| /mcuboot-latest/docs/ |
| D | release.md | 8 follow a `MAJOR.MINOR.PATCH` format with the following guidelines on
12 2. MINOR version when new functionalities were added in a
13 backward-compatible manner.
14 3. PATCH version when there are backward-compatible bug fixes.
16 We add pre-release tags using the format `MAJOR.MINOR.PATCH-rc1`.
19 format `MAJOR.MINOR.PATCH-dev`.
23 Before making a release, update the `docs/release-notes.md` file
24 to describe the release. This should be a high-level description of
25 the changes, not a list of the git commits.
29 various snippets in the `docs/release-notes.d` directory. After
[all …]
|
| D | encrypted_images.md | 1 <!--
2 -
3 - Licensed to the Apache Software Foundation (ASF) under one
4 - or more contributor license agreements. See the NOTICE file
5 - distributed with this work for additional information
6 - regarding copyright ownership. The ASF licenses this file
7 - to you under the Apache License, Version 2.0 (the
8 - "License"); you may not use this file except in compliance
9 - with the License. You may obtain a copy of the License at
10 -
[all …]
|
| D | SubmittingPatches.md | 4 repository](https://github.com/mcu-tools/mcuboot).
8 Each commit has to have, in the commit message, a "Signed-off-by" line
10 must add this line at the end of the commit text, separated by a blank
11 line. You can also add a line linking the commit to a specific GitHub
12 issue, as this section supports multiple lines, similarly to RFC-2822.
16 - A line that indicates that the signer agrees to the "Developer
20 Signed-off-by: Developer Name <devname@example.com>
23 - A line that links this commit to specific GitHub issues, if present:
29 For more details about linking a GitHub pull request to a GitHub issue,
31 …(https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-iss…
[all …]
|
| D | readme-zephyr.md | 4 acquired the ability to be used as a bootloader for Zephyr as well.
15 - `boot_partition`: for MCUboot itself
16 - `slot0_partition`: the primary slot of Image 0
17 - `slot1_partition`: the secondary slot of Image 0
19 It is not recommended to use the swap-using-scratch algorithm of MCUboot, but
21 needed (see end of this help file for details on creating a scratch partition
22 and how to use the swap-using-scratch algorithm):
24 - `scratch_partition`: the scratch slot
33 The flash partitions are typically defined in the Zephyr boards folder, in a
45 pip3 install --user -r scripts/requirements.txt
[all …]
|
| D | release-notes.md | 3 - Table of Contents
8 - Boot serial: Add response to echo command if support is not
12 - Added support for using builtin keys for image validation
14 - Enforce that TLV entries that should be protected are.
16 - bootutil: Fixed issue with comparing sector sizes for
20 - bootutil: Added debug logging to show write location of swap status
22 a given board.
23 - Update ptest to support test selection. Ptest can now be invoked with `list`
24 to show the available tests and `run` to run them. The `-t` argument will
26 - Allow sim tests to skip slow tests. By setting `MCUBOOT_SKIP_SLOW_TESTS` in
[all …]
|
| D | design.md | 1 <!--
2 - SPDX-License-Identifier: Apache-2.0
4 - Copyright (c) 2017-2020 Linaro LTD
5 - Copyright (c) 2017-2019 JUUL Labs
6 - Copyright (c) 2019-2024 Arm Limited
8 - Original license:
10 - Licensed to the Apache Software Foundation (ASF) under one
11 - or more contributor license agreements. See the NOTICE file
12 - distributed with this work for additional information
13 - regarding copyright ownership. The ASF licenses this file
[all …]
|
| D | readme-nuttx.md | 5 The NuttX port of MCUboot secure boot library expects that the platform provides a Flash storage wi…
6 - `CONFIG_MCUBOOT_PRIMARY_SLOT_PATH`: MTD partition for the application firmware image PRIMARY slot;
7 - `CONFIG_MCUBOOT_SECONDARY_SLOT_PATH`: MTD partition for the application firmware image SECONDARY …
8 - `CONFIG_MCUBOOT_SCRATCH_PATH`: MTD partition for the Scratch area;
12 - `CONFIG_MCUBOOT_WATCHDOG`: If `CONFIG_WATCHDOG` is enabled, MCUboot shall reset the watchdog time…
15 - `<flash_map_backend/flash_map_backend.h>`, for enabling MCUboot to manage the application firmwar…
16 - `<mcuboot_config/mcuboot_config.h>`, for configuration of MCUboot's features.
