The scripts for fih tests install and run where running different
versions of the docker images, since the install specified a version and
not version was specified for run, defaulting to `latest`.
This commits adds a new file for specifying the docker image to be used.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Fixes an issue with this file as it was wrongly disabling QSPI
NOR, which the hardware does not support, when it should have been
disabling SPI NOR
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Update the configuration to remove swap mode support.
MCXN94x ROM Flash API supports writing of 128byes page.
Signed-off-by: Mahesh Mahadevan <mahesh.mahadevan@nxp.com>
The variable `rc` was declared as int and then implicitly casted to
`size_t` when passed to `base64_decode`, which on 64 bit architectures
is wrong.
Signed-off-by: Lluis Campos <lluis.campos@northern.tech>
When compression is used, it allows for the secondary slot to be
smaller than the primary slot, therefore do not ensure that the
number of sectors in each slot are the same
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The protected TLV section was not included in the size check of
if an image could fit into a slot, which means that it was
possible for file to be deemed as OK for storing but then failing
due to insufficient flash space during the update
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Marks images as invalid if they have conflicting flags, e.g. more
than one type of LZMA compression or more than one type of
encryption
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Checks if images have compressed or encrypted image flags and, if
so, and those options are not enabled in that MCUboot build, will
class the images as invalid and delete them (these images cannot
be used without support anyway)
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds some flags to indicate if the data of an image is compressed
(lzma1 and lzma2) and adds new TLVs for compressed images relating
to the hash, signature and size of the decompressed image data,
this allows the image to be validated before decompressing, then
validated after decompression to ensure an image is always valid
for a device
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Changes the order of operations to validate the image header
before checking the image, it does not make sense to check the
image if the header itself is invalid
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
- Introduce the MCUBOOT_ENC_BUILTIN_KEY config option for controlling the
usage of builtin key-encryption keys and replacing the MCUBOOT_HW_KEY
option in the image encryption module to avoid ambiguity as the latter
mentioned option is meant for configuring the handling of the
image verification keys,
- Add encryption build configs to template file.
Change-Id: Ic633d2103fb4e56d9fafdabef1fbddc3244cb795
Signed-off-by: David Vincze <david.vincze@arm.com>
Adds a minimal version of the slot info feature to serial recovery,
and enables it by default.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This calculation failed to take into consideration the additional
sector needed for the swap move part of the upgrade process
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds support for getting the maximum image size of multiple images
and adding this data to the shared data area
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds a feature that will calculate the maximum number of sectors
that are needed for a build. Can be disabled to revert back to
the old behaviour by disabling CONFIG_BOOT_MAX_IMG_SECTORS_AUTO
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Move checking of conditions, which remain the same for the whole
loop run, outside of the loop.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
- Add common mimxrt1050_evk_mimxrt1052.conf for all revisions.
- Delete the qspi revision mimxrt1050_evk_mimxrt1052_qspi.conf
Signed-off-by: Andrej Butok <andrey.butok@nxp.com>
- Add default configurations for mimxrt1160_evk and vmu_rt1170
- Fix configuration for mimxrt1170_evk
Signed-off-by: Andrej Butok <andrey.butok@nxp.com>
boot_encrypt required the image_index paired with flash area pointer
to be able to figure out which slot it will operate on.
Since in most calls the slot is known in advance it can be just
passed to the function directly.
The commit replaces both parameters with slot number.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Move the definition of boot_enc_retrieve_private_key() to a common file
to avoid code duplication and also endure seamless transition to this new
key handling approach for targets which don't use hardware keys.
Change-Id: I57e54e4332503c11d18762f8291c3cab53df3d20
Signed-off-by: David Vincze <david.vincze@arm.com>
Fix getpub command fails to emit public pair of ed25519 key with
encoding.
Signed-off-by: Rustam Ismayilov <rustam.ismayilov@arm.com>
Change-Id: I3d255f576b2d8a8d0cbc8e31ff378717acb060c7
Fixes an issue which can occur in tests whereby an application
has the name mcuboot but is not mcuboot itself
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
There was not really needed repetition of code in if-else
block; common code has been moved out and the block has been
reduced.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
In all cases where boot_enc_load is called it is known what slot
is addressed, so it is better to just pass the slot number
instead of making the boot_enc_load figure out slot number from
image index and provided flash area object.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Update requirements.txt to support PrivateKeyType and
PublicKeyType which are available in cryptography library since
version 40.0.0 and prevent failing CI jobs in upcoming changes.
Signed-off-by: Rustam Ismayilov <rustam.ismayilov@arm.com>
Change-Id: I94b888d64c2f33ccb829912491e3b8c44b9cc2b2
Fabio Utzig