mynewt-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sterl...@apache.org
Subject [30/49] incubator-mynewt-core git commit: directory re-org
Date Thu, 29 Sep 2016 01:34:37 GMT
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/design.txt
----------------------------------------------------------------------
diff --git a/libs/bootutil/design.txt b/libs/bootutil/design.txt
deleted file mode 100644
index a39759b..0000000
--- a/libs/bootutil/design.txt
+++ /dev/null
@@ -1,413 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
-****** BOOTUTIL
-
-*** SUMMARY
-
-The bootutil library performs most of the functions of a boot loader.  In
-particular, the piece that is missing is the final step of actually jumping to
-the main image.  This last step should instead be implemented in an
-architecture-specific project.  Boot loader functionality is separated in this
-manner for the following two reasons:
-
-1. By keeping architecture-dependent code separate, the bootutil library can be
-   reused among several boot loaders.
-
-2. By excluding the last boot step from the library, the rest of the code can
-   be tested in a sim environment.
-
-There is a boot loader project specific to the olimex_stm32-e407 devboard
-called "boot."  This project provides an example of how the bootutil library
-should be used.
-
-*** LIMITATIONS
-
-The boot loader currently only supports images with the following
-characteristics:
-    * Built to run from flash.
-    * Build to run from a fixed location (i.e., position-independent).
-
-These limitations will likely be addressed soon.
-
-
-*** IMAGE FORMAT
-
-The following definitions describe the image header format.
-
-#define IMAGE_MAGIC                 0x96f3b83c
-
-struct image_version {
-    uint8_t iv_major;
-    uint8_t iv_minor;
-    uint16_t iv_revision;
-    uint32_t iv_build_num;
-};
-
-/** Image header.  All fields are in little endian byte order. */
-struct image_header {
-    uint32_t ih_magic;
-    uint32_t ih_crc32; /* Covers remainder of header and all of image body. */
-    uint32_t ih_hdr_size;
-    uint32_t ih_img_size; /* Does not include header. */
-    uint32_t ih_flags;
-    struct image_version ih_ver;
-};
-
-At this time, no flags have been defined.
-
-The ih_hdr_size field indicates the length of the header, and therefore the
-offset of the image itself.  This field provides for backwards compatibility in
-case of changes to the format of the image header.
-
-When security is added, security data will likely go in a footer at the end of
-the image.
-
-
-*** FLASH AREAS
-
-Bootutil uses the same concept of "flash areas" as the nffs file system.
-Briefly, an area is a region of disk with the following properties:
-    (1) An area can be fully erased without affecting any other areas.
-    (2) A write to one area does not restrict writes to other areas.
-
-The areas used for image data must not be used for anything else.  In
-particular, these areas must be kept separate from the nffs file system.
-
-
-*** IMAGE SLOTS
-
-A portion of the flash memory is partitioned into two image slots: a primary
-slot and a secondary slot.  The boot loader will only run an image from the
-primary slot, so images must be built such that they can run from that fixed
-location in flash.  If the boot loader needs to run the image resident in the
-secondary slot, it must swap the two images in flash prior to booting.
-
-In addition to the two image slots, the boot loader requires a scratch area to
-allow for reliable image swapping.
-
-All areas used by image data (including the scratch area) must be the same
-size.
-
-
-*** BOOT VECTOR
-
-Bootutil determines which image it should boot into by reading the contents of
-the boot vector.  The boot vector comprises the following files in the flash
-file system:
-
-#define BOOT_PATH_MAIN      "/boot/main"
-#define BOOT_PATH_TEST      "/boot/test"
-
-Each file, if present, must contain a 64-bit image version.  This version is
-simply a "binary dump" of an image_version struct.  The test file is used to
-indicate that an image is being "tested out," and should only be booted once.
-The main file indicates the "last known good" image which should be booted
-repeatedly.
-
-The boot loader uses the following procedure to determine which image to boot:
-
-1) If the test file is present and contains a valid image version:
-    * Delete the test file.
-    * Boot into the specified image.
-
-2) Else if the main file is present and contains a valid image version:
-    * Boot into the specified image.
-
-3) Else:
-    * Just boot into whichever image is in the primary slot.  If there is no
-      image in the primary slot, boot into the image in the secondary slot.
-
-If a vector file contains a version which doesn't correspond to an image
-actually present in flash, the boot loader deletes the file and procedes as
-though the file was not present.
-
-
-*** BOOT STATUS
-
-The boot status file allows the boot loader to recover in case it was reset
-while in the middle of an image swap operation.  Image swapping is discussed
-later in this document; the structure of the boot status file is presented
-here.  To ensure recovery is always possible, bootutil updates the status file
-at each step throughout the image swap process.  The boot status is contained
-in the following file:
-
-#define BOOT_PATH_STATUS    "/boot/status"
-
-The contents of the boot status file are defined below.
