mbedtls: fix config check #116
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Renames boards to account for hwmv2 changes Signed-off-by: Jamie McCrae <[email protected]>
It builds on top of OVERWRITE_ONLY mode and uses secondary slot as a backup of the primary slot. The main difference is that after image copy to the primary slot the secondary slot is not erased. This is meant to be used together with BOOTSTRAP option that will reinstall the primary image with the backup in case it's not valid. Signed-off-by: Petr Buchta <[email protected]>
So far mynewt code required definition of second slot in bsp. Even in cases when overwrite only option was used bsp had to have secondary slot with 0 length or pointing to some unreachable flash or flash area. Now when BOOTUTIL_SINGLE_APPLICATION_SLOT is set to 1 there is not need for fake flash areas when mcuboot provides way for upgrade like boot serial or other supported ways (USB DFU or USB MSC) Signed-off-by: Jerzy Kasenberg <[email protected]>
Introduce a new MCUBOOT_BUILTIN_KEY option to enable the usage of builtin keys for signature verification. This way the details of the key handling mechanism are abstracted away from the boot code and this responsibility is delegated to the given crypto library. This is an alternative option to the existing MCUBOOT_HW_KEY feature, however in this case we can entirely rely on key IDs and not only the code, but also the image metadata does not contain any public key data. Change-Id: Id01b67951310549b2734730c58bfa7210a2d5236 Signed-off-by: David Vincze <[email protected]>
Enable the usage of builtin keys in the ECDSA verification module with the PSA Crypto API based cryptographic backend. This way parsing and importing the verification keys can also be avoided. Change-Id: I6ada1ef8ed04a3f12c228ef399e3a7b8ebc7fb5e Signed-off-by: David Vincze <[email protected]>
Signed-off-by: David Vincze <[email protected]> Change-Id: I730a02067c0c51c46189e86fa5ddd0f325311874
mynewt system for some time now uses mynewt_main() as starting point called from startup code. This changes function name main to mynewt_main but provides backup main function that will be linked if pre 1.12 mynewt-core is used with mcuboot Signed-off-by: Jerzy Kasenberg <[email protected]>
There is existing functionality for Zephyr where mcuboot works with single slot (no swap) and image can be updated via boot_serial. To have same functionality in mynewet single_loader.c file is copied from zephyr tree and 2 pkg.yml files are modified to utilize new file when BOOTUTIL_SINGLE_APPLICATION_SLOT is defined Signed-off-by: Jerzy Kasenberg <[email protected]>
Renames boards to account for hwmv2 changes Signed-off-by: Sylvio Alves <[email protected]>
Add a query to the TLV iterator that will indicate if the currently iterated TLV entry was found in the protected region or not. Signed-off-by: David Brown <[email protected]>
Only allow TLV entries that are needed for signature verification to be placed in the unprotected area of the TLV. Signed-off-by: David Brown <[email protected]>
Add a release not stub for the TLV check. Signed-off-by: David Brown <[email protected]>
If-statement checks if length is greater than some value right after a check if it is equal to the same value. This will never be true. Signed-off-by: Robert Paananen <[email protected]>
check_config.h was included manually by custom configuration files. This caused compilation errors when updating MbedTLS to 3.6.0 because check_config.h was processed too early, before the whole configuration is defined, effectively causing configuration check errors. MbedTLS already takes care of including check_config.h at the right time. Remove those erroneous manual check_config.h includes. Signed-off-by: Tomi Fontanilles <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.