Boot: integrate MCUBoot with TF-M to act as a BL2 bootloader
Modifications in MCUBoot to be aligned with BL2 requirements in TF-M:
-- OS dependency was removed, no need to copy any OS repo to build it
-- CMSIS serial driver is used
-- flash driver interface is aligned with original version
-- S and NS images are handeled as a single binary blob
-- automatic image concatenation and signing at build time
-- authentication based on SHA256 and RSA-2048 digital signature
-- mbedTLS library is used for cryptographic operation
-- static analyser warnings fixed in some files
Change-Id: I54891762eac8d0df634e954ff19a9505b16f3028
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
diff --git a/bl2/ext/mcuboot/bootutil/src/image_rsa.c b/bl2/ext/mcuboot/bootutil/src/image_rsa.c
index 88ec784..4a472d5 100644
--- a/bl2/ext/mcuboot/bootutil/src/image_rsa.c
+++ b/bl2/ext/mcuboot/bootutil/src/image_rsa.c
@@ -19,10 +19,6 @@
#include <string.h>
-#ifdef MCUBOOT_MYNEWT
-#include "mcuboot_config/mcuboot_config.h"
-#endif
-
#ifdef MCUBOOT_SIGN_RSA
#include "bootutil/sign_key.h"
#include "bootutil/sha256.h"
@@ -68,11 +64,12 @@
static int
bootutil_parse_rsakey(mbedtls_rsa_context *ctx, uint8_t **p, uint8_t *end)
{
- int rc;
+ int rc, rc2;
size_t len;
- if ((rc = mbedtls_asn1_get_tag(p, end, &len,
- MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+ rc = mbedtls_asn1_get_tag(p, end, &len,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
+ if (rc != 0) {
return -1;
}
@@ -80,8 +77,9 @@
return -2;
}
- if ((rc = mbedtls_asn1_get_mpi(p, end, &ctx->N)) != 0 ||
- (rc = mbedtls_asn1_get_mpi(p, end, &ctx->E)) != 0) {
+ rc = mbedtls_asn1_get_mpi(p, end, &ctx->N);
+ rc2 = mbedtls_asn1_get_mpi(p, end, &ctx->E);
+ if ((rc != 0) || (rc2 != 0)) {
return -3;
}
@@ -89,7 +87,8 @@
return -4;
}
- if ((rc = mbedtls_rsa_check_pubkey(ctx)) != 0) {
+ rc = mbedtls_rsa_check_pubkey(ctx);
+ if (rc != 0) {
return -5;
}