Ian Hall from Renesas put a sample secure bootloader project ("YASB") on github. Ian's python program prepends a 0x100-byte signature header to the application image and then performs the hash calculation starting from inside the header, rather than from the start of the application image. It would seem the most straightforward way would be to calculate the hash based solely on the application image, generate the signature from it, and prepend the header to the image.
I'm sure there must be a good reason for including part of the header in the hash calculation so I'd appreciate understanding why it was done this way.
Thanks
tom
I think you are refering to imgtool.py from MCUBoot
https://github.com/mcu-tools/mcuboot/blob/master/docs/design.md
The hash covers both hdr and body
#define IMAGE_TLV_SHA256 0x10 /* SHA256 of image hdr and body */The hdr contains info such as version, load address, image size(exclude header) which must be integrity checked.e.g. I change version and a previous image with known vulnerability could be reloaded.Such info could have been embedded in application image. mcuboot would need to know where it is located, when itperform checks for downgrade prevention. It can be done but from mcuboot perspective, an external header is easier to manage. IMHO.