• State Suggested Answer
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 76 subscribers
  • Views 3019 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 269408
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

MCUBOOT Hardware Key

Jasonho

Hi,

I trying to enable Hardware Key for mcuboot.

I do the following at mcuboot.conf

CONFIG_BOOT_HW_KEY=y
But I got the following error:
C:/nrfconnect/v1.5.0/bootloader/mcuboot/boot/zephyr/keys.c:70:21: error: conflicting types for 'bootutil_keys'        
   70 | struct bootutil_key bootutil_keys[1] = {
      |                     ^~~~~~~~~~~~~
In file included from C:/nrfconnect/v1.5.0/bootloader/mcuboot/boot/zephyr/keys.c:20:
C:/nrfconnect/v1.5.0/bootloader/mcuboot/boot/bootutil/include/bootutil/sign_key.h:38:34: note: previous declaration of 'bootutil_keys' was here
   38 | extern const struct bootutil_key bootutil_keys[];
      |                                  ^~~~~~~~~~~~~
Do I miss something? Thanks,
 
  • 0

    Hi, 

    This is a type conflict. One is const struct while the other is struct. Try defining the array as const

    const struct bootutil_key bootutil_keys[1] = {...};

    -Amanda H.

  • 0 in reply to Amanda Hsieh 

    #ifndef MCUBOOT_HW_KEY
struct bootutil_key {
    const uint8_t *key;
    const unsigned int *len;
};

extern const struct bootutil_key bootutil_keys[];
#else
struct bootutil_key {
    uint8_t *key;
    unsigned int *len;
};

extern struct bootutil_key bootutil_keys[];

/**
 * Retrieve the hash of the corresponding public key for image authentication.
 *
 * @param[in]      image_index      Index of the image to be authenticated.
 * @param[out]     public_key_hash  Buffer to store the key-hash in.
 * @param[in,out]  key_hash_size    As input the size of the buffer. As output
 *                                  the actual key-hash length.
 *
 * @return                          0 on success; nonzero on failure.
 */
int boot_retrieve_public_key_hash(uint8_t image_index,
                                  uint8_t *public_key_hash,
                                  size_t *key_hash_size);
#endif /* !MCUBOOT_HW_KEY */

    The above is from sign_key.h

    You can see that if MCUBOOT_HW_KEY is defined

    It will use

    extern struct bootutil_key bootutil_keys[];

    So the issue is why MCUBOOT_HW_KEY is not define if I enable BOOT_HW_KEY

    But in keys.c, MCUBOOT_HW_KEY is defined.

    I think this is the main issue.

    modify the code in your way is not appropriated 

  • 0 in reply to Jasonho

    Hi Jasonho, 

    Mcuboot Hardware Key feature is not supported on NCS 1.5.

    -Amanda H.

  • 0

    Hello,

    Is Mcuboot Hardware Key feature supported on NCS 1.8.0?

    I'm getting exactly the same build error as was reported for 1.5.0.

    Thanks

  • 0

    This looks to me to be a bug in keys.c, because sign_key.h is being #include'd before mcuboot_config.h rather than after it.

    As a result, MCUBOOT_HW_KEY is not defined when sign_key.h is processed at the start of compiling keys.c.

    If you swap those two #includes around, you should get further, and will then have to figure out the best way to incorporate an implementation of boot_retrieve_public_key_hash() into MCUBoot when it is built. I am not yet sure the best way to do that without having to maintain our own fork of the sdk-nrf repo (which we are trying hard to avoid).

Related
Terms of service