mcu-tools
diff --git a/‎.github/workflows/sim.yaml‎
Lines changed: 2 additions & 0 deletions b/‎.github/workflows/sim.yaml‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎boot/bootutil/include/bootutil/crypto/aes_ctr.h‎
Lines changed: 9 additions & 6 deletions b/‎boot/bootutil/include/bootutil/crypto/aes_ctr.h‎
Lines changed: 9 additions & 6 deletions
diff --git a/‎boot/bootutil/include/bootutil/crypto/ecdh_p256.h‎
Lines changed: 6 additions & 5 deletions b/‎boot/bootutil/include/bootutil/crypto/ecdh_p256.h‎
Lines changed: 6 additions & 5 deletions
diff --git a/‎boot/bootutil/include/bootutil/crypto/ecdsa.h‎
Lines changed: 18 additions & 11 deletions b/‎boot/bootutil/include/bootutil/crypto/ecdsa.h‎
Lines changed: 18 additions & 11 deletions
diff --git a/‎boot/bootutil/include/bootutil/crypto/hmac_sha256.h‎
Lines changed: 11 additions & 7 deletions b/‎boot/bootutil/include/bootutil/crypto/hmac_sha256.h‎
Lines changed: 11 additions & 7 deletions
diff --git a/‎boot/bootutil/include/bootutil/crypto/sha.h‎
Lines changed: 14 additions & 7 deletions b/‎boot/bootutil/include/bootutil/crypto/sha.h‎
Lines changed: 14 additions & 7 deletions
diff --git a/‎boot/bootutil/src/encrypted.c‎
Lines changed: 9 additions & 0 deletions b/‎boot/bootutil/src/encrypted.c‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎boot/bootutil/src/encrypted_psa.c‎
Lines changed: 4 additions & 0 deletions b/‎boot/bootutil/src/encrypted_psa.c‎
Lines changed: 4 additions & 0 deletions
@@ -48,6 +48,8 @@ jobs:
         - "sig-ecdsa-psa enc-ec256 max-align-16, sig-ecdsa-psa enc-ec256 swap-offset validate-primary-slot max-align-16"
         - "ram-load enc-aes256-kw multiimage"
         - "ram-load enc-aes256-kw sig-ecdsa-mbedtls multiimage"
+        - "custom-crypto,custom-crypto overwrite-only,custom-crypto validate-primary-slot,custom-crypto swap-offset"
+        - "custom-enc-crypto,custom-enc-crypto validate-primary-slot,custom-enc-crypto swap-offset validate-primary-slot max-align-32"
     runs-on: ubuntu-latest
     env:
       MULTI_FEATURES: ${{ matrix.features }}
 
@@ -2,9 +2,10 @@
  * This module provides a thin abstraction over some of the crypto
  * primitives to make it easier to swap out the used crypto library.
  *
- * At this point, there are two choices: MCUBOOT_USE_MBED_TLS, or
- * MCUBOOT_USE_TINYCRYPT.  It is a compile error there is not exactly
- * one of these defined.
+ * At this point, there are four choices: MCUBOOT_USE_MBED_TLS,
+ * MCUBOOT_USE_TINYCRYPT, MCUBOOT_USE_PSA_CRYPTO, or
+ * MCUBOOT_USE_CUSTOM_CRYPTO.  It is a compile error if there is not
+ * exactly one of these defined.
  */
 
 #ifndef __BOOTUTIL_CRYPTO_AES_CTR_H_
@@ -13,8 +14,10 @@
 #include "mcuboot_config/mcuboot_config.h"
 
 #if (defined(MCUBOOT_USE_MBED_TLS) + \
-     defined(MCUBOOT_USE_TINYCRYPT) + defined(MCUBOOT_USE_PSA_CRYPTO)) != 1
-    #error "One crypto backend must be defined: either MBED_TLS or TINYCRYPT or PSA"
+     defined(MCUBOOT_USE_TINYCRYPT) + \
+     defined(MCUBOOT_USE_PSA_CRYPTO) + \
+     defined(MCUBOOT_USE_CUSTOM_CRYPTO)) != 1
+    #error "One crypto backend must be defined: either MBED_TLS or TINYCRYPT or PSA or CUSTOM_CRYPTO"
 #endif
 
