Update mcuboot and tools to use RSA-PSS

Description

The RSA signature code in mcuboot is based on PKCS#1 v1.5, which uses a fixed padding. The latest version of this spec PKCS#1 v2.1/RFC3447 recommends that new applications be designed around a newer RSA-PSS padding. Although there are no known weaknesses at this time in the v1.5 padding, the PSS padding has a security proof.

The change in mcuboot itself is likely a matter of configuring the build of mbedTLS. Both Go and pycrypto support RSA-PSS, so changes to these tools to support signing with RSA-PSS are also small changes.

This should start with an analysis of the code size changes, and the signature performance.

Status

Assignee

David Brown

Reporter

David Brown

Labels

None

Components

Fix versions

Priority

Medium