Home
last modified time | relevance | path

Searched full:security (Results 1 – 25 of 54) sorted by relevance

123

/mcuboot-latest/docs/
DSECURITY.md1 # Project security policy
3 The MCUboot team takes security, vulnerabilities, and weaknesses
6 ## Reporting security issues
8 The preferred way to report security issues with MCUboot is via the "Report a
9 security vulnerability" button on the main [security
10 page](https://github.com/mcu-tools/mcuboot/security).
37 Please include the word "SECURITY" as well as "MCUboot" in the subject
48 - Issues will be entered into MCUboot's [security advisory
49 system](https://github.com/mcu-tools/mcuboot/security/advisories) on GitHub, with
54 - When the embargo is lifted, the security advisory page will be made
Dreadme-espressif.md210 ### [Downgrade prevention with security counter](#downgrade-prevention-with-security-counter)
212 It is also possible to rely on a security counter, also added to the image when signing with
214 since any update must have greater or equal security counter value. Enable using the following
222 been signed using security counter `-s 1` or greater.
224 # [Security Chain on Espressif port](#security-chain-on-espressif-port)
229 Espressif chips have off-chip flash memory, so to ensure a security chain along with MCUboot image
300 [IDF's Secure Boot V2](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/secure-…
442 additional security measure beyond MCUboot existent features.
444 [IDF](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/flash-encryption.html)
638 ## [Security Chain scheme](#security-chain-scheme)
[all …]
Drelease-notes.md148 ### Security fixes
150 There are no security vulnerabilities reported on the MCUboot code for this
185 ### Security fixes
217 ### Security fixes
219 - [GHSA-gcxh-546h-phg4](https://github.com/mcu-tools/mcuboot/security/advisories/GHSA-gcxh-546h-phg…
289 ### Security issues addressed
Dindex.md55 - [Project security policy](SECURITY.md)
/mcuboot-latest/boot/bootutil/include/bootutil/
Dsecurity_cnt.h22 * @note A security counter might be implemented using non-volatile OTP memory
24 * code to map each possible security counter values onto the fuse bits
36 * Initialises the security counters.
43 * Reads the stored value of a given image's security counter.
46 * @param security_cnt Pointer to store the security counter value.
53 * Updates the stored value of a given image's security counter with a new
54 * security counter value if the new one is greater.
57 * @param img_security_cnt New security counter value. The new value must be
59 * or equal to the current security counter value.
/mcuboot-latest/sim/mcuboot-sys/csupport/
Dsecurity_cnt.c13 * the storage area where the security counter values reside
31 MCUBOOT_LOG_INF("Read security counter value (%d) for image: %d\n", counter, image_id); in boot_nv_security_counter_get()
38 …MCUBOOT_LOG_INF("Writing security counter value (%d) for image: %d\n", img_security_cnt, image_id); in boot_nv_security_counter_update()
/mcuboot-latest/boot/bootutil/src/
Dimage_validate.c296 * Reads the value of an image's security counter.
301 * @param security_cnt Pointer to store the security counter value.
322 /* The security counter TLV is in the protected part of the TLV area. */ in bootutil_get_img_security_cnt()
333 * the security counter TLV. in bootutil_get_img_security_cnt()
338 /* Security counter TLV has not been found. */ in bootutil_get_img_security_cnt()
343 /* Security counter is not valid. */ in bootutil_get_img_security_cnt()
539 * Verify the image's security counter. in bootutil_img_validate()
543 /* Security counter is not valid. */ in bootutil_img_validate()
560 /* Compare the new image's security counter value against the in bootutil_img_validate()
561 * stored security counter value. in bootutil_img_validate()
[all …]
Dloader.c821 * Validate image hash/signature and optionally the security counter in a slot.
1168 * Updates the stored security counter value with the image's security counter
1172 * @param image_index Index of the image to determine which security
1542 /* Update the stored security counter with the new image's security counter
1550 BOOT_LOG_ERR("Security counter update failed after image upgrade.");
1777 /* Update the stored security counter with the new image's security
1783 * revert the images on the next reboot. Therefore, the security
