5 files changed, 24 insertions, 35 deletions
diff --git a/embassy-boot/boot/Cargo.toml b/embassy-boot/boot/Cargo.toml
index dd2ff8158..3c84ffcd3 100644
--- a/embassy-boot/boot/Cargo.toml
+++ b/embassy-boot/boot/Cargo.toml
@@ -26,25 +26,22 @@ features = ["defmt"]
 defmt = { version = "0.3", optional = true }
 digest = "0.10"
 log = { version = "0.4", optional = true }
-ed25519-dalek = { version = "1.0.1", default_features = false, features = ["u32_backend"], optional = true }
+ed25519-dalek = { version = "2", default_features = false, features = ["digest"], optional = true }
 embassy-embedded-hal = { version = "0.1.0", path = "../../embassy-embedded-hal" }
 embassy-sync = { version = "0.5.0", path = "../../embassy-sync" }
 embedded-storage = "0.3.1"
 embedded-storage-async = { version = "0.4.1" }
-salty = { git = "https://github.com/ycrypto/salty.git", rev = "a9f17911a5024698406b75c0fac56ab5ccf6a8c7", optional = true }
+salty = { version = "0.3", optional = true }
-signature = { version = "1.6.4", default-features = false }
+signature = { version = "2.0", default-features = false }
 [dev-dependencies]
 log = "0.4"
 env_logger = "0.9"
-rand = "0.7" # ed25519-dalek v1.0.1 depends on this exact version
+rand = "0.8"
 futures = { version = "0.3", features = ["executor"] }
 sha1 = "0.10.5"
 critical-section = { version = "1.1.1", features = ["std"] }
+ed25519-dalek = { version = "2", default_features = false, features = ["std", "rand_core", "digest"]  }
-[dev-dependencies.ed25519-dalek]
-default_features = false
-features = ["rand", "std", "u32_backend"]
 [features]
 ed25519-dalek = ["dep:ed25519-dalek", "_verify"]
diff --git a/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs b/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs
index a184d1c51..2e4e03da3 100644
--- a/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs
+++ b/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs
@@ -1,6 +1,6 @@
 use digest::typenum::U64;
 use digest::{FixedOutput, HashMarker, OutputSizeUser, Update};
-use ed25519_dalek::Digest as _;
+use ed25519_dalek::Digest;
 pub struct Sha512(ed25519_dalek::Sha512);
@@ -12,7 +12,7 @@ impl Default for Sha512 {
 impl Update for Sha512 {
    fn update(&mut self, data: &[u8]) {
-        self.0.update(data)
+        Digest::update(&mut self.0, data)
    }
 }
diff --git a/embassy-boot/boot/src/firmware_updater/asynch.rs b/embassy-boot/boot/src/firmware_updater/asynch.rs
index d8d85c3d2..64a4b32ec 100644
--- a/embassy-boot/boot/src/firmware_updater/asynch.rs
+++ b/embassy-boot/boot/src/firmware_updater/asynch.rs
@@ -79,8 +79,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> {
    #[cfg(feature = "_verify")]
    pub async fn verify_and_mark_updated(
        &mut self,
-        _public_key: &[u8],
+        _public_key: &[u8; 32],
-        _signature: &[u8],
+        _signature: &[u8; 64],
        _update_len: u32,
    ) -> Result<(), FirmwareUpdaterError> {
        assert!(_update_len <= self.dfu.capacity() as u32);
@@ -89,14 +89,14 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> {
        #[cfg(feature = "ed25519-dalek")]
        {
-            use ed25519_dalek::{PublicKey, Signature, SignatureError, Verifier};
+            use ed25519_dalek::{Signature, SignatureError, Verifier, VerifyingKey};
            use crate::digest_adapters::ed25519_dalek::Sha512;
            let into_signature_error = |e: SignatureError| FirmwareUpdaterError::Signature(e.into());