17 - `<mcuboot_config/mcuboot_logging.h>`, for providing logging capabilities.
18 - `<os/os_malloc.h>`, for providing MCUboot access to the OS memory management interfaces.
19 - `<sysflash/sysflash.h>`, for configuration of the system's flash area organization.
[all …]
|
| D | readme-mbed.md | 7 Note: The following is a general overview. It does not cover MCUboot or Mbed OS basics.
9 See https://github.com/AGlass0fMilk/mbed-mcuboot-demo as a detailed example.
14 * `"mcuboot.primary-slot-address"`: address of the primary slot in the internal flash
15 * `"mcuboot.slot-size"`: size of an image slot (only one image, two slots are currently supported)
16 * `"mcuboot.max-img-sectors"`: maximum number of sectors, should be at least the number of sectors …
19 …, slot swapping, etc. can be found in [mbed_lib.json](https://github.com/mcu-tools/mcuboot/tree/ma…
21 ### Providing a secondary slot
24 * Its size equals the `"mcuboot.slot-size"` you have set
25 …rger than _one byte_, you need to set `"mcuboot.read-granularity"` to the read size of the storage…
35 …ild a bootloader based on MCUboot, make sure `"mcuboot.bootloader-build"` is `true` (already the d…
[all …]
|
| D | PORTING.md | 1 # Porting how-to
4 `MCUboot` to a new target `OS`.
8 * `MCUboot` requires a configuration file, which can be included as
12 * `MCUboot` requires that the target provides a `flash` API with ability to
15 * `MCUboot` doesn't bundle a cryptographic library, which means the target
24 From the perspective of the target OS, the bootloader can be seen as a library,
25 so an entry point must be provided. This is likely a typical `app` for the
32 This function is located at `boot/bootutil/loader.c` and receives a `struct
37 /** A pointer to the header of the image to be executed. */
55 You must provide a file, mcuboot_config/mcuboot_config.h. This is
[all …]
|
| /mcuboot-latest/ext/tinycrypt-sha512/lib/source/ |
| D | sha512.c | 1 /* sha512.c - TinyCrypt SHA-512 crypto hash algorithm implementation */
9 * - Redistributions of source code must retain the above copyright notice,
12 * - Redistributions in binary form must reproduce the above copyright
16 * - Neither the name of Intel Corporation nor the names of its contributors
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53 s->iv[0] = 0x6a09e667f3bcc908; in tc_sha512_init()
54 s->iv[1] = 0xbb67ae8584caa73b; in tc_sha512_init()
55 s->iv[2] = 0x3c6ef372fe94f82b; in tc_sha512_init()
56 s->iv[3] = 0xa54ff53a5f1d36f1; in tc_sha512_init()
57 s->iv[4] = 0x510e527fade682d1; in tc_sha512_init()
[all …]
|
| /mcuboot-latest/ext/tinycrypt/lib/source/ |
| D | sha256.c | 1 /* sha256.c - TinyCrypt SHA-256 crypto hash algorithm implementation */
9 * - Redistributions of source code must retain the above copyright notice,
12 * - Redistributions in binary form must reproduce the above copyright
16 * - Neither the name of Intel Corporation nor the names of its contributors
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53 s->iv[0] = 0x6a09e667; in tc_sha256_init()
54 s->iv[1] = 0xbb67ae85; in tc_sha256_init()
55 s->iv[2] = 0x3c6ef372; in tc_sha256_init()
56 s->iv[3] = 0xa54ff53a; in tc_sha256_init()
57 s->iv[4] = 0x510e527f; in tc_sha256_init()
[all …]
|
| D | hmac_prng.c | 1 /* hmac_prng.c - TinyCrypt implementation of HMAC-PRNG */
9 * - Redistributions of source code must retain the above copyright notice,
12 * - Redistributions in binary form must reproduce the above copyright
16 * - Neither the name of Intel Corporation nor the names of its contributors
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
46 * SP800-90A specifies a maximum of 2^35 bits (i.e., 2^32 bytes).
