Skip to content

[nrf noup] Sysbuild support for MCUboot crypto backend selection #2056

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

[nrf noup] Sysbuild support for MCUboot crypto backend selection #2056

wants to merge 1 commit into from

Conversation

@de-nordic
Copy link
Contributor

The commit adds support for selecting MCUboot crypto backend, when building with sysbuild.

This currently adds two options:

  • SB_CONFIG_BOOT_CRYPTO_LIBRARY_DEFAULT -- which keeps current behaviour where a library is selected depending on preferred signature method
  • SB_CONFIG_BOOT_CRYPTO_LIBRARY_PSA -- enforces usage of PSA, regardless of signature algorithm; the option currently supports the ED25519 only.

@de-nordic
[nrf noup] Sysbuild support for MCUboot crypto backend selection
5d7765b 
The commit adds support for selecting MCUboot crypto backend,
when building with sysbuild.

This currently adds two options:
 - SB_CONFIG_BOOT_CRYPTO_LIBRARY_DEFAULT -- which keeps current
   behaviour where a library is selected depending on preferred
   signature method
 - SB_CONFIG_BOOT_CRYPTO_LIBRARY_PSA -- enforces usage of PSA,
   regardless of signature algorithm; the option currently supports
   the ED25519 only.

Signed-off-by: Dominik Ermel <[email protected]>
@NordicBuilder NordicBuilder mentioned this pull request Oct 1, 2024
Closed
@NordicBuilder NordicBuilder requested a review from 57300 October 1, 2024 15:47
@NordicBuilder NordicBuilder mentioned this pull request Oct 1, 2024
Merged
nordicjm
nordicjm requested changes Oct 2, 2024
View reviewed changes
share/sysbuild/images/bootloader/Kconfig

endchoice

choice BOOT_CRYPTO_LIBRARY
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this goes in sdk-nrf under sysbuild/Kconfig.sysbuild

nordicjm
nordicjm reviewed Oct 2, 2024
View reviewed changes
share/sysbuild/images/bootloader/Kconfig
Comment on lines +71 to +83
if BOOT_CRYPTO_LIBRARY_PSA

config MBEDTLS
bool
default n

config MBEDTLS_PSA_CRYPTO_C
bool
default y

config NRF_SECURITY
bool
default y
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this does not do anything to the target image, these can go

@de-nordic de-nordic closed this Oct 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nordicjm nordicjm nordicjm requested changes

@tejlmand tejlmand Awaiting requested review from tejlmand

@nvlsianpu nvlsianpu Awaiting requested review from nvlsianpu

@gchwier gchwier Awaiting requested review from gchwier

@57300 57300 Awaiting requested review from 57300

Assignees

@tejlmand tejlmand

Labels

area: Build System area: Sysbuild

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@de-nordic @nordicjm @tejlmand @NordicBuilder