Skip to content

Backport 26594 ([ownership] Allow use of detached signatures in flash ) #29018

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pamaury wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Backport 26594 ([ownership] Allow use of detached signatures in flash ) #29018

pamaury wants to merge 5 commits into from
+483 −557

Conversation

@pamaury
Copy link
Contributor

@pamaury pamaury commented Jan 1, 2026
edited
Loading

Backport #26594. Depends on #28992. Only review the last 2 commits.

@cfrantz @pamaury
[ownership] Consolidate key data into owner_keydata_t
ea34c52 
1. Consolidate public key data into `owner_keydata_t`.
2. Eliminate RSA as a supported algorithm.

Signed-off-by: Chris Frantz <cfrantz@google.com>
(cherry picked from commit f785f1b)
@cfrantz @pamaury
[rom_ext] Refactor signature verificaion functions
601c59b 
Refactor the ROM_EXT signature verification functions into a verify
function that can be used both for validating application payloads and
ownership operations.

Signed-off-by: Chris Frantz <cfrantz@google.com>
(cherry picked from commit 28a96b5)
@cfrantz @pamaury
[rom_ext] Remove the rom_ext:sigverify_keys target
112e064 
This target is a left-over from pre-ownership RSA verification and is no
longer needed.

Signed-off-by: Chris Frantz <cfrantz@google.com>
(cherry picked from commit 81f7aac)
@pamaury pamaury requested a review from a team as a code owner January 1, 2026 21:00
@pamaury pamaury requested review from cfrantz, jwnrt and moidx and removed request for a team January 1, 2026 21:00
cfrantz added 2 commits January 1, 2026 22:14
@cfrantz @pamaury
[ownership] Allow use of detached signatures in flash
04ff46c 
Allow using detached signatures in flash for owner operations.
1. A detached signature is detected when the 64-byte built-in ECDSA
   signature field is all zeros.
2. The entire flash DATA region is scanned for a detached signature.
   The signature must be aligned on a flash page boundary and must
   contain the command/entity that it is signing and the current ROM_EXT
   nonce.

Signed-off-by: Chris Frantz <cfrantz@google.com>
(cherry picked from commit 284716b)
@cfrantz @pamaury
[ownership] Remove auxilliary ECDSA library
961e5ed 
The auxilliary ECDSA wrapper library was added at the start of ownership
development because we had not yet created our own implmentation using the
OTBN accelerator.  Now that owner signature verification is consolidated
into `owner_verify`, we no longer need the ECDSA wrapper library.

Signed-off-by: Chris Frantz <cfrantz@google.com>
(cherry picked from commit 4d44b10)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@moidx moidx Awaiting requested review from moidx moidx is a code owner automatically assigned from lowRISC/ot-c-cpp-reviewers

@cfrantz cfrantz Awaiting requested review from cfrantz

@jwnrt jwnrt Awaiting requested review from jwnrt

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pamaury @cfrantz