Boot: Add encrypted image support Introduces the 'MCUBOOT_ENCRYPT_RSA' compile time switch. When set to 'ON', adds encrypted image support in the BL2 source and encrypts the signed images. As a result, BL2 can now accept an encrypted image for upgrade and decrypt it when applying. It can also re-encrypt the original image if it is kept and moved back to the secondary slot. Change-Id: I998861c7175c136eed60ac13c802134705b5c3f3 Signed-off-by: Balint Matyi <Balint.Matyi@arm.com>

commit: 5c476315f5568ead687e25d34b17efb6c4dab988 [log] [tgz]
author: Balint Matyi <Balint.Matyi@arm.com> Tue Mar 31 13:15:39 2020 +0100
committer: Tamas Ban <tamas.ban@arm.com> Wed Jul 22 11:40:16 2020 +0000
tree: b53f781dda6c7781e57b1a0aafc877605663041e
parent: d9abb4973c5d7842f3bab8a7b34736472000f98e [diff] [blame]
diff --git a/CommonConfig.cmake b/CommonConfig.cmake
index 679a0d3..b533d04 100644
--- a/CommonConfig.cmake
+++ b/CommonConfig.cmake

@@ -523,8 +523,5 @@
 	set(ATTEST_CLAIM_VALUE_CHECK OFF)
 endif()
 
-##Set mbedTLS compiler flags for BL2 bootloader
-set(MBEDCRYPTO_C_FLAGS_BL2 "${CMSE_FLAGS} -D__thumb2__ ${COMMON_COMPILE_FLAGS_STR} -DMBEDTLS_CONFIG_FILE=\\\\\\\"config-rsa.h\\\\\\\" -I${CMAKE_CURRENT_LIST_DIR}/bl2/ext/mcuboot/include")
-if (MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072")
-	string(APPEND MBEDCRYPTO_C_FLAGS_BL2 " -DMCUBOOT_SIGN_RSA_LEN=3072")
-endif()
+##Set common mbedTLS compiler flags for BL2 bootloader
+set(MBEDCRYPTO_C_FLAGS_BL2 "${CMSE_FLAGS} -D__thumb2__ ${COMMON_COMPILE_FLAGS_STR} -DMBEDTLS_CONFIG_FILE=\\\\\\\"config-rsa.h\\\\\\\"")
commit	5c476315f5568ead687e25d34b17efb6c4dab988	[log] [tgz]
author	Balint Matyi <Balint.Matyi@arm.com>	Tue Mar 31 13:15:39 2020 +0100
committer	Tamas Ban <tamas.ban@arm.com>	Wed Jul 22 11:40:16 2020 +0000
tree	b53f781dda6c7781e57b1a0aafc877605663041e
parent	d9abb4973c5d7842f3bab8a7b34736472000f98e [diff] [blame]