-            let public_key = PublicKey::from_bytes(_public_key).map_err(into_signature_error)?;
+            let public_key = VerifyingKey::from_bytes(_public_key).map_err(into_signature_error)?;
-            let signature = Signature::from_bytes(_signature).map_err(into_signature_error)?;
+            let signature = Signature::from_bytes(_signature);
            let mut chunk_buf = [0; 2];
            let mut message = [0; 64];
@@ -106,7 +106,6 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> {
        }
        #[cfg(feature = "ed25519-salty")]
        {
-            use salty::constants::{PUBLICKEY_SERIALIZED_LENGTH, SIGNATURE_SERIALIZED_LENGTH};
            use salty::{PublicKey, Signature};
            use crate::digest_adapters::salty::Sha512;
@@ -115,10 +114,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> {
                FirmwareUpdaterError::Signature(signature::Error::default())
            }
-            let public_key: [u8; PUBLICKEY_SERIALIZED_LENGTH] = _public_key.try_into().map_err(into_signature_error)?;
+            let public_key = PublicKey::try_from(_public_key).map_err(into_signature_error)?;
-            let public_key = PublicKey::try_from(&public_key).map_err(into_signature_error)?;
+            let signature = Signature::try_from(_signature).map_err(into_signature_error)?;
-            let signature: [u8; SIGNATURE_SERIALIZED_LENGTH] = _signature.try_into().map_err(into_signature_error)?;
-            let signature = Signature::try_from(&signature).map_err(into_signature_error)?;
            let mut message = [0; 64];
            let mut chunk_buf = [0; 2];
diff --git a/embassy-boot/boot/src/firmware_updater/blocking.rs b/embassy-boot/boot/src/firmware_updater/blocking.rs
index c4c142169..f1368540d 100644
--- a/embassy-boot/boot/src/firmware_updater/blocking.rs
+++ b/embassy-boot/boot/src/firmware_updater/blocking.rs
@@ -86,8 +86,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE>
    #[cfg(feature = "_verify")]
    pub fn verify_and_mark_updated(
        &mut self,
-        _public_key: &[u8],
+        _public_key: &[u8; 32],
-        _signature: &[u8],
+        _signature: &[u8; 64],
        _update_len: u32,
    ) -> Result<(), FirmwareUpdaterError> {
        assert!(_update_len <= self.dfu.capacity() as u32);
@@ -96,14 +96,14 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE>
        #[cfg(feature = "ed25519-dalek")]
        {
-            use ed25519_dalek::{PublicKey, Signature, SignatureError, Verifier};
+            use ed25519_dalek::{Signature, SignatureError, Verifier, VerifyingKey};
            use crate::digest_adapters::ed25519_dalek::Sha512;
            let into_signature_error = |e: SignatureError| FirmwareUpdaterError::Signature(e.into());
-            let public_key = PublicKey::from_bytes(_public_key).map_err(into_signature_error)?;
+            let public_key = VerifyingKey::from_bytes(_public_key).map_err(into_signature_error)?;
-            let signature = Signature::from_bytes(_signature).map_err(into_signature_error)?;
+            let signature = Signature::from_bytes(_signature);
            let mut message = [0; 64];
            let mut chunk_buf = [0; 2];
@@ -113,7 +113,6 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE>
        }
        #[cfg(feature = "ed25519-salty")]
        {
-            use salty::constants::{PUBLICKEY_SERIALIZED_LENGTH, SIGNATURE_SERIALIZED_LENGTH};
