | 4 ++-- .../boot/src/digest_adapters/ed25519_dalek.rs | 4 ++-- .../boot/src/firmware_updater/asynch.rs | 17 +++++++---------- .../boot/src/firmware_updater/blocking.rs | 17 +++++++---------- 4 files changed, 18 insertions(+), 24 deletions(-) diff --git a/embassy-boot/boot/Cargo.toml b/embassy-boot/boot/Cargo.toml index f63ea92cf..e47776d62 100644 --- a/embassy-boot/boot/Cargo.toml +++ b/embassy-boot/boot/Cargo.toml @@ -26,13 +26,13 @@ features = ["defmt"] defmt = { version = "0.3", optional = true } digest = "0.10" log = { version = "0.4", optional = true } -ed25519-dalek = { version = "1.0.1", default_features = false, features = ["u32_backend"], optional = true } +ed25519-dalek = { version = "2", default_features = false, features = ["digest"], optional = true } embassy-embedded-hal = { version = "0.1.0", path = "../../embassy-embedded-hal" } embassy-sync = { version = "0.5.0", path = "../../embassy-sync" } embedded-storage = "0.3.1" embedded-storage-async = { version = "0.4.1" } salty = { version = "0.3", optional = true } -signature = { version = "1.6.4", default-features = false } +signature = { version = "2.2", default-features = false } [dev-dependencies] log = "0.4" diff --git a/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs b/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs index a184d1c51..2e4e03da3 100644 --- a/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs +++ b/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs @@ -1,6 +1,6 @@ use digest::typenum::U64; use digest::{FixedOutput, HashMarker, OutputSizeUser, Update}; -use ed25519_dalek::Digest as _; +use ed25519_dalek::Digest; pub struct Sha512(ed25519_dalek::Sha512); @@ -12,7 +12,7 @@ impl Default for Sha512 { impl Update for Sha512 { fn update(&mut self, data: &[u8]) { - self.0.update(data) + Digest::update(&mut self.0, data) } } diff --git a/embassy-boot/boot/src/firmware_updater/asynch.rs b/embassy-boot/boot/src/firmware_updater/asynch.rs index d8d85c3d2..4af5a087d 100644 --- a/embassy-boot/boot/src/firmware_updater/asynch.rs +++ b/embassy-boot/boot/src/firmware_updater/asynch.rs @@ -79,8 +79,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> { #[cfg(feature = "_verify")] pub async fn verify_and_mark_updated( &mut self, - _public_key: &[u8], - _signature: &[u8], + _public_key: &[u8; 32], + _signature: &[u8; 64], _update_len: u32, ) -> Result<(), FirmwareUpdaterError> { assert!(_update_len <= self.dfu.capacity() as u32); @@ -89,14 +89,14 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> { #[cfg(feature = "ed25519-dalek")] { - use ed25519_dalek::{PublicKey, Signature, SignatureError, Verifier}; + use ed25519_dalek::{VerifyingKey, Signature, SignatureError, Verifier}; use crate::digest_adapters::ed25519_dalek::Sha512; let into_signature_error = |e: SignatureError| FirmwareUpdaterError::Signature(e.into()); - let public_key = PublicKey::from_bytes(_public_key).map_err(into_signature_error)?; - let signature = Signature::from_bytes(_signature).map_err(into_signature_error)?; + let public_key = VerifyingKey::from_bytes(_public_key).map_err(into_signature_error)?; + let signature = Signature::from_bytes(_signature); let mut chunk_buf = [0; 2]; let mut message = [0; 64]; @@ -106,7 +106,6 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> { } #[cfg(feature = "ed25519-salty")] { - use salty::constants::{PUBLICKEY_SERIALIZED_LENGTH, SIGNATURE_SERIALIZED_LENGTH}; use salty::{PublicKey, Signature}; use crate::digest_adapters::salty::Sha512; @@ -115,10 +114,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> { FirmwareUpdaterError::Signature(signature::Error::default()) } - let public_key: [u8; PUBLICKEY_SERIALIZED_LENGTH] = _public_key.try_into().map_err(into_signature_error)?; - let public_key = PublicKey::try_from(&public_key).map_err(into_signature_error)?; - let signature: [u8; SIGNATURE_SERIALIZED_LENGTH] = _signature.try_into().map_err(into_signature_error)?; - let signature = Signature::try_from(&signature).map_err(into_signature_error)?; + let public_key = PublicKey::try_from(_public_key).map_err(into_signature_error)?; + let signature = Signature::try_from(_signature).map_err(into_signature_error)?; let mut message = [0; 64]; let mut chunk_buf = [0; 2]; diff --git a/embassy-boot/boot/src/firmware_updater/blocking.rs b/embassy-boot/boot/src/firmware_updater/blocking.rs index c4c142169..f1368540d 100644 --- a/embassy-boot/boot/src/firmware_updater/blocking.rs +++ b/embassy-boot/boot/src/firmware_updater/blocking.rs @@ -86,8 +86,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE> #[cfg(feature = "_verify")] pub fn verify_and_mark_updated( &mut self, - _public_key: &[u8], - _signature: &[u8], + _public_key: &[u8; 32], + _signature: &[u8; 64], _update_len: u32, ) -> Result<(), FirmwareUpdaterError> { assert!