BootloadBootloader Core

Description

Methods to verify and bootload application images.

Functions

bool bootload_verifyApplication (uint32_t startAddress)
void bootload_bootloaderCallback (uint32_t offset, uint8_t data[], size_t length, void *context)
void bootload_applicationCallback (uint32_t address, uint8_t data[], size_t length, void *context)
bool bootloader_enforceSecureBoot (void)
bool bootload_commitBootloaderUpgrade (uint32_t upgradeAddress, uint32_t size)
bool bootload_checkSeUpgradeVersion (uint32_t upgradeVersion)
bool bootload_commitSeUpgrade (uint32_t upgradeAddress)

Function Documentation

bool bootload_verifyApplication ( uint32_t startAddress )

Verify the application image stored in the flash memory starting at the address startAddress.

If secure boot is enforced, the function will only return true if the cryptographic signature of the application is valid. Else, the application is verified according to the signature type defined in the ApplicationProperties_t structure embedded in the application. Silicon Labs wireless stacks take care of declaring this structure. Applications not using a full wireless stack may need to instantiate the structure themselves.

Examples of results when secure boot is not enforced:

  • App has no signature: Valid if initial stack pointer and program counter have reasonable values
  • App has CRC checksum: Valid if checksum is valid
  • App has ECDSA signature: Valid if ECDSA signature is valid.

When secure boot is enforced, only ECDSA signed applications with a valid signature are considered valid.

Parameters
[in] startAddress Starting address of the application
Returns
True if the image is deemed valid
void bootload_bootloaderCallback ( uint32_t offset,
uint8_t data[],
size_t length,
void * context
)

Bootloader upgrade callback implementation

Parameters
offset Offset of bootloader data (byte counter incrementing from 0)
data Raw bootloader data
length Size in bytes of raw bootloader data.
context A context variable defined by the implementation that is implementing this callback.
void bootload_applicationCallback ( uint32_t address,
uint8_t data[],
size_t length,
void * context
)

Image data callback implementation

Parameters
address Address (inside the raw image) the data starts at
data Raw image data
length Size in bytes of raw image data. Constrained to always be a multiple of four.
context A context variable defined by the implementation that is implementing this callback.
bool bootloader_enforceSecureBoot ( void )

Whether the bootloader should enforce secure boot

Returns
True if secure boot is to be enforced
bool bootload_commitBootloaderUpgrade ( uint32_t upgradeAddress,
uint32_t size
)

Perform a bootloader upgrade using the upgrade image present at upgradeAddress with length size.

If the bootloader upgrade process starts successfully, this function does not return, and execution will resume from the reset handler of the upgraded bootloader.

Parameters
[in] upgradeAddress The starting address of the upgrade image
[in] size The length of the upgrade image in bytes
Returns
False if the bootloader upgrade process didn't start
bool bootload_checkSeUpgradeVersion ( uint32_t upgradeVersion )

Check that an SE upgrade with a given version number is allowed to be installed.

This will only be true if the upgrade version is higher than the running version.

Parameters
[in] upgradeVersion The version of the SE upgrade image
Returns
True if the SE upgrade image should be installed
bool bootload_commitSeUpgrade ( uint32_t upgradeAddress )

Perform an SE upgrade using the upgrade image present at upgradeAddress.

If the SE upgrade process starts successfully, this function does not return, and execution will resume from the reset handler after the SE upgrade is complete.

Parameters
[in] upgradeAddress The starting address of the upgrade image
Returns
False if the SE upgrade process didn't start