mcuboot May decrypt the image header data when copy image data from the secondary to the primary slot

May decrypt the image header data when copy image data from the secondary to the primary slot

Open aaronpu opened this issue 1 year ago • 0 comments

https://github.com/mcu-tools/mcuboot/blob/9c99326b9756dbcc35b524636d99ed5f3e6cb29b/boot/bootutil/src/loader.c#L1294 here maybe decrypt the image header data if the the size of image header is very short, for example. in my test case ,i pack an encrypted image with the header size is 32 bytes, it will decrypt the header data ,and verify the decrypted image in the primary slot fail!. https://github.com/mcu-tools/mcuboot/blob/v2.1.0/boot/bootutil/src/loader.c

so I try to fix it :

if(abs_off < hdr->ih_hdr_size) { blk_sz = tlv_off - hdr->ih_hdr_size + abs_off; }else{ blk_sz = tlv_off - abs_off; }

Aug 02 '24 17:08 aaronpu

mcuboot mcuboot copied to clipboard

May decrypt the image header data when copy image data from the secondary to the primary slot

mcuboot
mcuboot copied to clipboard