1791 BOOT_LOG_ERR("Security counter update failed after "
2099 * Updates the security counter for the current image.
2111 /* Update the stored security counter with the active image's security
[all …]
/mcuboot-latest/boot/zephyr/boards/
Dnrf52_minimal_footprint.conf3 # This is not recomendet configuration because of security and reliability
12 # by security reason.
/mcuboot-latest/ext/tinycrypt/documentation/
Dtinycrypt.rst16 security and technicalities of each cryptographic primitive are found in the
147 length. The security of the output is exactly equal to the
172 length. The security of the output is exactly equal to the
183 * AES128-CMAC mode of operation offers 64 bits of security against collision
211 The mac size parameter is an important parameter to estimate the security
230 * RFC-3610, which also specifies CCM, presents a few relevant security
234 key obviously destroys the security properties of CCM mode.
/mcuboot-latest/ext/tinycrypt/lib/include/tinycrypt/
Dsha256.h41 * Security: SHA-256 provides 128 bits of security against collision attacks
42 * and 256 bits of security against pre-image attacks. SHA-256 does
Dhmac.h44 * Security: The security of the HMAC depends on the length of the key and
45 * on the security of the hash function. Note that HMAC primitives
Dccm_mode.h53 * Security: The mac length parameter is an important parameter to estimate the
54 * security against collision attacks (that aim at finding different
60 * security suggestions, such as: it is recommended for most
63 * encrypted with the same key destroys the security of CCM mode.
Dctr_mode.h42 * Security: CTR mode achieves confidentiality only if the counter value is
54 * security). 2^32 block encryptions should be enough for most of
Daes.h42 * Security: AES-128 provides approximately 128 bits of security.
Decc_dh.h66 * Security: The curve NIST p-256 provides approximately 128 bits of security.
Dcbc_mode.h43 * Security: CBC mode provides data confidentiality given that the maximum
56 * The randomness property on which CBC mode's security depends is
Dctr_prng.h42 * Security: A cryptographically secure PRNG depends on the existence of an
44 * security of the primitives used as the building blocks (AES-128
Decc_dsa.h67 * Security: The curve NIST p-256 provides approximately 128 bits of security.
/mcuboot-latest/ext/tinycrypt-sha512/lib/include/tinycrypt/
Dsha512.h41 * Security: SHA-512 provides 256 bits of security against collision attacks
42 * and 512 bits of security against pre-image attacks. SHA-512 does
/mcuboot-latest/boot/mynewt/mcuboot_config/
Dsyscfg.yml90 security counter is used for version eligibility check instead of pure
92 equal security counter value.
111 set, any upgrade must have greater or equal security counter value.
/mcuboot-latest/boot/cypress/MCUBootApp/config/
Dmcuboot_crypto_config.h369 * use constitutes a security risk. If possible, we recommend
440 * constitutes a security risk. If possible, we recommend avoiding
528 * Enabling the switch negates any security provided by the library.
639 * encryption or channels without any security!
688 * channels with virtually no security at all!
697 * security risk. We recommend considering stronger ciphers instead.
725 * (In-)Security of 64-bit Block Ciphers" by Karthikeyan Bhargavan and Gaëtan
878 * \warning Using DHE constitutes a security risk as it
984 * \warning Using DHE constitutes a security risk as it
1554 * it has been associated with security issues in the past and is easy to
[all …]
/mcuboot-latest/boot/espressif/
Dmain.c118 …Secure boot or Flash encryption is enabled then it does not provide any security. FOR TESTING ONLY… in main()
204 BOOT_LOG_ERR("Error programming security eFuses (err=0x%x).", err); in main()
282 /* Disable glitch reset after all the security checks are completed. in main()
/mcuboot-latest/ext/fiat/
DREADME.chromium7 Security Critical: yes
/mcuboot-latest/boot/zephyr/
DKconfig252 low end devices with as a compromise lowering the security level.
369 when there is no security mechanism protecting the data in the primary
714 bool "Use image security counter instead of version number"
718 Security counter is used for version eligibility check instead of pure
720 equal security counter value.
728 set, any upgrade must have greater or equal security counter value.

123