-
-struct boot_status {
-    uint32_t bs_img1_length;
-    uint32_t bs_img2_length;
-    /* Followed by sequence of boot status entries; file size indicates number
-     * of entries.
-     */
-};
-
-struct boot_status_entry {
-    uint8_t bse_image_num;
-    uint8_t bse_part_num;
-};
-
-#define BOOT_IMAGE_NUM_NONE     0xff
-
-There is a separate boot status entry for each flash area used by the boot
-loader (i.e., each area in the two slots, plus one for the scratch area).  The
-entries are placed in the file in the same order as their corresponding areas
-in flash.  Each entry indicates which image part is resident in the
-corresponding flash area.  If a flash area does not contain any image data, its
-corresponding entry will have a bse_image_num value of BOOT_IMAGE_NUM_NONE.
-
-Consider the following example:
-
-Five flash areas are dedicated to image data, as follows:
-
-    Area 0: slot 0, 0/1
-    Area 1: slot 0, 1/1
-    Area 2: slot 1, 0/1
-    Area 3: slot 1, 1/1
-    Area 4: scratch
-
-The following array of boot status entries is read from the status file:
-
-    [0] = {
-        .bse_image_num = 0,
-        .bse_part_num = 0,
-    },
-    [1] = { 
-        .bse_image_num = 0,
-        .bse_part_num = 1,
-    },
-    [2] = { 
-        .bse_image_num = 1,
-        .bse_part_num = 0,
-    },
-    [3] = { 
-        .bse_image_num = 1,
-        .bse_part_num = 1,
-    },
-    [4] = { 
-        .bse_image_num = 0xff,
-        .bse_part_num = 0xff,
-    },
-
-This status file indicates the following image placement:
-
-    Area 0: image 0, part 0
-    Area 1: image 0, part 1
-    Area 2: image 1, part 0
-    Area 3: image 1, part 1
-    Scratch area: empty
-
-Images don't have an instrinsic image number.  When a swap operation is
-started, the image initially in the primary slot is labelled image 0, and the
-image in the secondary slot is labelled image 1.  All swap operations end with
-image 1 in the primary slot, and image 0 in the secondary slot.
-
-The boot status header containing the image sizes is necessary so that bootutil
-can determine how many flash areas each image occupies.  Without this
-information, bootutil would need to swap the full contents of the image slots,
-including useless data after the end of each image.
-
-The status file is always deleted upon successful boot.
-
-
-*** IMAGE SWAPPING
-
-If the boot vector indicates that the image in the secondary slot should be
-run, the boot loader needs to copy it to the primary slot.  The image currently
-in the primary slot also needs to be retained in flash so that it can be used
-later.  Furthermore, both images need to be recoverable if the boot loader
-resets in the middle of the process.  The two images are swapped according to
-the following procedure:
-
-    1. Determine how many flash areas are required to hold the desired image.
-    2. For each required area in the primary slot ("destination area"):
-        a. Identify the flash area in the secondary slot which contains the
-           required image data ("source area").
-        b. Erase scratch area.
-        c. Copy destination area to scratch area.
-        d. Write updated boot status to the file system.
-        e. Erase destination area.
-        f. Copy source area to destination area.
-        g. Write updated boot status to the file system.
-        h. Erase source area.
-        i. Copy scratch area to source area.
-        j. Write updated boot status to the file system.
-    3. Determine how many flash areas are required to hold image 1.
-    4. For each required area in the secondary slot ("destination area"):
-        a. If the destination area already contains the required image data,
-           advance to the next image part.
-        b. Else, identify the flash area in the primary slot which contains the
-           required image data ("source area").
-        c. Repeat steps b through j from step 2.
-
-This procedure ensures that the contents of the boot status file are always
-accurate, so the boot loader can recover after an unexpected reset.
-
-Step 4 is necessary in case the two images do not occupy the same number of
-flash areas.
-
-
-*** RESET RECOVERY
-
-If the boot loader resets in the middle of a swap operation, the two images may
-be discontiguous in flash.  Bootutil recovers from this condition by using the
-boot status file to determine how the image parts are placed in flash.
-
-If the boot status file indicates that the images are not contiguous, bootutil
-completes the swap operation that was in progress when the system was reset.
-In other words, it applies the procedure defined in the previous section,
-moving image 1 into slot 0 and image 0 into slot 1.  If the boot status file
-indicates that an image part is present in the scratch area, this part is
-copied into the correct location by starting at step e or step h in the
-area-swap procedure, depending on whether the part belongs to image 0 or image
-1.
