Add support for ECDSA signatures This adds support for key version 5 which is an EC key using the NIST P-256 curve parameters. OTAs may be signed with these keys using the ECDSA signature algorithm with SHA-256. Change-Id: Id88672a3deb70681c78d5ea0d739e10f839e4567

commit: 7a4adb5268ae71260c86788ccdeb7a699c80ee0a [log] [tgz]
author: Kenny Root <kroot@google.com> Wed Oct 09 10:14:35 2013 -0700
committer: Kenny Root <kroot@google.com> Thu Oct 10 14:19:19 2013 -0700
tree: da4a744e642f5014c3a1085097590bd4a5997f1c
parent: 58c60900ac3682fab08f64373bdd1020713b48f7 [diff] [blame]
diff --git a/verifier.h b/verifier.h
index 6ce1b44..023d3bf 100644
--- a/verifier.h
+++ b/verifier.h

@@ -17,11 +17,24 @@
 #ifndef _RECOVERY_VERIFIER_H
 #define _RECOVERY_VERIFIER_H
 
+#include "mincrypt/p256.h"
 #include "mincrypt/rsa.h"
 
-typedef struct Certificate {
+typedef struct {
+    p256_int x;
+    p256_int y;
+} ECPublicKey;
+
+typedef struct {
+    typedef enum {
+        RSA,
+        EC,
+    } KeyType;
+
     int hash_len;  // SHA_DIGEST_SIZE (SHA-1) or SHA256_DIGEST_SIZE (SHA-256)
-    RSAPublicKey* public_key;
+    KeyType key_type;
+    RSAPublicKey* rsa;
+    ECPublicKey* ec;
 } Certificate;
 
 /* Look in the file for a signature footer, and verify that it
commit	7a4adb5268ae71260c86788ccdeb7a699c80ee0a	[log] [tgz]
author	Kenny Root <kroot@google.com>	Wed Oct 09 10:14:35 2013 -0700
committer	Kenny Root <kroot@google.com>	Thu Oct 10 14:19:19 2013 -0700
tree	da4a744e642f5014c3a1085097590bd4a5997f1c
parent	58c60900ac3682fab08f64373bdd1020713b48f7 [diff] [blame]