Allow bypasing signature has key matching #2310
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This MCUboot configuration option turns off matching of public key hash, taken from image TLV, against built in public key. Such verification is not needed when there is only one key built in as the signature verification will reject image signed with unknown key anyway. Enabling the option allows to slightly reduce MCUboot binary size by removing the code that does the key matching. Boot time improvement is not really significant. Signed-off-by: Dominik Ermel <[email protected]>
Add Zephyr support for MCUBOOT_BYPASS_KEY_MATCH Signed-off-by: Dominik Ermel <[email protected]>
de-nordic
force-pushed
the
bypass-key-match
branch
from
9cc97d9 to
06ad338
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently MCUboot checks whether key hash in TLV matches any known builtin public keys.
When only one key in compiled in, most cases, then this match is pointless as image signature verification will just verify validity of the key anyway.
The PR adds MCUBOOT_BYPASS_KEY_MATCH option that allows to turn of the key matching and slightly reduces the binary size.