52 * SP800-90A specifies a maximum of 2^35 bits (i.e., 2^32 bytes).
58 * SP800-90A specifies a maximum of 2^35 bits (i.e., 2^32 bytes).
63 * max number of generates between re-seeds;
64 * TinyCrypt accepts up to (2^32 - 1) which is the maximal value of
[all …]
|
| /mcuboot-latest/ext/mbedtls-asn1/include/mbedtls/ |
| D | bignum.h | 4 * \brief Multi-precision integer library
8 * SPDX-License-Identifier: Apache-2.0
12 * You may obtain a copy of the License at
14 * http://www.apache.org/licenses/LICENSE-2.0
35 …_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or w…
36 #define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to fun…
37 #define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid charact…
38 #define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to …
39 #define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are neg…
40 #define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for divi…
[all …]
|
| D | asn1.h | 8 * SPDX-License-Identifier: Apache-2.0
12 * You may obtain a copy of the License at
14 * http://www.apache.org/licenses/LICENSE-2.0
43 * ASN1 is a standard to specify data structures.
46 #define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an…
47 #define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpect…
48 #define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determ…
49 #define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from …
50 #define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. */
51 #define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A /**< Memory allocation failed */
[all …]
|
| D | pk.h | 8 * SPDX-License-Identifier: Apache-2.0
12 * You may obtain a copy of the License at
14 * http://www.apache.org/licenses/LICENSE-2.0
52 #define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80 /**< Memory allocation failed. */
53 #define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00 /**< Type mismatch, eg attempt to encrypt with …
54 #define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80 /**< Bad input parameters to function. */
55 #define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00 /**< Read/write of file failed. */
56 #define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80 /**< Unsupported key version */
57 #define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00 /**< Invalid key tag or value. */
58 #define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80 /**< Key algorithm is unsupported (only RSA and…
[all …]
|
| D | ecp.h | 9 * <em>RFC-4492: Elliptic Curve Cryptography (ECC) Cipher Suites
12 * <em>RFC-2409: The Internet Key Exchange (IKE)</em> defines ECP
19 * SPDX-License-Identifier: Apache-2.0
23 * You may obtain a copy of the License at
25 * http://www.apache.org/licenses/LICENSE-2.0
45 #define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to fun…
46 #define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to …
47 #define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< The requested feature is no…
48 #define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid.…
49 #define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80 /**< Memory allocation failed. */
[all …]
|
| D | rsa.h | 4 * \brief This file provides an API for the RSA public-key cryptosystem.
6 * The RSA public-key cryptosystem is defined in <em>Public-Key
8 * and <em>Public-Key Cryptography Standards (PKCS) #1 v2.1:
14 * SPDX-License-Identifier: Apache-2.0
18 * You may obtain a copy of the License at
20 * http://www.apache.org/licenses/LICENSE-2.0
44 #define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to fun…
45 #define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid…
46 …MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation…
47 #define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the vali…
[all …]
|
| /mcuboot-latest/ext/tinycrypt/documentation/ |
| D | tinycrypt.rst | 9 with a minimal set of standard cryptography primitives, as listed below. To better
19 * SHA-256:
22 * Standard Specification: NIST FIPS PUB 180-4.
23 * Requires: --
25 * HMAC-SHA256:
29 * Requires: SHA-256
31 * HMAC-PRNG:
33 * Type of primitive: Pseudo-random number generator (256-bit strength).
34 * Standard Specification: NIST SP 800-90A.
35 * Requires: SHA-256 and HMAC-SHA256.
[all …]
|
| /mcuboot-latest/ext/tinycrypt/lib/include/tinycrypt/ |
| D | cmac_mode.h | 1 /* cmac_mode.h -- interface to a CMAC implementation */
9 * - Redistributions of source code must retain the above copyright notice,
12 * - Redistributions in binary form must reproduce the above copyright
16 * - Neither the name of Intel Corporation nor the names of its contributors
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
35 * @brief Interface to a CMAC implementation.
