2 Replies Latest reply on Jun 1, 2019 6:01 AM by pevoc_1249246

    Encrypted Bootloadable for PSoc5lp

    pevoc_1249246

      Hi All,

       

      I need into my project bootloader that does receive the firmare over Half-Duplex RS485, decrypts it and flashes into application area. Other functionality as verifying the bootloader itself and application checksum are needed. I also need to merge the bootloader commands with Modbus standard. The idea is to be able to upgrade device on Modbus without affecting other devices.

       

      The available bootloader by Cypress does have no crypto functionality. I think that I am starting to invent a Bycicle. Thus I am looking around if somebody already has a bootloader project with very similar goals. I would gladly join with the project.

       

      In past, I have implemented few bootloaders using XTEA (XTEA - Wikipedia) crypting method. It has fairly high protection in this kind of application and is relatively simple and fast.

       

      Or, how would you append cryptography into existing bootloader component by cypress?

        • 1. Re: Encrypted Bootloadable for PSoc5lp
          GeonaM_26

          As you know PSoC 5LP family do not support hardware cryptography. The latest PSoC 6 MCU portfolio supports hardware cryptographic block. You can go through the code example, CE222802 - PSoC 6 MCU Encrypted Bootloader which demonstrates UART based bootloading with signing and encryption.

          • 2. Re: Encrypted Bootloadable for PSoc5lp
            pevoc_1249246

            Thank you for the answer. Yes, I have heard this for PSOC6 and I have not analysed if this would be portable to PSOC5 with firmware decryption. What is needed is to have boot-loader for PSOC5 which is capable additionally to firmware checksum verification to decrypt and flash scrambled firmware. Hardware acceleration is not available on PSOC5 but some algorithms are running well with software decryption too. The transfer speed is not critical, as the purpose for the boot-loader is to reduce product ownership risks. The feature will be used for on-field repair if it might be needed at all. Another use-case would be post production upload / upgrade when the programming pins are no longer accessible due to moulding.