Crypto and Firmware RFCs

This post summarizes the relevant RFCS (and other standards) related to cryptography and, specifically, relevant to MCUboot. I intend to update this post with more RFCs as I refer to them in my work. Last update: 2018-05-31 Cryptography The following documents describe protocols and encodings relevant to digital signatures. RFC3447: Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1 RFC4279: Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) RFC5208: Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification Version 1.

Key Formats

Update: After a little digging, I understand where the leading 0x00 comes from on the EC public key. I’ve recently been working on the MCUboot project. A key feature of this bootloader is its use of digital signatures to verify images both before performing upgrades, and optionally, also before running them. The code currently supports RSA and ECDSA signatures, and we are working on adding support for EdDSA signatures (specifically Ed25519).