Skip to content

Add key generation for private encryption key #2559

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 39 commits into
base: main
Choose a base branch
from
Open

Add key generation for private encryption key #2559

wants to merge 39 commits into from

Conversation

@Wika-Group-IIoT-RD
Copy link

@Wika-Group-IIoT-RD Wika-Group-IIoT-RD commented Nov 21, 2025

Current Implementation

In the default Mcuboot implementation, the private key used for firmware decryption is compiled directly into the bootloader binary.

  • The key pair is generated externally (e.g, on a production machine).
  • The public is used to encrypt the firmware image.
  • The private key is embedded in the bootloader and used to decrypt and verify the firmware during boot.

New functionalities in this PR

During the first boot, the microcontroller automatically generates a key pair. The process includes:

  1. Secure random number generation using hardware TRNG (True Random Generator).
  2. ECC key pair creation (SECP256R1) using the mbedTLS library.
  3. Conversion of the private key to DER format following the PKCS#8 standard.
  4. Conversion of the public key to PEM format for export.

The private key remains stored in a secure area of the microcontroller and is never exposed. The public key can be retrieved during the update.

twistwind38000 and others added 30 commits July 28, 2025 12:16
@twistwind38000
adpat overlay and proj.conf to use mcuboot with signature and WL55.
e912c54
@twistwind38000
Add boot/stm32 code
13be7de
@twistwind38000
To permit to compile cause we are not windows or linux.
26a8b53 
Todo : to make rigth prng we need to use stm32 prng drivers. (hw drivers)
fix flash_map_backend
b722982
key generator
e66119f
Add generation key and convert to pkcs8
acff724
Add macro
f3fee22
Add comments generate_key
94481f3
@Wika-Group-IIoT-RD
EXAMPLE
38e51c3
@Wika-Group-IIoT-RD
update
1980cc9
@Wika-Group-IIoT-RD
Remove .vscode from tracking
f1b4ba2
@Wika-Group-IIoT-RD
Merge remote-tracking branch 'origin/main' into feat/key_generation
3ac364d
Move generation key file to bootutil, add bootutil_hw_rng, add macro …
8a0902c 
…for hwrng and gen key
Modify name macro
ad90028
zephyr implementation
6e99db4
delete stm32 support
4a0500a
change license
9edbe1b
Merge remote-tracking branch 'mcuboot_repo/main' into feat/gen_enc_ke…
f9851e7 
…y_Zephyr_exp
minor change
95775ac
minor change
be548f7
remove stm32
c4a1fed
Merge remote-tracking branch 'mcuboot_repo/main' into feat/gen_enc_ke…
81071a3 
…y_Zephyr_exp
Replace stm32 by generic and define zephyrpoll
fcb0637
nrf port and mbedtls conf
3eec1a8
minor change
128a57e
mbedtls, modify generation enc key
5483392
minor change
70489ab
remove last stm32 word
0de7a10
minor change
358e096
coding-styles and headers
bf6faef
de-nordic
de-nordic requested changes Nov 21, 2025
View reviewed changes
Copy link
Collaborator

@de-nordic de-nordic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No. Heh, I did not even see feature proposal for that in issues.

I am not sure whether description in this PR is just making shortcuts, but as far as I can tell AES is used for encryption, ec255 is used for encryption key exchange using DH.

Anyway, my main issue with the PR: if you have a way to ask a device for a key on the first boot, that has been written by a device itself to itself, you have a way to provision one of the pair you generate outside of a device and just obliterate the original private key.

And why bloat the device into certificate generator, by adding the der and pem encoder.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@de-nordic de-nordic de-nordic requested changes

@nordicjm nordicjm Awaiting requested review from nordicjm nordicjm is a code owner

@davidvincze davidvincze Awaiting requested review from davidvincze davidvincze is a code owner

@d3zd3z d3zd3z Awaiting requested review from d3zd3z d3zd3z is a code owner

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Wika-Group-IIoT-RD @de-nordic @twistwind38000