            use salty::{PublicKey, Signature};
            use crate::digest_adapters::salty::Sha512;
@@ -122,10 +121,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE>
                FirmwareUpdaterError::Signature(signature::Error::default())
            }
-            let public_key: [u8; PUBLICKEY_SERIALIZED_LENGTH] = _public_key.try_into().map_err(into_signature_error)?;
+            let public_key = PublicKey::try_from(_public_key).map_err(into_signature_error)?;
-            let public_key = PublicKey::try_from(&public_key).map_err(into_signature_error)?;
+            let signature = Signature::try_from(_signature).map_err(into_signature_error)?;
-            let signature: [u8; SIGNATURE_SERIALIZED_LENGTH] = _signature.try_into().map_err(into_signature_error)?;
-            let signature = Signature::try_from(&signature).map_err(into_signature_error)?;
            let mut message = [0; 64];
            let mut chunk_buf = [0; 2];
diff --git a/embassy-boot/boot/src/lib.rs b/embassy-boot/boot/src/lib.rs
index 15b69f69d..b4f03e01e 100644
--- a/embassy-boot/boot/src/lib.rs
+++ b/embassy-boot/boot/src/lib.rs
@@ -275,21 +275,19 @@ mod tests {
        // The following key setup is based on:
        // https://docs.rs/ed25519-dalek/latest/ed25519_dalek/#example
-        use ed25519_dalek::Keypair;
+        use ed25519_dalek::{Digest, Sha512, Signature, Signer, SigningKey, VerifyingKey};
        use rand::rngs::OsRng;
        let mut csprng = OsRng {};
-        let keypair: Keypair = Keypair::generate(&mut csprng);
+        let keypair = SigningKey::generate(&mut csprng);
-        use ed25519_dalek::{Digest, Sha512, Signature, Signer};
        let firmware: &[u8] = b"This are bytes that would otherwise be firmware bytes for DFU.";
        let mut digest = Sha512::new();
        digest.update(&firmware);
        let message = digest.finalize();
        let signature: Signature = keypair.sign(&message);
-        use ed25519_dalek::PublicKey;
+        let public_key = keypair.verifying_key();
-        let public_key: PublicKey = keypair.public;
        // Setup flash
        let flash = BlockingTestFlash::new(BootLoaderConfig {

diff --git a/embassy-boot/boot/Cargo.toml b/embassy-boot/boot/Cargo.toml index dd2ff8158..3c84ffcd3 100644 --- a/embassy-boot/boot/Cargo.toml +++ b/embassy-boot/boot/Cargo.toml
@@ -26,25 +26,22 @@ features = ["defmt"]
26	defmt = { version = "0.3", optional = true }	26	defmt = { version = "0.3", optional = true }
27	digest = "0.10"	27	digest = "0.10"
28	log = { version = "0.4", optional = true }	28	log = { version = "0.4", optional = true }
29	ed25519-dalek = { version = "1.0.1", default_features = false, features = ["u32_backend"], optional = true }	29	ed25519-dalek = { version = "2", default_features = false, features = ["digest"], optional = true }
30	embassy-embedded-hal = { version = "0.1.0", path = "../../embassy-embedded-hal" }	30	embassy-embedded-hal = { version = "0.1.0", path = "../../embassy-embedded-hal" }
31	embassy-sync = { version = "0.5.0", path = "../../embassy-sync" }	31	embassy-sync = { version = "0.5.0", path = "../../embassy-sync" }
32	embedded-storage = "0.3.1"	32	embedded-storage = "0.3.1"
33	embedded-storage-async = { version = "0.4.1" }	33	embedded-storage-async = { version = "0.4.1" }
34	salty = { git = "https://github.com/ycrypto/salty.git", rev = "a9f17911a5024698406b75c0fac56ab5ccf6a8c7", optional = true }	34	salty = { version = "0.3", optional = true }
