| commit | 4741c45293bf1e55f15ab7e9b4fecf471251a3b5 | [log] [tgz] |
|---|---|---|
| author | Fabio Utzig <utzig@apache.org> | Thu Dec 19 15:32:41 2019 -0300 |
| committer | Fabio Utzig <utzig@utzig.org> | Fri Dec 20 14:57:06 2019 -0300 |
| tree | b8d0cbc3702c7dad08857c6cdf8829d17228e6e8 | |
| parent | f616c5494b8ec6bccf4f7b683d33d11c72640fc1 [diff] |
bootutil: allow encryption key TLVs in swap status Add a new option that when enabled, allows a swap status to store an encrypted key TLV instead of plain keys. When a new swap operation is started the encryption keys are saved to the swap status area to allow for resuming (because it is challenging to find those TLV in the middle of a swap operation). Previously those keys were saved in plain text, so it would be easy to dump them if the images were stored in external flash. With this new option one can choose to save the TLV instead, which uses more flash but does not leak secrets. The amount of flash required varies depending on the size of the TLV, which is 48 for AES-128-KW, 512 for RSA and 240 for ECIES-P256. Signed-off-by: Fabio Utzig <utzig@apache.org>
- boot/bootutil/include/bootutil/enc_key.h[diff]
- boot/bootutil/src/bootutil_misc.c[diff]
- boot/bootutil/src/bootutil_priv.h[diff]
- boot/bootutil/src/encrypted.c[diff]
- boot/bootutil/src/loader.c[diff]
- boot/bootutil/src/swap_misc.c[diff]
- boot/bootutil/src/swap_scratch.c[diff]
- boot/
- ci/
- docs/
- ext/
- ptest/
- samples/
- scripts/
- sim/
- testplan/
- zephyr/
- .gitignore
- .gitmodules
- .travis.yml
- enc-aes128kw.b64
- enc-ec256-priv.pem
- enc-ec256-pub.pem
- enc-rsa2048-priv.pem
- enc-rsa2048-pub.pem
- LICENSE
- NOTICE
- project.yml
- README.md
- repository.yml
- root-ec-p256-pkcs8.pem
- root-ec-p256.pem
- root-ed25519.pem
- root-rsa-2048.pem
- root-rsa-3072.pem
- version.yml
mcuboot
This is mcuboot version 1.4.0
MCUboot is a secure bootloader for 32-bit MCUs. The goal of MCUboot is to define a common infrastructure for the bootloader, system flash layout on microcontroller systems, and to provide a secure bootloader that enables simple software upgrades.
MCUboot is operating system and hardware independent and relies on hardware porting layers from the operating. Currently, mcuboot works with both the Apache Mynewt and Zephyr operating systems, but more ports are planned in the future. RIOT is currently supported as a boot target with a complete port planned.
Using MCUboot
Instructions for different operating systems can be found here:
Roadmap
The issues being planned and worked on are tracked using GitHub issues. To participate please visit:
Issues were previously tracked on MCUboot JIRA , but it is now deprecated.
Browsing
Information and documentation on the bootloader are stored within the source.
It was previously also documented on confluence: MCUBoot Confluence however, it is now deprecated and not currently maintained
For more information in the source, here are some pointers:
- boot/bootutil: The core of the bootloader itself.
- boot/boot_serial: Support for serial upgrade within the bootloader itself.
- boot/zephyr: Port of the bootloader to Zephyr
- boot/mynewt: Mynewt bootloader app
- imgtool: A tool to securely sign firmware images for booting by mcuboot.
- sim: A bootloader simulator for testing and regression
Joining
Developers welcome!
- Our developer mailing list: http://lists.runtime.co/mailman/listinfo/dev-mcuboot_lists.runtime.co
- Our Slack channel: https://mcuboot.slack.com/
Get your invite here! - Our IRC channel: http://irc.freenode.net, #mcuboot