mcu-tools · maulik-arm · May 14, 2025 · Apr 15, 2025 · May 12, 2025 · May 16, 2025
@@ -14,28 +14,32 @@ target_include_directories(bootutil
         src
 )
 
-target_sources(bootutil
-    PRIVATE
-        src/boot_record.c
-        src/bootutil_misc.c
-        src/bootutil_public.c
-        src/caps.c
-        src/encrypted.c
-        src/fault_injection_hardening.c
-        src/fault_injection_hardening_delay_rng_mbedtls.c
-        src/image_ecdsa.c
-        src/image_ed25519.c
-        src/image_rsa.c
-        src/image_validate.c
-        src/loader.c
-        src/swap_misc.c
-        src/swap_move.c
-        src/swap_scratch.c
-        src/tlv.c
+set(BOOTUTIL_SOURCES
+    src/boot_record.c
+    src/bootutil_misc.c
+    src/bootutil_public.c
+    src/caps.c
+    src/encrypted.c
+    src/fault_injection_hardening.c
+    src/fault_injection_hardening_delay_rng_mbedtls.c
+    src/image_ecdsa.c
+    src/image_ed25519.c
+    src/image_rsa.c
+    src/loader.c
+    src/swap_misc.c
+    src/swap_move.c
+    src/swap_scratch.c
+    src/tlv.c
 )
+
 if(CONFIG_BOOT_RAM_LOAD)
-    target_sources(bootutil
-        PRIVATE
-            src/ram_load.c
-    )
+    list(APPEND BOOTUTIL_SOURCES src/ram_load.c)
 endif()
+
+if(MCUBOOT_IMAGE_MULTI_SIG_SUPPORT)
+    list(APPEND BOOTUTIL_SOURCES src/image_multi_sig.c)
+else()
+    list(APPEND BOOTUTIL_SOURCES src/image_validate.c)
+endif()
+
+target_sources(bootutil PRIVATE ${BOOTUTIL_SOURCES})
@@ -392,11 +392,6 @@ static inline void bootutil_ecdsa_init(bootutil_ecdsa_context *ctx)
     ctx->required_algorithm = 0;
 
 #else /* !MCUBOOT_BUILTIN_KEY */
-    /* The incoming key ID is equal to the image index. The key ID value must be
-     * shifted (by one in this case) because zero is reserved (PSA_KEY_ID_NULL)
-     * and considered invalid.
-     */
-    ctx->key_id++; /* Make sure it is not equal to 0. */
 #if defined(MCUBOOT_SIGN_EC256)
     ctx->curve_byte_count = 32;
     ctx->required_algorithm = PSA_ALG_SHA_256;

@@ -100,6 +100,7 @@ struct flash_area;
  */
 #define IMAGE_TLV_KEYHASH           0x01   /* hash of the public key */
 #define IMAGE_TLV_PUBKEY            0x02   /* public key */
+#define IMAGE_TLV_KEYID             0x03   /* Key ID */
 #define IMAGE_TLV_SHA256            0x10   /* SHA256 of image hdr and body */
 #define IMAGE_TLV_SHA384            0x11   /* SHA384 of image hdr and body */
 #define IMAGE_TLV_SHA512            0x12   /* SHA512 of image hdr and body */

@@ -39,6 +39,17 @@ struct bootutil_key {
 };
 
 extern const struct bootutil_key bootutil_keys[];
+#ifdef MCUBOOT_BUILTIN_KEY
+/**
+ * Verify that the specified key ID is valid for authenticating the given image.
+ *
+ * @param[in]  image_index   Index of the image to be verified.
+ * @param[in]  key_id        Identifier of the key to be verified against the image.
+ *
+ * @return                   0 if the key ID is valid for the image; nonzero on failure.
+ */
+int boot_verify_key_id_for_image(uint8_t image_index, int32_t key_id);
+#endif /* MCUBOOT_BUILTIN_KEY */
 #else
 struct bootutil_key {
     uint8_t *key;
@@ -51,15 +62,18 @@ extern struct bootutil_key bootutil_keys[];
  * Retrieve the hash of the corresponding public key for image authentication.
  *
  * @param[in]      image_index      Index of the image to be authenticated.
+ * @param[in]      key_index        Index of the key to be used.
  * @param[out]     public_key_hash  Buffer to store the key-hash in.
  * @param[in,out]  key_hash_size    As input the size of the buffer. As output
  *                                  the actual key-hash length.
  *
  * @return                          0 on success; nonzero on failure.
  */
 int boot_retrieve_public_key_hash(uint8_t image_index,
+                                  uint8_t key_index,
                                   uint8_t *public_key_hash,
                                   size_t *key_hash_size);
+
 #endif /* !MCUBOOT_HW_KEY */
 
 extern const int bootutil_key_cnt;