-
-After the swap operation has been completed, the boot loader proceeds as though
-it had just been started.
-
-
-*** API
-
-The API consists of a single function:
-
-/**
- * Prepares the booting process.  Based on the information provided in the
- * request object, this function moves images around in flash as appropriate,
- * and tells you what address to boot from.
- *
- * @param req                   Contains information about the flash layout.
- * @param rsp                   On success, indicates how booting should occur.
- *
- * @return                      0 on success; nonzero on failure.
- */
-int boot_go(const struct boot_req *req, struct boot_rsp *rsp)
-
-The request and response structures are defined as follows:
-
-/** A request object instructing the boot loader how to proceed. */
-struct boot_req {
-    /**
-     * Array of area descriptors indicating the layout of internal flash; must
-     * be terminated with a 0-length element.
-     */
-    struct nffs_area_desc *br_area_descs;
-
-    /**
-     * Array of indices of elements in the br_area_descs array; indicates which
-     * areas hold image data.
-     */
-    uint8_t *br_image_areas;
-
-    /**
-     * Array of indices of elements in the br_area_descs array; indicates which
-     * areas represent the beginning of an image slot.  This should be a subset
-     * of the br_image_areas array.
-     */
-    uint8_t *br_slot_areas;
-
-    /**
-     * The number of image areas (i.e., the size of the br_image_areas array).
-     */
-    uint8_t br_num_image_areas;
-
-    /** The index of the area to use as the image scratch area. */
-    uint8_t br_scratch_area_idx;
-};
-
-/**
- * A response object provided by the boot loader code; indicates where to jump
- * to execute the main image.
- */
-struct boot_rsp {
-    /** A pointer to the header of the image to be executed. */
-    const struct image_header *br_hdr;
-
-    /**
-     * The flash offset of the image to execute.  Indicates the position of
-     * the image header.
-     */
-    uint32_t br_image_addr;
-};
-
-
-*** EXAMPLE USAGE
-
-In this example, each image slot consists of three flash areas.
-
-/** Internal flash layout. */
-static struct nffs_area_desc boot_area_descs[] = {
-    [0] =  { 0x08000000, 16 * 1024 },
-    [1] =  { 0x08004000, 16 * 1024 },
-    [2] =  { 0x08008000, 16 * 1024 },
-    [3] =  { 0x0800c000, 16 * 1024 },
-    [4] =  { 0x08010000, 64 * 1024 },
-    [5] =  { 0x08020000, 128 * 1024 }, /* Image data; 0,0. */
-    [6] =  { 0x08040000, 128 * 1024 }, /* Image data; 0,1. */
-    [7] =  { 0x08060000, 128 * 1024 }, /* Image data; 0,2. */
-    [8] =  { 0x08080000, 128 * 1024 }, /* Image data; 1,0. */
-    [9] =  { 0x080a0000, 128 * 1024 }, /* Image data; 1,1. */
-    [10] = { 0x080c0000, 128 * 1024 }, /* Image data; 1,2. */
-    [11] = { 0x080e0000, 128 * 1024 }, /* Image scratch area. */
-    { 0, 0 },
-};
-
-/** Contains indices of the areas which can contain image data. */
-static uint8_t boot_img_areas[] = {
-    5, 6, 7, 8, 9, 10, 11,
-};
-
-/** Areas representing the beginning of image slots. */
-static uint8_t boot_slot_areas[] = {
-    5, 8,
-};
-
-#define BOOT_NUM_IMG_AREAS \
-    ((int)(sizeof boot_img_areas / sizeof boot_img_areas[0]))
-
-/** The scratch area to use during an image swap operation. */
-#define BOOT_AREA_IDX_SCRATCH 11
-
-int
-main(void)
-{
-    struct boot_rsp rsp;
-    int rc;
-
-    const struct boot_req req = {
-        .br_area_descs = boot_area_descs,
-        .br_image_areas = boot_img_areas,
-        .br_slot_areas = boot_slot_areas,
-        .br_num_image_areas = BOOT_NUM_IMG_AREAS,
-        .br_scratch_area_idx = BOOT_AREA_IDX_SCRATCH,
-    };
-
-    rc = boot_go(&req, &rsp);
-    assert(rc == 0);
-
-    /* Perform jump to address indicated by the response object. */
-
-    return 0;
-}
-
-
-*** DEPENDENCIES
-    * nffs (for the boot vector and boot status files).
-    * os (for os_malloc() and os_free()).

