TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / 6071ceb1d0d955b6ff4745499a0ff3ac7d79f24b^! / .
commit6071ceb1d0d955b6ff4745499a0ff3ac7d79f24b[log] [tgz]
authorDavid Vincze <david.vincze@arm.com>Thu Aug 15 16:41:08 2024 +0200
committerJamie <40387179+nordicjm@users.noreply.github.com>Wed Aug 21 11:46:29 2024 +0100
tree0f7d434585e2bc6d2bab1698cd8e74c81b7607d8
parentab4fb3299ae5148e9a1bb9171f23bd445ae4cd38 [diff]
boot: Introduce the MCUBOOT_ENC_BUILTIN_KEY option

- Introduce the MCUBOOT_ENC_BUILTIN_KEY config option for controlling the
usage of builtin key-encryption keys and replacing the MCUBOOT_HW_KEY
option in the image encryption module to avoid ambiguity as the latter
mentioned option is meant for configuring the handling of the
image verification keys,
- Add encryption build configs to template file.

Change-Id: Ic633d2103fb4e56d9fafdabef1fbddc3244cb795
Signed-off-by: David Vincze <david.vincze@arm.com>

diff --git a/boot/bootutil/src/encrypted.c b/boot/bootutil/src/encrypted.c
index 760deef..f6f40f9 100644
--- a/boot/bootutil/src/encrypted.c
+++ b/boot/bootutil/src/encrypted.c

@@ -336,12 +336,12 @@
 }
 #endif /* MCUBOOT_ENCRYPT_EC256 || MCUBOOT_ENCRYPT_X25519 */
 
-#if !defined(MCUBOOT_HW_KEY)
+#if !defined(MCUBOOT_ENC_BUILTIN_KEY)
 extern const struct bootutil_key bootutil_enc_key;
 
 /*
  * Default implementation to retrieve the private encryption key which is
- * embedded in the bootloader code (when MCUBOOT_HW_KEY is not defined).
+ * embedded in the bootloader code (when MCUBOOT_ENC_BUILTIN_KEY is not defined).
  */
 int boot_enc_retrieve_private_key(struct bootutil_key **private_key)
 {
@@ -349,7 +349,7 @@
 
     return 0;
 }
-#endif /* !MCUBOOT_HW_KEY */
+#endif /* !MCUBOOT_ENC_BUILTIN_KEY */
 
 int
 boot_enc_init(struct enc_key_data *enc_state, uint8_t slot)

diff --git a/samples/mcuboot_config/mcuboot_config.template.h b/samples/mcuboot_config/mcuboot_config.template.h
index 24e65f1..ce613bd 100644
--- a/samples/mcuboot_config/mcuboot_config.template.h
+++ b/samples/mcuboot_config/mcuboot_config.template.h

@@ -89,6 +89,33 @@
 /* #define MCUBOOT_USE_TINYCRYPT */
 
 /*
+ * Encrypted images
+ *
+ * Uncomment one of the below options (MCUBOOT_ENCRYPT_x) to enable
+ * encrypted image upgrades.
+ */
+
+/* Uncomment to use RSA-OAEP for key encryption */
+/* #define MCUBOOT_ENCRYPT_RSA */
+/* Uncomment to use AES-KW for key encryption */
+/* #define MCUBOOT_ENCRYPT_KW */
+/* Uncomment to use ECIES-P256 for key encryption */
+/* #define MCUBOOT_ENCRYPT_EC256 */
+/* Uncomment to use ECIES-X25519 for key encryption */
+/* #define MCUBOOT_ENCRYPT_X25519 */
+
+/* Uncomment to use a builtin key-encryption key (retrieved from a trusted
+ * source - if implemented) instead of a key embedded in the bootloader. */
+/* #define MCUBOOT_ENC_BUILTIN_KEY */
+
+#if defined(MCUBOOT_ENCRYPT_RSA)    || \
+    defined(MCUBOOT_ENCRYPT_KW)     || \
+    defined(MCUBOOT_ENCRYPT_EC256)  || \
+    defined(MCUBOOT_ENCRYPT_X25519)
+#define MCUBOOT_ENC_IMAGES
+#endif
+
+/*
  * Always check the signature of the image in the primary slot before booting,
  * even if no upgrade was performed. This is recommended if the boot
  * time penalty is acceptable.