From c1138f027076f468dd1bd663d31747fbe2efec29 Mon Sep 17 00:00:00 2001 From: Dominik Ermel Date: Wed, 19 Nov 2025 17:52:14 +0000 Subject: [PATCH 1/5] bootutil: Add prototypes for crypto backend initialization API Adds prototypes for: bootutil_crypto_backend_init bootutil_crypto_backend_deinit that will be expected to be provided by crypto backend in case when MCUBOOT_CRYPTO_BACKEND_HAS_INIT is enabled. Signed-off-by: Dominik Ermel --- .../include/bootutil/crypto/backend.h | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 boot/bootutil/include/bootutil/crypto/backend.h diff --git a/boot/bootutil/include/bootutil/crypto/backend.h b/boot/bootutil/include/bootutil/crypto/backend.h new file mode 100644 index 0000000000..118e75f4e6 --- /dev/null +++ b/boot/bootutil/include/bootutil/crypto/backend.h @@ -0,0 +1,33 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * Copyright (c) 2025 Nordic Semiconductor ASA + */ + +#ifndef __BOOTUTIL_CRYPTO_BACKEND_H__ +#define __BOOTUTIL_CRYPTO_BACKEND_H__ + +#if defined(MCUBOOT_CRYPTO_BACKEND_HAS_INIT) +/* Backend specific implementation for crypto subsystem + * initialization. + * MCUboot is supposed to call this function before + * any crypto operation, including sha functions, + * is executed. + * Returns true on success. The function can also just fault + * and topple entire boot process. + */ +bool bootutil_crypto_backend_init(void); + +/* Backend specific implementation for crypto subsystem + * deinitialization. + * No more cryptographic operations are expected to be + * invoked by MCUboot after this founction is called. + * Returns true on success. + */ +bool bootutil_crypto_backend_deinit(void); +#else +#define bootutil_crypto_backend_init() (true) +#define bootutil_crypto_backend_deinit() (true) +#endif + +#endif /* __BOOTUTIL_CRYPTO_BACKEND_H__ */ From af7c24b4fd56e69f4e33302d5211f7a403e36cc9 Mon Sep 17 00:00:00 2001 From: Dominik Ermel Date: Wed, 19 Nov 2025 18:02:55 +0000 Subject: [PATCH 2/5] zephyr: Call bootutil_crypto_backend_init in main Initialize crypto backend. Signed-off-by: Dominik Ermel --- boot/zephyr/main.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/boot/zephyr/main.c b/boot/zephyr/main.c index 1494002e7e..ae83c527f5 100644 --- a/boot/zephyr/main.c +++ b/boot/zephyr/main.c @@ -46,6 +46,7 @@ #include "bootutil/boot_hooks.h" #include "bootutil/fault_injection_hardening.h" #include "bootutil/mcuboot_status.h" +#include "bootutil/crypto/backend.h" #include "flash_map_backend/flash_map_backend.h" #if defined(CONFIG_MCUBOOT_UUID_VID) || defined(CONFIG_MCUBOOT_UUID_CID) @@ -496,6 +497,7 @@ static void boot_serial_enter() int main(void) { + bool crypto_ok; struct boot_rsp rsp; int rc; #if defined(CONFIG_BOOT_USB_DFU_GPIO) || defined(CONFIG_BOOT_USB_DFU_WAIT) @@ -512,6 +514,12 @@ int main(void) BOOT_LOG_INF("Starting Direct-XIP bootloader"); #endif + crypto_ok = bootutil_crypto_backend_init(); + if (!crypto_ok) { + BOOT_LOG_ERR("Failed to initialize crypto backend"); + FIH_PANIC; + } + #ifdef CONFIG_MCUBOOT_INDICATION_LED /* LED init */ io_led_init(); From 52a7956c1f4c97c36ddb8d1a380528968dce53a9 Mon Sep 17 00:00:00 2001 From: Dominik Ermel Date: Wed, 19 Nov 2025 18:06:16 +0000 Subject: [PATCH 3/5] bootutil: ed25519 psa: define bootutil_crypto_backend_init ED25519 PSA now provides own backend initialization function. Signed-off-by: Dominik Ermel --- boot/bootutil/src/ed25519_psa.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/boot/bootutil/src/ed25519_psa.c b/boot/bootutil/src/ed25519_psa.c index 5b8a4ed7c8..cfd9cb4480 100644 --- a/boot/bootutil/src/ed25519_psa.c +++ b/boot/bootutil/src/ed25519_psa.c @@ -19,6 +19,16 @@ BOOT_LOG_MODULE_REGISTER(ed25519_psa); #define EDDSA_KEY_LENGTH 32 #define EDDSA_SIGNAGURE_LENGTH 64 +int bootutil_crypto_backend_init(void) +{ + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + BOOT_LOG_ERR("PSA crypto init failed %d\n", status); + return false; + } + return true; +} + int ED25519_verify(const uint8_t *message, size_t message_len, const uint8_t signature[EDDSA_SIGNAGURE_LENGTH], const uint8_t public_key[EDDSA_KEY_LENGTH]) From 83983ffb4fb201df45e874c6e30e0cd329af8ac6 Mon Sep 17 00:00:00 2001 From: Dominik Ermel Date: Wed, 19 Nov 2025 18:08:46 +0000 Subject: [PATCH 4/5] zephyr: ED25519 PSA enabled MCUBOOT_CRYPTO_BACKEND_HAS_INIT Init function provided. Signed-off-by: Dominik Ermel --- boot/zephyr/include/mcuboot_config/mcuboot_config.