I would like to use Tinycrypt library to do AES encryption. Does Nordic provide sample code?
I would like to use Tinycrypt library to do AES encryption. Does Nordic provide sample code?
Hi Snowuyl,
As far as I know we don't have a sample for this, sorry. I do see that there is some test code available for it, which might be useful: https://github.com/zephyrproject-rtos/zephyr/blob/main/tests/crypto/tinycrypt/src/sha256.c
And of course the documentation: https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/zephyr/services/crypto/tinycrypt.html
If Tinycrypt is not a necessity, then we do have other AES Crypto samples: https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/samples/crypto.html
Best regards,
Raoul
Thanks for your reply! I would like to build MCUboot with TinyCrypt. Could you kindly to provide reference documentation?
Hi,
You usually configure mcuboot by creating "child_image/mcuboot.conf" in your application folder. My colleague describes it well here: How to configure the bootloader.
Alternatively you can assign custom project configurations for the bootloader with
-Dmcuboot_CONF_FILE=<filename>.conf
as described here: Using custom project configurations
Could you try doing this? Remember to undo your previous CMake change, in that case.
Best regards,
Raoul
Thanks for your reply! I have added the following configuration in D:\ncs\v2.3.0\bootloader\mcuboot\samples\zephyr\hello-world\child_image\mcuboot.conf file.
CONFIG_BOOT_ECDSA_TINYCRYPT=y
But west build shows the following warning messages.
warning: The choice symbol BOOT_ECDSA_TINYCRYPT (defined at
D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr/Kconfig:98) was selected (set =y), but no symbol ended
up as the choice selection. See
docs.zephyrproject.org/.../kconfig.html and/or look up
BOOT_ECDSA_TINYCRYPT in the menuconfig/guiconfig interface. The Application Development Primer,
Setting Configuration Values, and Kconfig - Tips and Best Practices sections of the manual might be
helpful too.
D:\ncs\v2.3.0\bootloader\mcuboot\samples\zephyr\hello-world>west build -b nrf5340dk_nrf5340_cpuapp
-- west build: generating a build system
Loading Zephyr default modules (Zephyr base).
-- Application: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world
-- Using NCS Toolchain 2.3.0 for building. (D:/ncs/toolchains/v2.3.0/cmake)
-- Found Python3: D:/ncs/toolchains/v2.3.0/opt/bin/python.exe (found suitable exact version "3.8.2") found components: Interpreter
-- Cache files will be written to: D:/ncs/v2.3.0/zephyr/.cache
-- Zephyr version: 3.2.99 (D:/ncs/v2.3.0/zephyr)
-- Found west (found suitable version "0.14.0", minimum required is "0.7.1")
-- Board: nrf5340dk_nrf5340_cpuapp
-- Found host-tools: zephyr 0.15.2 (D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk)
-- Found toolchain: zephyr 0.15.2 (D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk)
-- Found Dtc: D:/ncs/toolchains/v2.3.0/opt/bin/dtc.exe (found suitable version "1.4.7", minimum required is "1.4.6")
-- Found BOARD.dts: D:/ncs/v2.3.0/nrf/boards/arm/mdbt53db_nrf5340/nrf5340dk_nrf5340_cpuapp.dts
-- Generated zephyr.dts: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/zephyr/zephyr.dts
-- Generated devicetree_generated.h: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/zephyr/include/generated/devicetree_generated.h
-- Including generated dts.cmake file: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/zephyr/dts.cmake
Parsing D:/ncs/v2.3.0/zephyr/Kconfig
Loaded configuration 'D:/ncs/v2.3.0/nrf/boards/arm/mdbt53db_nrf5340/nrf5340dk_nrf5340_cpuapp_defconfig'
Merged configuration 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/prj.conf'
Configuration saved to 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/zephyr/.config'
Kconfig header saved to 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/zephyr/include/generated/autoconf.h'
-- The C compiler identification is GNU 12.1.0
-- The CXX compiler identification is GNU 12.1.0
-- The ASM compiler identification is GNU
-- Found assembler: D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc.exe
-- Found Python3: D:/ncs/toolchains/v2.3.0/opt/bin/python.exe (found version "3.8.2") found components: Interpreter
=== child image mcuboot - begin ===
loading initial cache file D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/child_image_preload.cmake
Loading Zephyr default modules (Zephyr base).
