TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / 06b77b835336d80c102e35f7c6da997d9380c9b8
commit06b77b835336d80c102e35f7c6da997d9380c9b8[log] [tgz]
authorFabio Utzig <utzig@apache.org>Thu Aug 23 16:01:16 2018 -0300
committerFabio Utzig <utzig@utzig.org>Fri Oct 12 13:36:13 2018 -0300
tree0d6a633ea8e1748bfaa9ebdda5fefc04f59069b6
parentba829049eac9fd3be72b526d96c4bf4d75bb691d [diff]
Add imgtool support for encrypted image creation

Adds a new flag to imgtool, -E/--encrypt which accepts a public rsa-2048
key file that will be used to encrypt the image.

The encryption method uses AES-128-CTR to encrypt the image data (ignores
the header and TLVs), using a random key that is itself encrypted using
RSA-2048-OAEP and added to the generated image as a new TLV.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2 files changed
tree: 0d6a633ea8e1748bfaa9ebdda5fefc04f59069b6
  1. boot/
  2. docs/
  3. ext/
  4. samples/
  5. scripts/
  6. sim/
  7. testplan/
  8. .gitignore
  9. .gitmodules
  10. .travis.yml
  11. enc-aes128kw.b64
  12. enc-rsa2048-priv.pem
  13. enc-rsa2048-pub.pem
  14. LICENSE
  15. NOTICE
  16. project.yml
  17. README.md
  18. repository.yml
  19. root-ec-p256.pem
  20. root-rsa-2048.pem
README.md

mcuboot

Coverity Scan Build Status Build/Test

This is mcuboot, version 1.2.0

MCUboot is a secure bootloader for 32-bit MCUs. The goal of MCUboot is to define a common infrastructure for the bootloader, system flash layout on microcontroller systems, and to provide a secure bootloader that enables easy software upgrade.

MCUboot is operating system and hardware independent, and relies on hardware porting layers from the operating system it works with. Currently mcuboot works with both the Apache Mynewt, and Zephyr operating systems, but more ports are planned in the future. RIOT is currently supported as a boot target with a complete port planned.

Using MCUboot

Instructions for different operating systems can be found here:

Roadmap

The issues being planned and worked on are tracked on Jira. To participate please visit:

https://runtimeco.atlassian.net/projects/MCUB/summary

Browsing

Information and documentation on the bootloader is stored within the source, and on confluence:

https://runtimeco.atlassian.net/wiki/discover/all-updates

For more information in the source, here are some pointers:

  • boot/bootutil: The core of the bootloader itself.
  • boot/boot_serial: Support for serial upgrade within the bootloader itself.
  • boot/zephyr: Port of the bootloader to Zephyr
  • boot/mynewt: Mynewt bootloader app
  • imgtool: A tool to securely sign firmware images for booting by mcuboot.
  • sim: A bootloader simulator for testing and regression

Joining

Developers welcome!