35	signature = { version = "1.6.4", default-features = false }	35	signature = { version = "2.0", default-features = false }
36		36
37	[dev-dependencies]	37	[dev-dependencies]
38	log = "0.4"	38	log = "0.4"
39	env_logger = "0.9"	39	env_logger = "0.9"
40	rand = "0.7" # ed25519-dalek v1.0.1 depends on this exact version	40	rand = "0.8"
41	futures = { version = "0.3", features = ["executor"] }	41	futures = { version = "0.3", features = ["executor"] }
42	sha1 = "0.10.5"	42	sha1 = "0.10.5"
43	critical-section = { version = "1.1.1", features = ["std"] }	43	critical-section = { version = "1.1.1", features = ["std"] }
44		44	ed25519-dalek = { version = "2", default_features = false, features = ["std", "rand_core", "digest"] }
45	[dev-dependencies.ed25519-dalek]
46	default_features = false
47	features = ["rand", "std", "u32_backend"]
48		45
49	[features]	46	[features]
50	ed25519-dalek = ["dep:ed25519-dalek", "_verify"]	47	ed25519-dalek = ["dep:ed25519-dalek", "_verify"]


diff --git a/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs b/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs index a184d1c51..2e4e03da3 100644 --- a/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs +++ b/embassy-boot/boot/src/digest_adapters/ed25519_dalek.rs
@@ -1,6 +1,6 @@
1	use digest::typenum::U64;	1	use digest::typenum::U64;
2	use digest::{FixedOutput, HashMarker, OutputSizeUser, Update};	2	use digest::{FixedOutput, HashMarker, OutputSizeUser, Update};
3	use ed25519_dalek::Digest as _;	3	use ed25519_dalek::Digest;
4		4
5	pub struct Sha512(ed25519_dalek::Sha512);	5	pub struct Sha512(ed25519_dalek::Sha512);
6		6
@@ -12,7 +12,7 @@ impl Default for Sha512 {
12		12
13	impl Update for Sha512 {	13	impl Update for Sha512 {
14	fn update(&mut self, data: &[u8]) {	14	fn update(&mut self, data: &[u8]) {
15	self.0.update(data)	15	Digest::update(&mut self.0, data)
16	}	16	}
17	}	17	}
18		18


diff --git a/embassy-boot/boot/src/firmware_updater/asynch.rs b/embassy-boot/boot/src/firmware_updater/asynch.rs index d8d85c3d2..64a4b32ec 100644 --- a/embassy-boot/boot/src/firmware_updater/asynch.rs +++ b/embassy-boot/boot/src/firmware_updater/asynch.rs
@@ -79,8 +79,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> {
79	#[cfg(feature = "_verify")]	79	#[cfg(feature = "_verify")]
80	pub async fn verify_and_mark_updated(	80	pub async fn verify_and_mark_updated(
81	&mut self,	81	&mut self,
82	_public_key: &[u8],	82	_public_key: &[u8; 32],
83	_signature: &[u8],	83	_signature: &[u8; 64],
84	_update_len: u32,	84	_update_len: u32,
85	) -> Result<(), FirmwareUpdaterError> {	85	) -> Result<(), FirmwareUpdaterError> {
86	assert!(_update_len <= self.dfu.capacity() as u32);	86	assert!(_update_len <= self.dfu.capacity() as u32);
@@ -89,14 +89,14 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> {
89		89
90	#[cfg(feature = "ed25519-dalek")]	90	#[cfg(feature = "ed25519-dalek")]
91	{	91	{
92	use ed25519_dalek::{PublicKey, Signature, SignatureError, Verifier};	92	use ed25519_dalek::{Signature, SignatureError, Verifier, VerifyingKey};
93		93
94	use crate::digest_adapters::ed25519_dalek::Sha512;	94	use crate::digest_adapters::ed25519_dalek::Sha512;
95		95
96	let into_signature_error = \|e: SignatureError\| FirmwareUpdaterError::Signature(e.into());	96	let into_signature_error = \|e: SignatureError\| FirmwareUpdaterError::Signature(e.into());