37 * Overview: CMAC is defined NIST in SP 800-38B, and is the standard algorithm
38 * for computing a MAC using a block cipher. It can compute the MAC
39 * for a byte string of any length. It is distinguished from CBC-MAC
40 * in the processing of the final message block; CMAC uses a
[all …]
|
| D | hmac_prng.h | 1 /* hmac_prng.h - TinyCrypt interface to an HMAC-PRNG implementation */
9 * - Redistributions of source code must retain the above copyright notice,
12 * - Redistributions in binary form must reproduce the above copyright
16 * - Neither the name of Intel Corporation nor the names of its contributors
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
35 * @brief Interface to an HMAC-PRNG implementation.
37 * Overview: A pseudo-random number generator (PRNG) generates a sequence
38 * of numbers that have a distribution close to the one expected
39 * for a sequence of truly random numbers. The NIST Special
40 * Publication 800-90A specifies several mechanisms to generate
[all …]
|
| /mcuboot-latest/boot/zephyr/ |
| D | Kconfig | 1 # Copyright (c) 2017-2020 Linaro Limited
5 # SPDX-License-Identifier: Apache-2.0
10 comment "MCUboot-specific configuration options"
12 # Hidden option to mark a project as MCUboot
73 uploading a new application overwrites the one that previously
145 bool "Elliptic curve digital signatures with curve P-256"
191 default "root-ec-p256.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256
192 default "root-ed25519.pem" if BOOT_SIGNATURE_TYPE_ED25519
193 default "root-rsa-3072.pem" if BOOT_SIGNATURE_TYPE_RSA && BOOT_SIGNATURE_TYPE_RSA_LEN=3072
194 default "root-rsa-2048.pem" if BOOT_SIGNATURE_TYPE_RSA && BOOT_SIGNATURE_TYPE_RSA_LEN=2048
[all …]
|
| /mcuboot-latest/ |
| D | CODE_OF_CONDUCT.md | 7 community a harassment-free experience for everyone, regardless of age, body
9 identity and expression, level of experience, education, socio-economic status,
18 Examples of behavior that contributes to a positive environment for our
35 * Publishing others' private information, such as a physical or email
37 * Other conduct which could reasonably be considered inappropriate in a
56 Examples of representing our community include using an official e-mail address,
80 **Consequence**: A private, written warning from community leaders, providing
82 behavior was inappropriate. A public apology may be requested.
86 **Community Impact**: A violation through a single incident or series
89 **Consequence**: A warning with consequences for continued behavior. No
[all …]
|
| /mcuboot-latest/samples/zephyr/ |
| D | Makefile | 2 # Sample multi-part application Makefile
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
33 # signed-hello1.bin: A signed sample.
34 # signed-hello2.bin: An upgrade image, signed and marked for
39 # time, you should see a message about the bootloader not being able
40 # to find a bootable image.
43 # "primary slot". This should boot into this app, print a small message, and
51 # Extra .conf fragments to merge into the MCUboot .config, as a
52 # semicolon-separated list (i.e., a CMake list).
[all …]
|
| /mcuboot-latest/boot/zcbor/include/ |
| D | zcbor_common.h | 9 * SPDX-License-Identifier: Apache-2.0
51 /** Type representing a string fragment.
58 size_t total_len; ///! The total length of the string this fragment is a part of.
66 #define MIN(a, b) (((a) < (b)) ? (a) : (b)) argument
70 #define MAX(a, b) (((a) < (b)) ? (b) : (a)) argument
77 /* Endian-dependent offset of smaller integer in a bigger one. */
79 #define ZCBOR_ECPY_OFFS(dst_len, src_len) ((dst_len) - (src_len))
104 size_t elem_count; /**< The current element is part of a LIST or a MAP,
112 bool payload_moved; /**< Is set to true while the state is stored as a backup
114 updates the payload_end of all backed-up states. */
[all …]
|
| /mcuboot-latest/boot/cypress/MCUBootApp/config/ |
| D | mcuboot_crypto_config.h | 6 * This set of compile-time options may be used to enable
11 * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
12 * SPDX-License-Identifier: Apache-2.0
16 * You may obtain a copy of the License at
18 * http://www.apache.org/licenses/LICENSE-2.0
66 * The platform lacks support for double-width integer division (64-bit
67 * division on a 32-bit platform, 128-bit division on a 64-bit platform).
73 * The bignum code uses double-width division to speed up some operations.
74 * Double-width division is often implemented in software that needs to
75 * be linked with the program. The presence of a double-width integer
[all …]
|