 #if defined(MCUBOOT_USE_MBED_TLS)
@@ -27,6 +30,6 @@
 
 #if defined(MCUBOOT_USE_PSA_CRYPTO)
     #include "bootutil/crypto/aes_ctr_psa.h"
-#endif
+#endif /* MCUBOOT_USE_PSA_CRYPTO */
 
 #endif /* __BOOTUTIL_CRYPTO_AES_CTR_H_ */
@@ -2,9 +2,9 @@
  * This module provides a thin abstraction over some of the crypto
  * primitives to make it easier to swap out the used crypto library.
  *
- * At this point, there are two choices: MCUBOOT_USE_MBED_TLS, or
- * MCUBOOT_USE_TINYCRYPT.  It is a compile error there is not exactly
- * one of these defined.
+ * At this point, there are three choices: MCUBOOT_USE_MBED_TLS,
+ * MCUBOOT_USE_TINYCRYPT, or MCUBOOT_USE_CUSTOM_CRYPTO.  It is a compile
+ * error if there is not exactly one of these defined.
  */
 
 #ifndef __BOOTUTIL_CRYPTO_ECDH_P256_H_
@@ -13,8 +13,9 @@
 #include "mcuboot_config/mcuboot_config.h"
 
 #if (defined(MCUBOOT_USE_MBED_TLS) + \
-     defined(MCUBOOT_USE_TINYCRYPT)) != 1
-    #error "One crypto backend must be defined: either MBED_TLS or TINYCRYPT"
+     defined(MCUBOOT_USE_TINYCRYPT) + \
+     defined(MCUBOOT_USE_CUSTOM_CRYPTO)) != 1
+    #error "One crypto backend must be defined: either MBED_TLS or TINYCRYPT or CUSTOM_CRYPTO"
 #endif
 
 #if defined(MCUBOOT_USE_MBED_TLS)
 
@@ -9,12 +9,13 @@
  * primitives to make it easier to swap out the used crypto library.
  *
  * At this point, the choices are: MCUBOOT_USE_TINYCRYPT, MCUBOOT_USE_CC310,
- * MCUBOOT_USE_MBED_TLS, MCUBOOT_USE_PSA_CRYPTO. Note that support for
- * MCUBOOT_USE_PSA_CRYPTO is still experimental and it might not support all
- * the crypto abstractions that MCUBOOT_USE_MBED_TLS supports. For this
- * reason, it's allowed to have both of them defined, and for crypto modules
- * that support both abstractions, the MCUBOOT_USE_PSA_CRYPTO will take
- * precedence.
+ * MCUBOOT_USE_MBED_TLS, MCUBOOT_USE_PSA_CRYPTO, MCUBOOT_USE_CUSTOM_CRYPTO.
+ * Note that support for MCUBOOT_USE_PSA_CRYPTO is still experimental and it
+ * might not support all the crypto abstractions that MCUBOOT_USE_MBED_TLS
+ * supports. For this reason, it's allowed to have both of them defined, and
+ * for crypto modules that support both abstractions, the MCUBOOT_USE_PSA_CRYPTO
+ * will take precedence. MCUBOOT_USE_CUSTOM_CRYPTO delegates all operations to
+ * a platform-supplied <mcuboot_custom_crypto.h> resolved via the include path.
  */
 
 #ifndef __BOOTUTIL_CRYPTO_ECDSA_H_
@@ -27,15 +28,21 @@
 #define MCUBOOT_USE_PSA_OR_MBED_TLS
 #endif /* MCUBOOT_USE_PSA_CRYPTO || MCUBOOT_USE_MBED_TLS */
 
+#if defined(MCUBOOT_USE_CUSTOM_CRYPTO) && defined(MCUBOOT_USE_PSA_OR_MBED_TLS)
+    #error "MCUBOOT_USE_CUSTOM_CRYPTO is mutually exclusive with MCUBOOT_USE_PSA_CRYPTO and MCUBOOT_USE_MBED_TLS"
+#endif
+
 #if defined(MCUBOOT_SIGN_EC384) && \
-    !defined(MCUBOOT_USE_PSA_CRYPTO)
-    #error "P384 requires PSA_CRYPTO to be defined"
+    !defined(MCUBOOT_USE_PSA_CRYPTO) && \
+    !defined(MCUBOOT_USE_CUSTOM_CRYPTO)
+    #error "P384 requires PSA_CRYPTO or CUSTOM_CRYPTO to be defined"
 #endif
 
