BL2: add builtin key support for thin PSA core
Add support for using builtin (previously provisioned)
keys for ECDSA signature verification in the thin PSA
crypto core. The provisioned public keys are read from
OTP upon verification.
To enable the usage of builtin keys in MCUboot the
MCUBOOT_BUILTIN_KEY option must be turned on.
Change-Id: I1b057d48f959089d268f5b43329460eeb70a475c
Signed-off-by: David Vincze <david.vincze@arm.com>
diff --git a/docs/design_docs/booting/tfm_secure_boot.rst b/docs/design_docs/booting/tfm_secure_boot.rst
index c6e8bd6..9be7c80 100644
--- a/docs/design_docs/booting/tfm_secure_boot.rst
+++ b/docs/design_docs/booting/tfm_secure_boot.rst
@@ -392,6 +392,14 @@
key that corresponds to the retrieved key-hash (it can have more public
keys embedded in and it may have to look for the matching one). All the
public key(s) must be known at MCUBoot build time.
+- MCUBOOT_BUILTIN_KEY (default: False):
+ - **True:** When enabled, the entire public key used for signature
+ verification must be provisioned to the target device. In this case,
+ neither the code nor the image metadata needs to contain any public
+ key data. During image validation only a key ID is passed to the verifier
+ function for the required key to be selected. The key handling is entirely
+ the responsibility of the underlying crypto library and the details of the
+ key handling mechanism are abstracted away from the boot code.
- MCUBOOT_LOG_LEVEL:
Can be used to configure the level of logging in MCUBoot. The possible
values are the following:
@@ -825,4 +833,4 @@
image. As a result, the firmware update service is not supported in
direct-xip mode and ram-load mode.
-*Copyright (c) 2018-2023, Arm Limited. All rights reserved.*
+*Copyright (c) 2018-2024, Arm Limited. All rights reserved.*