mcuboot icon indicating copy to clipboard operation
mcuboot copied to clipboard

Published 20 hours ago verified publisher icon mcu-tools

bootutil: Refactor encrypted.c to have the same logic as image_validate

Open RaphaelDupont opened this issue 2 years ago • 8 comments

Currently encrypted.c contains all the implementation of the functions inside enc_key.h for each configuration (RSA, EC256 and X25519).

The purpose of this pr is to adopt a logic similar to the file organization of image_validate to make it easier to add other configurations.

Note: I'm not satisfied with the current state of fake_rng because it loses its static attribute. I think putting it in encrypted_priv.h could solve this issue but I'm not sure if it is a good way to solve it.

RaphaelDupont avatar Mar 22 '23 15:03 RaphaelDupont

@nvlsianpu , @de-nordic, espressif and zephyr related files are directly affected (new files introoduced) in this change, could you approve this change if you think it won't cause any build issues?

davidvincze avatar Jun 06 '23 13:06 davidvincze

@nvlsianpu , @de-nordic, espressif and zephyr related files are directly affected (new files introoduced) in this change, could you approve this change if you think it won't cause any build issues?

Let me test that with our code for Zephyr. We lack espressif expert voice, but this is not unique to this PR, and I do not really know how to address this issue.

de-nordic avatar Jun 06 '23 15:06 de-nordic

@nvlsianpu , @de-nordic, espressif and zephyr related files are directly affected (new files introoduced) in this change, could you approve this change if you think it won't cause any build issues?

Let me test that with our code for Zephyr. We lack espressif expert voice, but this is not unique to this PR, and I do not really know how to address this issue.

I guess we'll definitely have at least some kind of espressif voice if it breaks. 😅

davidvincze avatar Jun 09 '23 12:06 davidvincze

@RaphaelDupont may I ask you to rebase the PR? New patches have been merged recently and there are conflicting modifications in boot/bootutil/src/encrypted.c.

davidvincze avatar Jun 09 '23 13:06 davidvincze

@RaphaelDupont may I ask you to rebase the PR? New patches have been merged recently and there are conflicting modifications in boot/bootutil/src/encrypted.c.

The branch is now up-to-date. Do you have other suggestions to make ? Regarding the way some files are included for example.

RaphaelDupont avatar Jun 13 '23 08:06 RaphaelDupont

There is some squashing needed. I do not think that we need "bootutil : Reformat code according to suggestions" commits that look like review fixes on main.

Done

RaphaelDupont avatar Jun 16 '23 07:06 RaphaelDupont

Did you find other issues with this PR ?

RaphaelDupont avatar Jul 28 '23 13:07 RaphaelDupont

I have run encryption and signature tests for ECDSA, RSA and 25519 against latest Zephyr and they seem to boot fine. I am still trying to run test against sdk-nrf.

de-nordic avatar Aug 01 '23 15:08 de-nordic

This pull request has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this pull request will automatically be closed in 14 days. Note, that you can always re-open a closed pull request at any time.

github-actions[bot] avatar Jun 12 '24 01:06 github-actions[bot]