97		97
98	let public_key = PublicKey::from_bytes(_public_key).map_err(into_signature_error)?;	98	let public_key = VerifyingKey::from_bytes(_public_key).map_err(into_signature_error)?;
99	let signature = Signature::from_bytes(_signature).map_err(into_signature_error)?;	99	let signature = Signature::from_bytes(_signature);
100		100
101	let mut chunk_buf = [0; 2];	101	let mut chunk_buf = [0; 2];
102	let mut message = [0; 64];	102	let mut message = [0; 64];
@@ -106,7 +106,6 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> {
106	}	106	}
107	#[cfg(feature = "ed25519-salty")]	107	#[cfg(feature = "ed25519-salty")]
108	{	108	{
109	use salty::constants::{PUBLICKEY_SERIALIZED_LENGTH, SIGNATURE_SERIALIZED_LENGTH};
110	use salty::{PublicKey, Signature};	109	use salty::{PublicKey, Signature};
111		110
112	use crate::digest_adapters::salty::Sha512;	111	use crate::digest_adapters::salty::Sha512;
@@ -115,10 +114,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> FirmwareUpdater<'d, DFU, STATE> {
115	FirmwareUpdaterError::Signature(signature::Error::default())	114	FirmwareUpdaterError::Signature(signature::Error::default())
116	}	115	}
117		116
118	let public_key: [u8; PUBLICKEY_SERIALIZED_LENGTH] = _public_key.try_into().map_err(into_signature_error)?;	117	let public_key = PublicKey::try_from(_public_key).map_err(into_signature_error)?;
119	let public_key = PublicKey::try_from(&public_key).map_err(into_signature_error)?;	118	let signature = Signature::try_from(_signature).map_err(into_signature_error)?;
120	let signature: [u8; SIGNATURE_SERIALIZED_LENGTH] = _signature.try_into().map_err(into_signature_error)?;
121	let signature = Signature::try_from(&signature).map_err(into_signature_error)?;
122		119
123	let mut message = [0; 64];	120	let mut message = [0; 64];
124	let mut chunk_buf = [0; 2];	121	let mut chunk_buf = [0; 2];


diff --git a/embassy-boot/boot/src/firmware_updater/blocking.rs b/embassy-boot/boot/src/firmware_updater/blocking.rs index c4c142169..f1368540d 100644 --- a/embassy-boot/boot/src/firmware_updater/blocking.rs +++ b/embassy-boot/boot/src/firmware_updater/blocking.rs
@@ -86,8 +86,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE>
86	#[cfg(feature = "_verify")]	86	#[cfg(feature = "_verify")]
87	pub fn verify_and_mark_updated(	87	pub fn verify_and_mark_updated(
88	&mut self,	88	&mut self,
89	_public_key: &[u8],	89	_public_key: &[u8; 32],
90	_signature: &[u8],	90	_signature: &[u8; 64],
91	_update_len: u32,	91	_update_len: u32,
92	) -> Result<(), FirmwareUpdaterError> {	92	) -> Result<(), FirmwareUpdaterError> {
93	assert!(_update_len <= self.dfu.capacity() as u32);	93	assert!(_update_len <= self.dfu.capacity() as u32);
@@ -96,14 +96,14 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE>
96		96
97	#[cfg(feature = "ed25519-dalek")]	97	#[cfg(feature = "ed25519-dalek")]
98	{	98	{
99	use ed25519_dalek::{PublicKey, Signature, SignatureError, Verifier};	99	use ed25519_dalek::{Signature, SignatureError, Verifier, VerifyingKey};
100		100
101	use crate::digest_adapters::ed25519_dalek::Sha512;	101	use crate::digest_adapters::ed25519_dalek::Sha512;
102		102
103	let into_signature_error = \|e: SignatureError\| FirmwareUpdaterError::Signature(e.into());	103	let into_signature_error = \|e: SignatureError\| FirmwareUpdaterError::Signature(e.into());
104		104
105	let public_key = PublicKey::from_bytes(_public_key).map_err(into_signature_error)?;	105	let public_key = VerifyingKey::from_bytes(_public_key).map_err(into_signature_error)?;
