Add vendor and image class UUID support

[tomchy]

According to the PSA Platform Security Boot Guide:

R20_PSBG_MANIFEST: Each image manifest must contain the properties specified in Figure 2. It is permitted for
additional information to be included.

The manifest (which can be interpreted as image header and additional metadata stored inside TLVs) must include:

• Image type: Specifically identifies the boot stage or peripheral. Also known as a purpose identifier. This field is not required if only one type of image is supported.
• Product class: This can refer to a vendor ID, product ID, or a more specific identifier, such as the
  Instance ID.

This PR introduces two identifiers to meet those requirements:

• Image class ID, defined as RFC 9562 UUID Version 5, that may contain all: image type and product type values as input.
• Image vendor ID, defined as RFC 9562 UUID Version 5, that provides the namespace for the image class ID, so two devices with the same type/product name will have different image class UUIDs.

[de-nordic]

If it was decided to wrap uuid in fih, these should probably also report fih failure; i do not understand a difference between a failure in uuid check and inability to perform the check. And I know that we are inconsistent here, and maybe that is a good point to discuss it.

[tomchy]

There is a translation logic, based on the rc value:

   if (rc) {
        FIH_SET(fih_rc, FIH_FAILURE);

and the default value of uuid_vid_valid and uuid_cid_valid will either way mask the other failure reasons.

The difference is just that - inability (if possible) can report "incompatible image format" and the uuid check can report "invalid UUID value".
There is though no way to distinguish between those error reasons as there is just a single FIH_FAILURE error code.

[nvlsianpu]

out: seams can't mock success - it only could mock failure as a glith.

[de-nordic]

These go above comment explaining vendor specific ids. If these are vendor specific ids, then they have in-proper codes.

[de-nordic]

And should't really be here.

[tomchy]

What do you mean by "comment explaining vendor specific ids"?

[nvlsianpu]

@tomchy move this just after #define IMAGE_TLV_COMP_DEC_SIZE 0x73 /* Compressed decrypted image size */ line.
@de-nordic Clarification: these are new MCUboot generic TLVs

[de-nordic]

Are we sure we want to get fih heavy on uuid comparisons? What is the attack vector here? As far as i cen tell they are already protected tlvs and, as such, are signed with image, and why would you bypass uid check? You would have to bypass signature first.

[tomchy]

The attack vector would be to install the FW not designed for a particular core as a result of glitching the UUID checks (skipping them or altering comparison results).

Honestly, I do not know where to draw a line between checks that should use FIH and checks that should not. The code was based on the way the security counter is implemented, thus by default it uses FIH routines.

[nvlsianpu]

@tomchy move this just after #define IMAGE_TLV_COMP_DEC_SIZE 0x73 /* Compressed decrypted image size */ line.
@de-nordic Clarification: these are new MCUboot generic TLVs

[nvlsianpu]

out: seams can't mock success - it only could mock failure as a glith.

[nordicjm]

very quick comment, need to review

[nordicjm]

why is DNS used? What other options are there instead of DNS?

[tomchy]

Because it is the simplest thing with a registry to use to specify the vendor.
The python package includes the following namespaces:

• DNS: When this namespace is specified, the name string is a fully qualified domain name.
• URL: When this namespace is specified, the name string is a URL.
• OID: When this namespace is specified, the name string is an ISO OID.
• X500: When this namespace is specified, the name string is an X.500 DN in DER or a text output format.

It also aligns with the values used in SUIT:

The RECOMMENDED method to create a vendor ID is:
The "IANA UUID Namespace ID for DNS" is:
6ba7b810-9dad-11d1-80b4-00c04fd430c8
Vendor ID = UUID5(, vendor domain name)

[nordicjm]

why does the above use DNS and this either use the above or nothing?

[tomchy]

Because it is easy to provide unique VIDs, based on DNS.
It is not easy to provide unique arbitrary CIDs, thus it is safer to use unique VID value as the namespace to calculate CID, thus providing unique, vendor-specific CIDs.

[tomchy]

The None option is valid if and only if the user provides RAW CID UUID value.

[tomchy]

It also aligns with the recommendations in SUIT specification:

If the Vendor ID is a UUID, the RECOMMENDED method to create a Class ID is:
Class ID = UUID5(Vendor ID, Class-Specific-Information)

[nordicjm]

sample? If this is for a sample it should be added specifically by the sample, it should not be in the cmake file and it should not be added for all builds when these Kconfigs are enabled

[tomchy]

After second though - you're right: I cannot guarantee that this implementation will be sufficient for all use cases, thus it should not be placed inside MCUboot repository.

[nordicjm]

this runs if either is set, then assumes VID is the one that is set? Also make - optional

[tomchy]

Correct, the MCUBOOT_UUID_VID_VALUE symbol is available if either CONFIG_MCUBOOT_UUID_VID or CONFIG_MCUBOOT_UUID_CID is enabled.
The use case is pretty simple: you want a simplified check (only CID), but still want to generate UUID values, based on the VID namespace.

[nordicjm]

why is this using 4 images?

[tomchy]

I'll try to use UPDATEABLE_IMAGE_NUMBER instead.

[nordicjm]

as above, if this is a sample it should be moved to a sample

[tomchy]

I'll move it outside of the MCUboot repo too.

[nordicjm]

Also, this feature should be added to the simulator for testing