-- Application: D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr
-- Using NCS Toolchain 2.3.0 for building. (D:/ncs/toolchains/v2.3.0/cmake)
-- Found Python3: D:/ncs/toolchains/v2.3.0/opt/bin/python.exe (found suitable exact version "3.8.2") found components: Interpreter
-- Cache files will be written to: D:/ncs/v2.3.0/zephyr/.cache
-- Zephyr version: 3.2.99 (D:/ncs/v2.3.0/zephyr)
-- Found west (found suitable version "0.14.0", minimum required is "0.7.1")
-- Board: nrf5340dk_nrf5340_cpuapp
-- Found host-tools: zephyr 0.15.2 (D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk)
-- Found toolchain: zephyr 0.15.2 (D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk)
-- Found Dtc: D:/ncs/toolchains/v2.3.0/opt/bin/dtc.exe (found suitable version "1.4.7", minimum required is "1.4.6")
-- Found BOARD.dts: D:/ncs/v2.3.0/nrf/boards/arm/mdbt53db_nrf5340/nrf5340dk_nrf5340_cpuapp.dts
-- Found devicetree overlay: D:/ncs/v2.3.0/nrf/modules/mcuboot/usb.overlay
-- Found devicetree overlay: D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr/dts.overlay
-- Generated zephyr.dts: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/zephyr.dts
-- Generated devicetree_generated.h: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/include/generated/devicetree_generated.h
-- Including generated dts.cmake file: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/dts.cmake
Parsing D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr/Kconfig
Loaded configuration 'D:/ncs/v2.3.0/nrf/boards/arm/mdbt53db_nrf5340/nrf5340dk_nrf5340_cpuapp_defconfig'
Merged configuration 'D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr/prj.conf'
Merged configuration 'D:/ncs/v2.3.0/nrf/subsys/partition_manager/partition_manager_enabled.conf'
Merged configuration 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/child_image/mcuboot.conf'
Merged configuration 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/misc/generated/extra_kconfig_options.conf'
Configuration saved to 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/.config'
Kconfig header saved to 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/include/generated/autoconf.h'
warning: The choice symbol BOOT_ECDSA_TINYCRYPT (defined at
D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr/Kconfig:98) was selected (set =y), but no symbol ended
up as the choice selection. See
http://docs.zephyrproject.org/latest/kconfig.html#CONFIG_BOOT_ECDSA_TINYCRYPT and/or look up
BOOT_ECDSA_TINYCRYPT in the menuconfig/guiconfig interface. The Application Development Primer,
Setting Configuration Values, and Kconfig - Tips and Best Practices sections of the manual might be
helpful too.
-- The C compiler identification is GNU 12.1.0
-- The CXX compiler identification is GNU 12.1.0
-- The ASM compiler identification is GNU
-- Found assembler: D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc.exe
MCUBoot bootloader key file: D:/ncs/v2.3.0/bootloader/mcuboot/root-rsa-2048.pem
-- Configuring done
-- Generating done
-- Build files have been written to: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot
=== child image mcuboot - end ===
CMake Warning at D:/ncs/v2.3.0/nrf/modules/mcuboot/CMakeLists.txt:286 (message):
---------------------------------------------------------
--- WARNING: Using default MCUBoot key, it should not ---
--- be used for production. ---
---------------------------------------------------------
-- Configuring done
-- Generating done
-- Build files have been written to: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build
-- west build: building application
[5/197] Performing build step for 'mcuboot_subimage'
[1/281] Generating include/generated/version.h
-- Zephyr version: 3.2.99 (D:/ncs/v2.3.0/zephyr), build: v3.2.99-ncs2
[271/281] Linking C executable zephyr\zephyr_pre0.elf
[275/281] Linking C executable zephyr\zephyr_pre1.elf
[281/281] Linking C executable zephyr\zephyr.elf
Memory region Used Size Region Size %age Used
FLASH: 40432 B 48 KB 82.26%
RAM: 22712 B 512 KB 4.33%
IDT_LIST: 0 GB 2 KB 0.00%
[6/197] Generating include/generated/version.h
-- Zephyr version: 3.2.99 (D:/ncs/v2.3.0/zephyr), build: v3.2.99-ncs2
[176/197] Linking C executable zephyr\zephyr_pre0.elf
[180/197] Linking C executable zephyr\zephyr_pre1.elf
[186/197] Linking C executable zephyr\zephyr.elf
Memory region Used Size Region Size %age Used
FLASH: 32332 B 491008 B 6.58%
RAM: 7704 B 512 KB 1.47%
IDT_LIST: 0 GB 2 KB 0.00%
[192/197] Generating ../../zephyr/app_update.bin
sign the payload
[193/197] Generating ../../zephyr/app_signed.hex
sign the payload
[195/197] Generating ../../zephyr/app_test_update.hex
sign the payload
[197/197] Generating zephyr/merged.hex
Hi Snowuyl,
I haven't had time to look more closely at this, sorry. We are very busy in the summer weeks since we have fewer staff than usual.
