Skip to content

boot:crypto Add custom crypto support#2680

Open
OleksandrShkurchenko wants to merge 1 commit intomcu-tools:mainfrom
OleksandrShkurchenko:custom_crypto_pr
Open

boot:crypto Add custom crypto support#2680
OleksandrShkurchenko wants to merge 1 commit intomcu-tools:mainfrom
OleksandrShkurchenko:custom_crypto_pr

Conversation

@OleksandrShkurchenko
Copy link
Copy Markdown

@OleksandrShkurchenko OleksandrShkurchenko commented Mar 30, 2026
edited
Loading

The MCUBOOT_USE_CUSTOM_CRYPTO option allows to implement a custom
backend that lets users plug in any crypto library, hardware
accelerator, proprietary SDK, or another software implementation
without modifying MCUboot's own source.

d3zd3z
d3zd3z requested changes Mar 30, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@d3zd3z d3zd3z left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. A minor textual change, and adding CI support.

In addition, can you please format the commit text to be less than 72 columns.

Comment thread docs/custom_crypto.md Outdated
Comment thread sim/Cargo.toml
@d3zd3z d3zd3z self-assigned this Mar 30, 2026
nordicjm
nordicjm requested changes Apr 9, 2026
View reviewed changes
Comment thread boot/bootutil/src/encrypted_psa.c Outdated
Comment thread boot/bootutil/include/bootutil/crypto/sha.h Outdated
Comment thread boot/bootutil/include/bootutil/crypto/ecdsa.h Outdated
@nordicjm nordicjm requested a review from de-nordic April 9, 2026 14:52
d3zd3z
d3zd3z requested changes Apr 10, 2026
View reviewed changes
Comment thread docs/custom_crypto.md Outdated
Comment thread .github/workflows/sim.yaml Outdated
@OleksandrShkurchenko
boot:crypto Add custom crypto support
e409790 
The `MCUBOOT_USE_CUSTOM_CRYPTO` option allows to implement a custom
backend that lets users plug in any crypto library, hardware
accelerator, proprietary SDK, or another software implementation
without modifying MCUboot's own source.

Signed-off-by: Oleksandr Shkurchenko <Oleksandr.Shkurchenko@infineon.com>
d3zd3z
d3zd3z approved these changes Apr 24, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@d3zd3z d3zd3z left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Thanks.

Comment thread sim/mcuboot-sys/csupport/custom_crypto/sim_custom_hmac_sha256.h
return mbedtls_md_hmac_update(ctx, data, data_length);
}

static inline int bootutil_hmac_sha256_finish(bootutil_hmac_sha256_context *ctx,
Copy link
Copy Markdown
Member

@d3zd3z d3zd3z Apr 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if we should have a comment explaining why we ignore taglen, and specifically, what taglen mbedtls is expecting?

@d3zd3z d3zd3z mentioned this pull request Apr 24, 2026
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@d3zd3z d3zd3z d3zd3z approved these changes

@davidvincze davidvincze Awaiting requested review from davidvincze davidvincze is a code owner

@de-nordic de-nordic Awaiting requested review from de-nordic

@nordicjm nordicjm Awaiting requested review from nordicjm

Requested changes must be addressed to merge this pull request.

Assignees

@d3zd3z d3zd3z

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@OleksandrShkurchenko @d3zd3z @nordicjm