Change Details

Hi Tamasbanm, I hava some questions about updating in BL2: 1. at the end of the function boot_swap_sectors( ), I think that bs->idx++ should be performed after the function boot_write_status(). 2. at the end of the function boot_read_status_bytes(), I think that found_idx-- shuold be removed. 3, When verifying the image of slot1, can i remove the step of comparing the image hash, and calculate the image hash value in BL2 and then directly verify the signature ,In this case, the hash of the image can be removed from the tlv info of the signature bin. Is there any security risk? Regarding questions 1 and 2, it was found in the test that when the size of the image is exactly equal to the size of the slot, problems will occur. Thanks, cuiping

Hi Tamasbanm, I hava some questions about updating in MCUBoot: 1. at the end of the function boot_swap_sectors( ), I think that bs->idx++ should be performed after the function boot_write_status(). 2. at the end of the function boot_read_status_bytes(), I think that found_idx-- shuold be removed. 3, When verifying the image of slot1, can i remove the step of comparing the image hash, and calculate the image hash value in MCUBootand then directly verify the signature ,In this case, the hash of the image can be removed from the tlv info of the signature bin. Is there any security risk? Regarding questions 1 and 2, it was found in the test that when the size of the image is exactly equal to the size of the slot, problems will occur. Thanks, cuiping

Hi Tamasbanm, I hava some questions about updating in BL2:MCUBoot: 1. at the end of the function boot_swap_sectors( ), I think that bs->idx++ should be performed after the function boot_write_status(). 2. at the end of the function boot_read_status_bytes(), I think that found_idx-- shuold be removed. 3, When verifying the image of slot1, can i remove the step of comparing the image hash, and calculate the image hash value in BL2 andMCUBootand then directly verify the signature ,In this case, the hash of the image can be removed from the tlv info of the signature bin. Is there any security risk? Regarding questions 1 and 2, it was found in the test that when the size of the image is exactly equal to the size of the slot, problems will occur. Thanks, cuiping