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/include/bootutil/bootutil_misc.h
----------------------------------------------------------------------
diff --git a/libs/bootutil/include/bootutil/bootutil_misc.h b/libs/bootutil/include/bootutil/bootutil_misc.h
deleted file mode 100644
index 2e3049d..0000000
--- a/libs/bootutil/include/bootutil/bootutil_misc.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#ifndef __BOOTUTIL_MISC_H_
-#define __BOOTUTIL_MISC_H_
-
-int boot_vect_read_test(int *slot);
-int boot_vect_read_main(int *slot);
-int boot_vect_write_test(int slot);
-int boot_vect_write_main(void);
-
-#endif /*  __BOOTUTIL_MISC_H_ */

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/include/bootutil/bootutil_test.h
----------------------------------------------------------------------
diff --git a/libs/bootutil/include/bootutil/bootutil_test.h b/libs/bootutil/include/bootutil/bootutil_test.h
deleted file mode 100644
index 55c8a67..0000000
--- a/libs/bootutil/include/bootutil/bootutil_test.h
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- * 
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#ifndef H_BOOTUTIL_TEST_
-#define H_BOOTUTIL_TEST_
-
-int boot_test_all(void);
-
-#endif

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/include/bootutil/image.h
----------------------------------------------------------------------
diff --git a/libs/bootutil/include/bootutil/image.h b/libs/bootutil/include/bootutil/image.h
deleted file mode 100644
index 0974d5b..0000000
--- a/libs/bootutil/include/bootutil/image.h
+++ /dev/null
@@ -1,89 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#ifndef H_IMAGE_
-#define H_IMAGE_
-
-#include <inttypes.h>
-
-#define IMAGE_MAGIC                 0x96f3b83c
-#define IMAGE_MAGIC_NONE            0xffffffff
-
-/*
- * Image header flags.
- */
-#define IMAGE_F_PIC                   0x00000001
-#define IMAGE_F_SHA256                0x00000002	/* Image contains hash TLV */
-#define IMAGE_F_PKCS15_RSA2048_SHA256 0x00000004 /* PKCS15 w/RSA and SHA */
-#define IMAGE_F_ECDSA224_SHA256       0x00000008  /* ECDSA256 over SHA256 */
-#define IMAGE_F_NON_BOOTABLE          0x00000010
-#define IMAGE_HEADER_SIZE           32
-
-/*
- * Image trailer TLV types.
- */
-#define IMAGE_TLV_SHA256            1	/* SHA256 of image hdr and body */
-#define IMAGE_TLV_RSA2048           2	/* RSA2048 of hash output */
-#define IMAGE_TLV_ECDSA224          3   /* ECDSA of hash output */
-
-struct image_version {
-    uint8_t iv_major;
-    uint8_t iv_minor;
-    uint16_t iv_revision;
-    uint32_t iv_build_num;
-};
-
-#define IMAGE_SIZE(hdr)                                                 \
-    ((hdr)->ih_tlv_size + (hdr)->ih_hdr_size + (hdr)->ih_img_size)
-
-/** Image header.  All fields are in little endian byte order. */
-struct image_header {
-    uint32_t ih_magic;
-    uint16_t ih_tlv_size; /* Trailing TLVs */
-    uint8_t  ih_key_id;
-    uint8_t  _pad1;
-    uint16_t ih_hdr_size;
-    uint16_t _pad2;
-    uint32_t ih_img_size; /* Does not include header. */
-    uint32_t ih_flags;
-    struct image_version ih_ver;
-    uint32_t _pad3;
-};
-
-/** Image trailer TLV format. All fields in little endian. */
-struct image_tlv {
-    uint8_t  it_type;
-    uint8_t  _pad;
-    uint16_t it_len;
-};
-
-struct boot_image_location {
-    uint8_t bil_flash_id;
-    uint32_t bil_address;
-};
-
-
-_Static_assert(sizeof(struct image_header) == IMAGE_HEADER_SIZE,
-               "struct image_header not required size");
-
-int bootutil_img_validate(struct image_header *hdr, uint8_t flash_id,
-                        uint32_t addr, uint8_t *tmp_buf, uint32_t tmp_buf_sz,
-                        uint8_t *seed, int seed_len, uint8_t *out_hash);
-
-#endif

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/include/bootutil/loader.h
----------------------------------------------------------------------
diff --git a/libs/bootutil/include/bootutil/loader.h b/libs/bootutil/include/bootutil/loader.h
deleted file mode 100644
index 75e0d01..0000000
--- a/libs/bootutil/include/bootutil/loader.h
+++ /dev/null
@@ -1,84 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- * 
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#ifndef H_LOADER_
-#define H_LOADER_
-
-#include <inttypes.h>
-struct image_header;
-
-/** A request object instructing the boot loader how to proceed. */
-struct boot_req {
-    /**
-     * Array of area descriptors indicating the layout of flash(es); must
-     * be terminated with a 0-length element.