(_update_len <= self.dfu.capacity() as u32); @@ -96,14 +96,14 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE> #[cfg(feature = "ed25519-dalek")] { - use ed25519_dalek::{PublicKey, Signature, SignatureError, Verifier}; + use ed25519_dalek::{Signature, SignatureError, Verifier, VerifyingKey}; use crate::digest_adapters::ed25519_dalek::Sha512; let into_signature_error = |e: SignatureError| FirmwareUpdaterError::Signature(e.into()); - let public_key = PublicKey::from_bytes(_public_key).map_err(into_signature_error)?; - let signature = Signature::from_bytes(_signature).map_err(into_signature_error)?; + let public_key = VerifyingKey::from_bytes(_public_key).map_err(into_signature_error)?; + let signature = Signature::from_bytes(_signature); let mut message = [0; 64]; let mut chunk_buf = [0; 2]; @@ -113,7 +113,6 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE> } #[cfg(feature = "ed25519-salty")] { - use salty::constants::{PUBLICKEY_SERIALIZED_LENGTH, SIGNATURE_SERIALIZED_LENGTH}; use salty::{PublicKey, Signature}; use crate::digest_adapters::salty::Sha512; @@ -122,10 +121,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE> FirmwareUpdaterError::Signature(signature::Error::default()) } - let public_key: [u8; PUBLICKEY_SERIALIZED_LENGTH] = _public_key.try_into().map_err(into_signature_error)?; - let public_key = PublicKey::try_from(&public_key).map_err(into_signature_error)?; - let signature: [u8; SIGNATURE_SERIALIZED_LENGTH] = _signature.try_into().map_err(into_signature_error)?; - let signature = Signature::try_from(&signature).map_err(into_signature_error)?; + let public_key = PublicKey::try_from(_public_key).map_err(into_signature_error)?; + let signature = Signature::try_from(_signature).map_err(into_signature_error)?; let mut message = [0; 64]; let mut chunk_buf = [0; 2]; From 4567b874826e30f54dbd0e5d12b6f0243e284be3 Mon Sep 17 00:00:00 2001 From: Ulf Lilleengen Date: Tue, 19 Dec 2023 21:21:52 +0100 Subject: [PATCH 4/5] cargo fmt --- embassy-boot/boot/src/firmware_updater/asynch.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/embassy-boot/boot/src/firmware_updater/asynch.rs b/embassy-boot/boot/src/firmware_updater/asynch.rs index 4af5a087d..64a4b32ec 100644 --- a/embassy-boot/boot/src/firmware_updater/asynch.rs +++ b/embassy-boot/boot/src/firmware_updater/asynch.rs @@ -89,7 +89,7 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> { #[cfg(feature = "ed25519-dalek")] { - use ed25519_dalek::{VerifyingKey, Signature, SignatureError, Verifier}; + use ed25519_dalek::{Signature, SignatureError, Verifier, VerifyingKey}; use crate::digest_adapters::ed25519_dalek::Sha512; From c7841a37fab60a9f017c4aa7ea3f0c9b0c2aba0d Mon Sep 17 00:00:00 2001 From: Dario Nieuwenhuis Date: Tue, 19 Dec 2023 22:26:50 +0100 Subject: [PATCH 5/5] boot: update ed25519-dalek in dev-dependencies. --- embassy-boot/boot/Cargo.toml | 10 +++------- embassy-boot/boot/src/lib.rs | 8 +++----- 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/embassy-boot/boot/Cargo.toml b/embassy-boot/boot/Cargo.toml index e47776d62..3c84ffcd3 100644 --- a/embassy-boot/boot/Cargo.toml +++ b/embassy-boot/boot/Cargo.toml @@ -32,20 +32,16 @@ embassy-sync = { version = "0.5.0", path = "../../embassy-sync" } embedded-storage = "0.3.1" embedded-storage-async = { version = "0.4.1" } salty = { version = "0.3", optional = true } -signature = { version = "2.2", default-features = false } +signature = { version = "2.0", default-features = false } [dev-dependencies] log = "0.4" env_logger = "0.9" -rand = "0.7" # ed25519-dalek v1.0.1 depends on this exact version +rand = "0.8" futures = { version = "0.3", features = ["executor"] } sha1 = "0.10.5" critical-section = { version = "1.1.1", features = ["std"] } - -[dev-dependencies.ed25519-dalek] -version = "1.0.1" -default_features = false -features = ["rand", "std", "u32_backend"] +ed25519-dalek = { version = "2", default_features = false, features = ["std", "rand_core", "digest"] } [features] ed25519-dalek = ["dep:ed25519-dalek", "_verify"] diff --git a/embassy-boot/boot/src/lib.rs b/embassy-boot/boot/src/lib.rs index 15b69f69d..b4f03e01e 100644 --- a/embassy-boot/boot/src/lib.rs +++ b/embassy-boot/boot/src/lib.rs @@ -275,21 +275,19 @@ mod tests { // The following key setup is based on: // https://docs.rs/ed25519-dalek/latest/ed25519_dalek/#example - use ed25519_dalek::Keypair; + use ed25519_dalek::{Digest, Sha512, Signature, Signer, SigningKey, VerifyingKey}; use rand::rngs::OsRng; let mut csprng = OsRng {}; - let keypair: Keypair = Keypair::generate(&mut csprng); + let keypair = SigningKey::generate(&mut csprng); - use ed25519_dalek::{Digest, Sha512, Signature, Signer}; let firmware: &[u8] = b"This are bytes that would otherwise be firmware bytes for DFU."; let mut digest = Sha512::new(); digest.update(&firmware); let message = digest.finalize(); let signature: Signature = keypair.sign(&message); - use ed25519_dalek::PublicKey; - let public_key: PublicKey = keypair.public; + let public_key = keypair.verifying_key(); // Setup flash let flash = BlockingTestFlash::new(BootLoaderConfig {