Add RSA3072 support
diff --git a/image/create.go b/image/create.go
index 3ec8770..cbbc410 100644
--- a/image/create.go
+++ b/image/create.go
@@ -71,7 +71,15 @@
key.AssertValid()
if key.Rsa != nil {
- return IMAGE_TLV_RSA2048
+ pubk := key.Rsa.Public().(*rsa.PublicKey)
+ switch pubk.Size() {
+ case 256:
+ return IMAGE_TLV_RSA2048
+ case 384:
+ return IMAGE_TLV_RSA3072
+ default:
+ return 0
+ }
} else {
switch key.Ec.Curve.Params().Name {
case "P-224":
diff --git a/image/image.go b/image/image.go
index 6bd0050..7f74cbc 100644
--- a/image/image.go
+++ b/image/image.go
@@ -63,6 +63,7 @@
IMAGE_TLV_RSA2048 = 0x20
IMAGE_TLV_ECDSA224 = 0x21
IMAGE_TLV_ECDSA256 = 0x22
+ IMAGE_TLV_RSA3072 = 0x23
IMAGE_TLV_ENC_RSA = 0x30
IMAGE_TLV_ENC_KEK = 0x31
)
@@ -73,6 +74,7 @@
IMAGE_TLV_RSA2048: "RSA2048",
IMAGE_TLV_ECDSA224: "ECDSA224",
IMAGE_TLV_ECDSA256: "ECDSA256",
+ IMAGE_TLV_RSA3072: "RSA3072",
IMAGE_TLV_ENC_RSA: "ENC_RSA",
IMAGE_TLV_ENC_KEK: "ENC_KEK",
}
@@ -137,6 +139,7 @@
func ImageTlvTypeIsSig(tlvType uint8) bool {
return tlvType == IMAGE_TLV_RSA2048 ||
+ tlvType == IMAGE_TLV_RSA3072 ||
tlvType == IMAGE_TLV_ECDSA224 ||
tlvType == IMAGE_TLV_ECDSA256
}
diff --git a/sec/key.go b/sec/key.go
index 89b5f49..9d073bd 100644
--- a/sec/key.go
+++ b/sec/key.go
@@ -190,7 +190,8 @@
key.AssertValid()
if key.Rsa != nil {
- return 256
+ pubk := key.Rsa.Public().(*rsa.PublicKey)
+ return uint16(pubk.Size())
} else {
switch key.Ec.Curve.Params().Name {
case "P-224":