 #if (defined(MCUBOOT_USE_TINYCRYPT) + \
      defined(MCUBOOT_USE_CC310) + \
-     defined(MCUBOOT_USE_PSA_OR_MBED_TLS)) != 1
-    #error "One crypto backend must be defined: either CC310/TINYCRYPT/MBED_TLS/PSA_CRYPTO"
+     defined(MCUBOOT_USE_PSA_OR_MBED_TLS) + \
+     defined(MCUBOOT_USE_CUSTOM_CRYPTO)) != 1
+    #error "One crypto backend must be defined: either CC310/TINYCRYPT/MBED_TLS/PSA_CRYPTO/CUSTOM_CRYPTO"
 #endif
 
 #if defined(MCUBOOT_USE_TINYCRYPT)
@@ -66,7 +73,7 @@
 #define BOOTUTIL_CRYPTO_ECDSA_P256_HASH_SIZE (32)
 
 #include "bootutil/sign_key.h"
-#if !defined(MCUBOOT_USE_PSA_CRYPTO)
+#if !defined(MCUBOOT_USE_PSA_CRYPTO) && !defined(MCUBOOT_USE_CUSTOM_CRYPTO)
 #include "bootutil/crypto/common.h"
 #include "mbedtls/asn1.h"
 #include "mbedtls/oid.h"
 
@@ -2,9 +2,9 @@
  * This module provides a thin abstraction over some of the crypto
  * primitives to make it easier to swap out the used crypto library.
  *
- * At this point, there are two choices: MCUBOOT_USE_MBED_TLS, or
- * MCUBOOT_USE_TINYCRYPT.  It is a compile error there is not exactly
- * one of these defined.
+ * At this point, there are three choices: MCUBOOT_USE_MBED_TLS,
+ * MCUBOOT_USE_TINYCRYPT, or MCUBOOT_USE_CUSTOM_CRYPTO.  It is a compile
+ * error if there is not exactly one of these defined.
  */
 
 #ifndef __BOOTUTIL_CRYPTO_HMAC_SHA256_H_
@@ -13,8 +13,9 @@
 #include "mcuboot_config/mcuboot_config.h"
 
 #if (defined(MCUBOOT_USE_MBED_TLS) + \
-     defined(MCUBOOT_USE_TINYCRYPT)) != 1
-    #error "One crypto backend must be defined: either MBED_TLS or TINYCRYPT"
+     defined(MCUBOOT_USE_TINYCRYPT) + \
+     defined(MCUBOOT_USE_CUSTOM_CRYPTO)) != 1
+    #error "One crypto backend must be defined: MBED_TLS, TINYCRYPT, or CUSTOM_CRYPTO"
 #endif
 
 #if defined(MCUBOOT_USE_MBED_TLS)
@@ -119,10 +120,13 @@ static inline int bootutil_hmac_sha256_update(bootutil_hmac_sha256_context *ctx,
 
 static inline int bootutil_hmac_sha256_finish(bootutil_hmac_sha256_context *ctx, uint8_t *tag, unsigned int taglen)
 {
-    (void)taglen;
     /*
-     * HMAC the key and check that our received MAC matches the generated tag
+     * Finalize the HMAC computation and output the tag.
+     * mbedtls_md_hmac_finish() always outputs the full 32-byte SHA-256 digest
+     * and does not support truncation. taglen is ignored; caller must provide
+     * a 32-byte buffer.
      */
+    (void)taglen;
     return mbedtls_md_hmac_finish(ctx, tag);
 }
 #endif /* MCUBOOT_USE_MBED_TLS */
 
