Secure boot for 32-bit Microcontrollers!
Go to file
Hugo L'Hostis db543e5026 boot : Adding encrypted ram-load support
This patch adds the possibility to boot using ram-load with an
encrypted image. This is enabled when both the flags MCUBOOT_RAM_LOAD
and MCUBOOT_ENC_IMAGES are defined.

Signed-off-by: Fabio Utzig <utzig@apache.org>
Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Signed-off-by: Salome Thirot <salome.thirot@arm.com>
Change-Id: I7756c2c634d90a2e726117d6cfc5650653cf1b51
2021-10-07 14:23:51 -03:00
.github/workflows ci: add FIH hardening tests to workflows 2021-09-27 14:23:19 -03:00
boot boot : Adding encrypted ram-load support 2021-10-07 14:23:51 -03:00
ci ci: bump FIH docker release 2021-10-07 12:40:24 -03:00
docs boot : Adding encrypted ram-load support 2021-10-07 14:23:51 -03:00
ext boot_serial: Update cddl-gen version 2021-08-10 16:58:54 -06:00
ptest ptest: Some simple cleanups from clippy 2021-03-11 07:25:43 -07:00
samples boot: introduce MCUBOOT_CPU_IDLE() for support low power single thread 2021-06-17 12:42:21 +02:00
scripts Preps for 1.8.0-rc2 2021-09-29 15:31:32 -06:00
sim sim: update ram load to use image size comparison 2021-10-07 12:40:24 -03:00
testplan/mynewt doc: fix github urls to use the new org 2020-11-10 14:19:19 -03:00
zephyr bootutil: extracted app common library from bootutil_misc 2021-01-13 17:49:49 +01:00
.gitignore sim: Move Cargo package to top level 2021-09-17 10:45:53 -06:00
.gitmodules boot/espressif: Add hal subdirectory for IDF sources and headers 2021-08-09 14:57:53 -06:00
.mbedignore Ignore nuttx files for Mbed-OS builds 2021-08-20 14:10:42 -03:00
.travis.yml-disabled ci: disable Travis 2021-09-27 14:23:19 -03:00
CODE_OF_CONDUCT.md Create template code of conduct 2021-06-08 10:14:29 -06:00
Cargo.lock sim: Move Cargo package to top level 2021-09-17 10:45:53 -06:00
Cargo.toml sim: Move Cargo package to top level 2021-09-17 10:45:53 -06:00
LICENSE Add mention to tinycrypt LICENSE in main LICENSE 2017-09-12 10:15:24 -06:00
NOTICE boot: Add AES256 support for image encryption 2021-05-18 07:25:12 -03:00
README.md Preps for 1.8.0-rc2 2021-09-29 15:31:32 -06:00
enc-aes128kw.b64 Add sample encryption keys 2018-10-12 13:36:13 -03:00
enc-aes256kw.b64 boot: Add AES256 support for image encryption 2021-05-18 07:25:12 -03:00
enc-ec256-priv.pem sim: add EC256 encryption key 2019-11-06 06:55:25 -03:00
enc-ec256-pub.pem sim: add EC256 encryption key 2019-11-06 06:55:25 -03:00
enc-rsa2048-priv.pem Add sample encryption keys 2018-10-12 13:36:13 -03:00
enc-rsa2048-pub.pem Add sample encryption keys 2018-10-12 13:36:13 -03:00
enc-x25519-priv.pem keys: Add sample x25519 priv/pub keys 2020-04-10 17:56:14 -03:00
enc-x25519-pub.pem keys: Add sample x25519 priv/pub keys 2020-04-10 17:56:14 -03:00
go.mod doc: fix github urls to use the new org 2020-11-10 14:19:19 -03:00
project.yml Update mynewt-core repo name 2018-08-03 15:31:39 -07:00
repository.yml Preps for 1.8.0-rc2 2021-09-29 15:31:32 -06:00
root-ec-p256-pkcs8.pem Add ECDSA-P256 key in PKCS#8 format 2019-01-18 09:44:48 -07:00
root-ec-p256.pem zephyr: Support RSA, and ECDSA P-256 signing 2017-02-02 08:39:18 -07:00
root-ed25519.pem Add bootutil support for ed25519 validation 2019-06-13 19:21:05 -03:00
root-rsa-2048.pem zephyr: Support RSA, and ECDSA P-256 signing 2017-02-02 08:39:18 -07:00
root-rsa-3072.pem Add simulator support for RSA-3072 sigs 2019-05-16 14:01:19 -03:00

README.md

mcuboot

Package on PyPI Coverity Scan Build Status Build Status (Sim) Build Status (Mynewt) Publishing Status (imgtool) Build Status (Travis CI) Apache 2.0

This is mcuboot version 1.8.0-rc2

MCUboot is a secure bootloader for 32-bit MCUs. The goal of MCUboot is to define a common infrastructure for the bootloader, system flash layout on microcontroller systems, and to provide a secure bootloader that enables simple software upgrades.

MCUboot is operating system and hardware independent and relies on hardware porting layers from the operating. Currently, mcuboot works with both the Apache Mynewt and Zephyr operating systems, but more ports are planned in the future. RIOT is currently supported as a boot target with a complete port planned.

Using MCUboot

Instructions for different operating systems can be found here:

Roadmap

The issues being planned and worked on are tracked using GitHub issues. To participate please visit:

MCUBoot GitHub Issues

Issues were previously tracked on MCUboot JIRA , but it is now deprecated.

Browsing

Information and documentation on the bootloader are stored within the source.

It was previously also documented on confluence: MCUBoot Confluence however, it is now deprecated and not currently maintained

For more information in the source, here are some pointers:

  • boot/bootutil: The core of the bootloader itself.
  • boot/boot_serial: Support for serial upgrade within the bootloader itself.
  • boot/zephyr: Port of the bootloader to Zephyr
  • boot/mynewt: Mynewt bootloader app
  • boot/nuttx: Bootloader application and port of MCUboot interfaces for NuttX.
  • boot/espressif: Bootloader application and MCUboot port for Espressif SoCs.
  • imgtool: A tool to securely sign firmware images for booting by mcuboot.
  • sim: A bootloader simulator for testing and regression

Joining

Developers welcome!