106	let signature = Signature::from_bytes(_signature).map_err(into_signature_error)?;	106	let signature = Signature::from_bytes(_signature);
107		107
108	let mut message = [0; 64];	108	let mut message = [0; 64];
109	let mut chunk_buf = [0; 2];	109	let mut chunk_buf = [0; 2];
@@ -113,7 +113,6 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE>
113	}	113	}
114	#[cfg(feature = "ed25519-salty")]	114	#[cfg(feature = "ed25519-salty")]
115	{	115	{
116	use salty::constants::{PUBLICKEY_SERIALIZED_LENGTH, SIGNATURE_SERIALIZED_LENGTH};
117	use salty::{PublicKey, Signature};	116	use salty::{PublicKey, Signature};
118		117
119	use crate::digest_adapters::salty::Sha512;	118	use crate::digest_adapters::salty::Sha512;
@@ -122,10 +121,8 @@ impl<'d, DFU: NorFlash, STATE: NorFlash> BlockingFirmwareUpdater<'d, DFU, STATE>
122	FirmwareUpdaterError::Signature(signature::Error::default())	121	FirmwareUpdaterError::Signature(signature::Error::default())
123	}	122	}
124		123
125	let public_key: [u8; PUBLICKEY_SERIALIZED_LENGTH] = _public_key.try_into().map_err(into_signature_error)?;	124	let public_key = PublicKey::try_from(_public_key).map_err(into_signature_error)?;
126	let public_key = PublicKey::try_from(&public_key).map_err(into_signature_error)?;	125	let signature = Signature::try_from(_signature).map_err(into_signature_error)?;
127	let signature: [u8; SIGNATURE_SERIALIZED_LENGTH] = _signature.try_into().map_err(into_signature_error)?;
128	let signature = Signature::try_from(&signature).map_err(into_signature_error)?;
129		126
130	let mut message = [0; 64];	127	let mut message = [0; 64];
131	let mut chunk_buf = [0; 2];	128	let mut chunk_buf = [0; 2];


diff --git a/embassy-boot/boot/src/lib.rs b/embassy-boot/boot/src/lib.rs index 15b69f69d..b4f03e01e 100644 --- a/embassy-boot/boot/src/lib.rs +++ b/embassy-boot/boot/src/lib.rs
@@ -275,21 +275,19 @@ mod tests {
275	// The following key setup is based on:	275	// The following key setup is based on:
276	// https://docs.rs/ed25519-dalek/latest/ed25519_dalek/#example	276	// https://docs.rs/ed25519-dalek/latest/ed25519_dalek/#example
277		277
278	use ed25519_dalek::Keypair;	278	use ed25519_dalek::{Digest, Sha512, Signature, Signer, SigningKey, VerifyingKey};
279	use rand::rngs::OsRng;	279	use rand::rngs::OsRng;
280		280
281	let mut csprng = OsRng {};	281	let mut csprng = OsRng {};
282	let keypair: Keypair = Keypair::generate(&mut csprng);	282	let keypair = SigningKey::generate(&mut csprng);
283		283
284	use ed25519_dalek::{Digest, Sha512, Signature, Signer};
285	let firmware: &[u8] = b"This are bytes that would otherwise be firmware bytes for DFU.";	284	let firmware: &[u8] = b"This are bytes that would otherwise be firmware bytes for DFU.";
286	let mut digest = Sha512::new();	285	let mut digest = Sha512::new();
287	digest.update(&firmware);	286	digest.update(&firmware);
288	let message = digest.finalize();	287	let message = digest.finalize();
289	let signature: Signature = keypair.sign(&message);	288	let signature: Signature = keypair.sign(&message);
290		289
291	use ed25519_dalek::PublicKey;	290	let public_key = keypair.verifying_key();
292	let public_key: PublicKey = keypair.public;
293		291
294	// Setup flash	292	// Setup flash
295	let flash = BlockingTestFlash::new(BootLoaderConfig {	293	let flash = BlockingTestFlash::new(BootLoaderConfig {