bootutil: Add compressed image flags and TLV

Adds some flags to indicate if the data of an image is compressed (lzma1 and lzma2) and adds a new TLV for a sha256 hash of the compressed/encrypted image data, this would (optionally) be used for images where one or both options are enabled to be able to verify the data is correct before attempting to decrypt/decompress it Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
mcu-tools · Aug 2, 2024 · 9d7291e · 9d7291e
1 parent ef598b1
commit 9d7291e
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/boot/bootutil/include/bootutil/image.h b/boot/bootutil/include/bootutil/image.h
@@ -71,6 +71,12 @@ struct flash_area;
  */
 #define IMAGE_F_ROM_FIXED                0x00000100
 
+/*
+ * Flags that indicate if the image data is compressed
+ */
+#define IMAGE_F_COMPRESSED_LZMA1         0x00000200
+#define IMAGE_F_COMPRESSED_LZMA2         0x00000400
+
 /*
  * ECSDA224 is with NIST P-224
  * ECSDA256 is with NIST P-256
@@ -89,6 +95,11 @@ struct flash_area;
 #define IMAGE_TLV_PUBKEY            0x02   /* public key */
 #define IMAGE_TLV_SHA256            0x10   /* SHA256 of image hdr and body */
 #define IMAGE_TLV_SHA384            0x11   /* SHA384 of image hdr and body */
+#define IMAGE_TLV_RAW_SLOT_SHA256   0x18   /*
+                                            * SHA256 of compressed/encrypted image data in the slot
+                                            * which should be checked to ensure image integrity
+                                            * before decrypting/decompressing data
+                                            */
 #define IMAGE_TLV_RSA2048_PSS       0x20   /* RSA2048 of hash output */
 #define IMAGE_TLV_ECDSA224          0x21   /* ECDSA of hash output - Not supported anymore */
 #define IMAGE_TLV_ECDSA_SIG         0x22   /* ECDSA of hash output */