If you still have this issue, I'll try to take a look at it soon.
Best regards,
Raoul
Hi Snowuyl,
I haven't had time to look more closely at this, sorry. We are very busy in the summer weeks since we have fewer staff than usual.
If you still have this issue, I'll try to take a look at it soon.
Best regards,
Raoul
I encounter another warning message as follows.
WARNING: Using default MCUBoot key, it should not be used for production.
Procedures to reproduce this issue are as follows.
1. Unzipping hello-world.zip to D:\ncs\v2.3.0\bootloader\mcuboot\samples\zephyr\ folder.
2. cd D:\ncs\v2.3.0\bootloader\mcuboot\samples\zephyr\
3. west build -b nrf5340dk_nrf5340_cpuapp
D:\ncs\v2.3.0\bootloader\mcuboot\samples\zephyr\hello-world>west build -b nrf5340dk_nrf5340_cpuapp
-- west build: generating a build system
Loading Zephyr default modules (Zephyr base).
-- Application: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world
-- Using NCS Toolchain 2.3.0 for building. (D:/ncs/toolchains/v2.3.0/cmake)
-- Found Python3: D:/ncs/toolchains/v2.3.0/opt/bin/python.exe (found suitable exact version "3.8.2") found components: Interpreter
-- Cache files will be written to: D:/ncs/v2.3.0/zephyr/.cache
-- Zephyr version: 3.2.99 (D:/ncs/v2.3.0/zephyr)
-- Found west (found suitable version "0.14.0", minimum required is "0.7.1")
-- Board: nrf5340dk_nrf5340_cpuapp
-- Found host-tools: zephyr 0.15.2 (D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk)
-- Found toolchain: zephyr 0.15.2 (D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk)
-- Found Dtc: D:/ncs/toolchains/v2.3.0/opt/bin/dtc.exe (found suitable version "1.4.7", minimum required is "1.4.6")
-- Found BOARD.dts: D:/ncs/v2.3.0/zephyr/boards/arm/nrf5340dk_nrf5340/nrf5340dk_nrf5340_cpuapp.dts
-- Generated zephyr.dts: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/zephyr/zephyr.dts
-- Generated devicetree_generated.h: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/zephyr/include/generated/devicetree_generated.h
-- Including generated dts.cmake file: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/zephyr/dts.cmake
Parsing D:/ncs/v2.3.0/zephyr/Kconfig
Loaded configuration 'D:/ncs/v2.3.0/zephyr/boards/arm/nrf5340dk_nrf5340/nrf5340dk_nrf5340_cpuapp_defconfig'
Merged configuration 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/prj.conf'
Configuration saved to 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/zephyr/.config'
Kconfig header saved to 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/zephyr/include/generated/autoconf.h'
-- The C compiler identification is GNU 12.1.0
-- The CXX compiler identification is GNU 12.1.0
-- The ASM compiler identification is GNU
-- Found assembler: D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc.exe
-- Found Python3: D:/ncs/toolchains/v2.3.0/opt/bin/python.exe (found version "3.8.2") found components: Interpreter
=== child image mcuboot - begin ===
loading initial cache file D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/child_image_preload.cmake
Loading Zephyr default modules (Zephyr base).
-- Application: D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr
-- Using NCS Toolchain 2.3.0 for building. (D:/ncs/toolchains/v2.3.0/cmake)
-- Found Python3: D:/ncs/toolchains/v2.3.0/opt/bin/python.exe (found suitable exact version "3.8.2") found components: Interpreter
-- Cache files will be written to: D:/ncs/v2.3.0/zephyr/.cache
-- Zephyr version: 3.2.99 (D:/ncs/v2.3.0/zephyr)
-- Found west (found suitable version "0.14.0", minimum required is "0.7.1")
-- Board: nrf5340dk_nrf5340_cpuapp
-- Found host-tools: zephyr 0.15.2 (D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk)
-- Found toolchain: zephyr 0.15.2 (D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk)
-- Found Dtc: D:/ncs/toolchains/v2.3.0/opt/bin/dtc.exe (found suitable version "1.4.7", minimum required is "1.4.6")
-- Found BOARD.dts: D:/ncs/v2.3.0/zephyr/boards/arm/nrf5340dk_nrf5340/nrf5340dk_nrf5340_cpuapp.dts
-- Found devicetree overlay: D:/ncs/v2.3.0/nrf/modules/mcuboot/usb.overlay
-- Found devicetree overlay: D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr/dts.overlay
-- Generated zephyr.dts: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/zephyr.dts
-- Generated devicetree_generated.h: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/include/generated/devicetree_generated.h
-- Including generated dts.cmake file: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/dts.cmake
warning: The choice symbol BOOT_ECDSA_TINYCRYPT (defined at
D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr/Kconfig:98) was selected (set =y), but no symbol ended
up as the choice selection. See
http://docs.zephyrproject.org/latest/kconfig.html#CONFIG_BOOT_ECDSA_TINYCRYPT and/or look up
BOOT_ECDSA_TINYCRYPT in the menuconfig/guiconfig interface. The Application Development Primer,
Setting Configuration Values, and Kconfig - Tips and Best Practices sections of the manual might be
helpful too.