@@ -11,11 +11,13 @@
  * primitives to make it easier to swap out the used crypto library.
  *
  * At this point, the choices are: MCUBOOT_USE_MBED_TLS, MCUBOOT_USE_TINYCRYPT,
- * MCUBOOT_USE_PSA_CRYPTO, MCUBOOT_USE_CC310. Note that support for MCUBOOT_USE_PSA_CRYPTO
- * is still experimental and it might not support all the crypto abstractions
- * that MCUBOOT_USE_MBED_TLS supports. For this reason, it's allowed to have
- * both of them defined, and for crypto modules that support both abstractions,
- * the MCUBOOT_USE_PSA_CRYPTO will take precedence.
+ * MCUBOOT_USE_PSA_CRYPTO, MCUBOOT_USE_CC310, MCUBOOT_USE_CUSTOM_CRYPTO. Note
+ * that support for MCUBOOT_USE_PSA_CRYPTO is still experimental and it might
+ * not support all the crypto abstractions that MCUBOOT_USE_MBED_TLS supports.
+ * For this reason, it's allowed to have both of them defined, and for crypto
+ * modules that support both abstractions, the MCUBOOT_USE_PSA_CRYPTO will take
+ * precedence. MCUBOOT_USE_CUSTOM_CRYPTO delegates all operations to a
+ * platform-supplied <mcuboot_custom_crypto.h> resolved via the include path.
  */
 
 #ifndef __BOOTUTIL_CRYPTO_SHA_H_
@@ -28,10 +30,15 @@
 #define MCUBOOT_USE_PSA_OR_MBED_TLS
 #endif /* MCUBOOT_USE_PSA_CRYPTO || MCUBOOT_USE_MBED_TLS */
 
+#if defined(MCUBOOT_USE_CUSTOM_CRYPTO) && defined(MCUBOOT_USE_PSA_OR_MBED_TLS)
+    #error "MCUBOOT_USE_CUSTOM_CRYPTO is mutually exclusive with MCUBOOT_USE_PSA_CRYPTO and MCUBOOT_USE_MBED_TLS"
+#endif
+
 #if (defined(MCUBOOT_USE_PSA_OR_MBED_TLS) + \
      defined(MCUBOOT_USE_TINYCRYPT) + \
-     defined(MCUBOOT_USE_CC310)) != 1
-    #error "One crypto backend must be defined: either CC310/MBED_TLS/TINYCRYPT/PSA_CRYPTO"
+     defined(MCUBOOT_USE_CC310) + \
+     defined(MCUBOOT_USE_CUSTOM_CRYPTO)) != 1
+    #error "One crypto backend must be defined: either CC310/MBED_TLS/TINYCRYPT/PSA_CRYPTO/CUSTOM_CRYPTO"
 #endif
 
 #if defined(MCUBOOT_SHA512)
 
@@ -9,6 +9,13 @@
 #include "mcuboot_config/mcuboot_config.h"
 
 #if defined(MCUBOOT_ENC_IMAGES)
+
+/* When MCUBOOT_USE_CUSTOM_CRYPTO is active the custom crypto translation unit
+ * provides all boot_enc_* and boot_decrypt_key symbols and handles HMAC/KDF
+ * internally without depending on MBED_TLS or TINYCRYPT.  Suppress this
+ * entire file to avoid duplicate symbol link errors. */
+#if !defined(MCUBOOT_USE_CUSTOM_CRYPTO)
+
 #include <stddef.h>
 #include <inttypes.h>
 #include <string.h>
@@ -720,4 +727,6 @@ boot_enc_zeroize(struct enc_key_data *enc_state)
     memset(enc_state, 0, sizeof(struct enc_key_data) * BOOT_NUM_SLOTS);
 }
 
+#endif /* !MCUBOOT_USE_CUSTOM_CRYPTO */
+
 #endif /* MCUBOOT_ENC_IMAGES */
@@ -6,6 +6,8 @@
 
 #include "mcuboot_config/mcuboot_config.h"
 
+#if defined(MCUBOOT_USE_PSA_CRYPTO)
+
 #include <stddef.h>
 #include <inttypes.h>
 #include <string.h>
@@ -536,3 +538,5 @@ int bootutil_aes_ctr_decrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter,
     return ret;
 }
 #endif /* defined(MCUBOOT_ENC_IMAGES) */
+
+#endif /* defined(MCUBOOT_USE_PSA_CRYPTO) */