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/boot/zephyr/include/mcuboot_config/mcuboot_config.h b/boot/zephyr/include/mcuboot_config/mcuboot_config.h index 5dec8a2577..79c553045e 100644 --- a/boot/zephyr/include/mcuboot_config/mcuboot_config.h +++ b/boot/zephyr/include/mcuboot_config/mcuboot_config.h @@ -51,6 +51,10 @@ #define MCUBOOT_USE_PSA_CRYPTO #endif +#if defined(MCUBOOT_SIGN_ED25519) && defined(MCUBOOT_USE_PSA_CRYPTO) +#define MCUBOOT_CRYPTO_BACKEND_HAS_INIT +#endif + #ifdef CONFIG_BOOT_IMG_HASH_ALG_SHA512 #define MCUBOOT_SHA512 #endif From d918d0e215daab3b96bbee3122035cc0304db09b Mon Sep 17 00:00:00 2001 From: Dominik Ermel Date: Wed, 19 Nov 2025 18:11:56 +0000 Subject: [PATCH 5/5] bootutil: ed25519 PSA: Remove unneeded psa_crypto_inits Now there is single point of initialization. Signed-off-by: Dominik Ermel --- boot/bootutil/src/ed25519_psa.c | 7 ------- boot/bootutil/src/encrypted_psa.c | 33 ------------------------------- 2 files changed, 40 deletions(-) diff --git a/boot/bootutil/src/ed25519_psa.c b/boot/bootutil/src/ed25519_psa.c index cfd9cb4480..ae9c20b208 100644 --- a/boot/bootutil/src/ed25519_psa.c +++ b/boot/bootutil/src/ed25519_psa.c @@ -41,13 +41,6 @@ int ED25519_verify(const uint8_t *message, size_t message_len, BOOT_LOG_DBG("ED25519_verify: PSA implementation"); - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - BOOT_LOG_ERR("PSA crypto init failed %d\n", status); - return 0; - } - status = PSA_ERROR_BAD_STATE; psa_set_key_type(&key_attr, diff --git a/boot/bootutil/src/encrypted_psa.c b/boot/bootutil/src/encrypted_psa.c index d6b470b948..5e732e0f18 100644 --- a/boot/bootutil/src/encrypted_psa.c +++ b/boot/bootutil/src/encrypted_psa.c @@ -188,13 +188,6 @@ parse_priv_enckey(uint8_t **p, uint8_t *end, uint8_t *private_key) void bootutil_aes_ctr_init(bootutil_aes_ctr_context *ctx) { - psa_status_t psa_ret = psa_crypto_init(); - - if (psa_ret != PSA_SUCCESS) { - BOOT_LOG_ERR("AES init PSA crypto init failed %d", psa_ret); - assert(0); - } - ctx->key = PSA_KEY_ID_NULL; } @@ -266,12 +259,6 @@ boot_decrypt_key(const uint8_t *buf, uint8_t *enckey) BOOT_LOG_DBG("boot_decrypt_key: PSA ED25519"); - psa_ret = psa_crypto_init(); - if (psa_ret != PSA_SUCCESS) { - BOOT_LOG_ERR("PSA crypto init failed %d", psa_ret); - return -1; - } - /* * * Load the stored decryption private key */ @@ -431,16 +418,6 @@ int bootutil_aes_ctr_encrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, psa_cipher_operation_t psa_op; size_t elen = 0; /* Decrypted length */ - /* Fixme: calling psa_crypto_init multiple times is not a problem, - * yet the code here is only present because there is not general - * crypto init. */ - psa_ret = psa_crypto_init(); - if (psa_ret != PSA_SUCCESS) { - BOOT_LOG_ERR("PSA crypto init failed %d", psa_ret); - ret = -1; - goto gone; - } - psa_op = psa_cipher_operation_init(); /* This could be done with psa_cipher_decrypt one-shot operation, but @@ -488,16 +465,6 @@ int bootutil_aes_ctr_decrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, psa_cipher_operation_t psa_op; size_t dlen = 0; /* Decrypted length */ - /* Fixme: the init should already happen before calling the function, but - * somehow it does not, for example when recovering in swap. - */ - psa_ret = psa_crypto_init(); - if (psa_ret != PSA_SUCCESS) { - BOOT_LOG_ERR("PSA crypto init failed %d", psa_ret); - ret = -1; - goto gone; - } - psa_op = psa_cipher_operation_init(); /* This could be done with psa_cipher_decrypt one-shot operation, but