Parsing D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr/Kconfig
Loaded configuration 'D:/ncs/v2.3.0/zephyr/boards/arm/nrf5340dk_nrf5340/nrf5340dk_nrf5340_cpuapp_defconfig'
Merged configuration 'D:/ncs/v2.3.0/bootloader/mcuboot/boot/zephyr/prj.conf'
Merged configuration 'D:/ncs/v2.3.0/nrf/subsys/partition_manager/partition_manager_enabled.conf'
Merged configuration 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/child_image/mcuboot.conf'
Merged configuration 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/misc/generated/extra_kconfig_options.conf'
Configuration saved to 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/.config'
Kconfig header saved to 'D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot/zephyr/include/generated/autoconf.h'
-- The C compiler identification is GNU 12.1.0
-- The CXX compiler identification is GNU 12.1.0
-- The ASM compiler identification is GNU
-- Found assembler: D:/ncs/toolchains/v2.3.0/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc.exe
MCUBoot bootloader key file: D:/ncs/v2.3.0/bootloader/mcuboot/root-rsa-2048.pem
-- Configuring done
-- Generating done
-- Build files have been written to: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build/mcuboot
=== child image mcuboot - end ===
CMake Warning at D:/ncs/v2.3.0/nrf/modules/mcuboot/CMakeLists.txt:286 (message):
---------------------------------------------------------
--- WARNING: Using default MCUBoot key, it should not ---
--- be used for production. ---
---------------------------------------------------------
-- Configuring done
-- Generating done
-- Build files have been written to: D:/ncs/v2.3.0/bootloader/mcuboot/samples/zephyr/hello-world/build
-- west build: building application
[1/183] Generating include/generated/version.h
-- Zephyr version: 3.2.99 (D:/ncs/v2.3.0/zephyr), build: v3.2.99-ncs2
[6/183] Performing build step for 'mcuboot_subimage'
[1/281] Generating include/generated/version.h
-- Zephyr version: 3.2.99 (D:/ncs/v2.3.0/zephyr), build: v3.2.99-ncs2
[271/281] Linking C executable zephyr\zephyr_pre0.elf
[275/281] Linking C executable zephyr\zephyr_pre1.elf
[281/281] Linking C executable zephyr\zephyr.elf
Memory region Used Size Region Size %age Used
FLASH: 40432 B 48 KB 82.26%
RAM: 22712 B 512 KB 4.33%
IDT_LIST: 0 GB 2 KB 0.00%
[162/183] Linking C executable zephyr\zephyr_pre0.elf
[166/183] Linking C executable zephyr\zephyr_pre1.elf
[172/183] Linking C executable zephyr\zephyr.elf
Memory region Used Size Region Size %age Used
FLASH: 23524 B 491008 B 4.79%
RAM: 6240 B 512 KB 1.19%
IDT_LIST: 0 GB 2 KB 0.00%
[178/183] Generating ../../zephyr/app_update.bin
sign the payload
[179/183] Generating ../../zephyr/app_signed.hex
sign the payload
[181/183] Generating ../../zephyr/app_test_update.hex
sign the payload
[183/183] Generating zephyr/merged.hex
snowuyl said:I encounter another warning message as follows.
WARNING: Using default MCUBoot key, it should not be used for production.
Hi,
If I'm not mistaken, you've also created another ticket for this issue. I think you'll get an answer there. But the answer is what it says in the warning (and in the documentation) - the default MCUboot key should be replaced when you go into production, otherwise every NCS user in the world will know your key.
Best regards,
Raoul