Add bootutil support for encrypted images
This allows storing encrypted images in slot1, that are automatically
decrypted when copying to slot0 and re-encrypted when copying from slot0
to slot1.
The encryption works by applying AES-CTR-128 on the image blocks
(excluding the header and TLVs) using a random key. This random key
is itself encrypted using either RSA-OAEP-2048 or AES-KW-128 (AES keywrap
as defined by RFC3394), and appended to the image as newly defined TLVs.
AES-CTR-128 was chosen primarily for having stream cipher proporties,
which basically means that any block being encrypted/decrypted does not
depend on any other previous blocks results.
The TLV adds about 256 bytes to the image in RSA-OAEP-2048 mode, and 24
bytes in AES-KW-128 mode. Resulting sizes for a Mynewt generated mcuboot
(frdm-k64f):
- swap mode and no signing: 12KB
- adding encryption with RSA-OAEP-2048: 28KB
- adding encryption with AES-KW-128: 20KB
Some extra comments:
- AES-KW-128 requires a fairly new mbedtls with nist_kw support.
- An alternative methods which could be added later are ECIES.
- Key-wrapping seems easy enough to implement using just standard
AES-ECB mode that it should be straight-forward to also add support to
tinycrypt.
Signed-off-by: Fabio Utzig <utzig@apache.org>
diff --git a/boot/bootutil/src/bootutil_priv.h b/boot/bootutil/src/bootutil_priv.h
index 8cb7533..163d5e9 100644
--- a/boot/bootutil/src/bootutil_priv.h
+++ b/boot/bootutil/src/bootutil_priv.h
@@ -27,6 +27,10 @@
#include "bootutil/image.h"
#include "mcuboot_config/mcuboot_config.h"
+#ifdef MCUBOOT_ENC_IMAGES
+#include "bootutil/enc_key.h"
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -57,6 +61,9 @@
uint8_t state; /* Which part of the swapping process are we at */
uint8_t use_scratch; /* Are status bytes ever written to scratch? */
uint32_t swap_size; /* Total size of swapped image */
+#ifdef MCUBOOT_ENC_IMAGES
+ uint8_t enckey[2][BOOT_ENC_KEY_SIZE];
+#endif
};
#define BOOT_MAGIC_GOOD 1
@@ -179,6 +186,11 @@
int boot_write_image_ok(const struct flash_area *fap);
int boot_write_swap_size(const struct flash_area *fap, uint32_t swap_size);
int boot_read_swap_size(uint32_t *swap_size);
+#ifdef MCUBOOT_ENC_IMAGES
+int boot_write_enc_key(const struct flash_area *fap, uint8_t slot,
+ const uint8_t *enckey);
+int boot_read_enc_key(uint8_t slot, uint8_t *enckey);
+#endif
/*
* Accessors for the contents of struct boot_loader_state.