mcuboot
mcuboot copied to clipboard
mcu-tools
Secure boot for 32-bit Microcontrollers!
### What is this RFC about? MCUboot, when using encrypted images, needs to temporarily store encryption key in swap area, when decrypting image. There are two possible options for that:...
Original comments (from #2022): >> I am fine with the changes. I think that we should have some rework here because the code for key decoding keeps repeating in one...
To be able to implement encryption with API that requires different calls for encryption and encryption, the boot_encrypt needs to be replaced with encryption/decryption specific functions. Depends on: - [x]...
While testing repeated firmware updates, cycling between two versions, with a random power cycler, the system failed after about 3000 update operations. The problem was in ``image_validate.c`` function ``bootutil_img_hash()``, when...
https://github.com/mcu-tools/mcuboot/blob/9c99326b9756dbcc35b524636d99ed5f3e6cb29b/boot/bootutil/src/loader.c#L1294 here maybe decrypt the image header data if the the size of image header is very short, for example. in my test case ,i pack an encrypted image with...
Remove the arbitrary disabling of `MULTITHREADING`, `SPI_NOR`, `NORDIC_QSPI_NOR`, etc on Nordic platforms. The stated reason for disabling these options is to save flash space, however all of these platforms compile...
The PR adds --pure switch to imgtool that allows to run ED25519 over entire image calculating the PureEdDSA signature. The imgtool will add SIG_PURE TLV as indicator that whatever signature...
Since [this commit](https://github.com/zephyrproject-rtos/trusted-firmware-m/commit/0accf9832f1348bf40ae69c708dd559f2878f9ae#diff-c519d875b7642647e0998f3d7fd0615b9312d83405b1b8193a8901d2948e4017R157), the Trusted-Firmware M project requires the embedded public keys to be in a "raw" (not RFC5840) form. As far as I can tell, there is currently no...
This PR proposes a fix to https://github.com/mcu-tools/mcuboot/issues/1966, which describes a scenario where a device can be bricked if a revert process is interrupted when using swap-move. As suggested in [this...