-     */
-    struct flash_area *br_area_descs;
-
-    /**
-     * Array of indices of elements in the br_area_descs array; indicates which
-     * areas represent the beginning of an image slot.  These are indices
-     * to br_area_descs array.
-     */
-    uint8_t *br_slot_areas;
-
-    /**
-     * The number of image areas (i.e., the size of the br_image_areas array).
-     */
-    uint8_t br_num_image_areas;
-
-    /** The area to use as the image scratch area, index is
-	index to br_area_descs array, of the  */
-    uint8_t br_scratch_area_idx;
-
-    /** Size of the image slot */
-    uint32_t br_img_sz;
-};
-
-/**
- * A response object provided by the boot loader code; indicates where to jump
- * to execute the main image.
- */
-struct boot_rsp {
-    /** A pointer to the header of the image to be executed. */
-    const struct image_header *br_hdr;
-
-    /**
-     * The flash offset of the image to execute.  Indicates the position of
-     * the image header.
-     */
-    uint8_t br_flash_id;
-    uint32_t br_image_addr;
-};
-
-/* you must have pre-allocated all the entries within this structure */
-int
-boot_build_request(struct boot_req *preq, int area_descriptor_max);
-
-int
-boot_go(const struct boot_req *req, struct boot_rsp *rsp);
-
-
-#define SPLIT_GO_OK                 (0)
-#define SPLIT_GO_NON_MATCHING       (-1)
-#define SPLIT_GO_ERR                (-2)
-int
-split_go(int loader_slot, int split_slot, void **entry);
-
-#endif

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/include/bootutil/sign_key.h
----------------------------------------------------------------------
diff --git a/libs/bootutil/include/bootutil/sign_key.h b/libs/bootutil/include/bootutil/sign_key.h
deleted file mode 100644
index 5ccda90..0000000
--- a/libs/bootutil/include/bootutil/sign_key.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#ifndef __BOOTUTIL_SIGN_KEY_H_
-#define __BOOTUTIL_SIGN_KEY_H_
-
-#include <stdint.h>
-
-struct bootutil_key {
-    const uint8_t *key;
-    const unsigned int *len;
-};
-
-extern const struct bootutil_key bootutil_keys[];
-extern const int bootutil_key_cnt;
-
-#endif /* __BOOTUTIL_SIGN_KEY_H_ */

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/pkg.yml
----------------------------------------------------------------------
diff --git a/libs/bootutil/pkg.yml b/libs/bootutil/pkg.yml
deleted file mode 100644
index 390610a..0000000
--- a/libs/bootutil/pkg.yml
+++ /dev/null
@@ -1,41 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
-pkg.name: libs/bootutil
-pkg.description: The bootutil library performs most of the functions of a boot loader.
-pkg.author: "Apache Mynewt <dev@mynewt.incubator.apache.org>"
-pkg.homepage: "http://mynewt.apache.org/"
-pkg.keywords:
-    - boot
-    - bootloader
-
-pkg.deps: 
-    - hw/hal
-    - crypto/mbedtls
-    - libs/os 
-
-pkg.syscfg_defs:
-    BOOTUTIL_SIGN_RSA:
-        description: 'TBD'
-        value: '0'
-    BOOTUTIL_SIGN_EC:
-        description: 'TBD'
-        value: '0'
-pkg.cflags.IMAGE_KEYS_RSA: -DIMAGE_SIGNATURES_RSA
-pkg.cflags.IMAGE_KEYS_EC: -DIMAGE_SIGNATURES_EC

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/signed_images.md
----------------------------------------------------------------------
diff --git a/libs/bootutil/signed_images.md b/libs/bootutil/signed_images.md
deleted file mode 100644
index 39792ea..0000000
--- a/libs/bootutil/signed_images.md
+++ /dev/null
@@ -1,91 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-#  KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
--->
-
-## Image signing
-
-This signs the image by computing hash over the image, and then
-signing that hash. Signature is computed by newt tool when it's
-creating the image. This signature is placed in the image trailer.
-
-The public key of this keypair must be included in the bootloader,
-as it verifies it before allowing the image to run.
-
-This facility allows you to use multiple signing keys. This would
-be useful when you want to prevent production units from booting
-development images, but want development units to be able to boot
-both production images and development images.
-
-## Creating signing keys
-First you need a keypair to use for signing. You can create
-one with openssl command line tool.
-
-openssl genrsa -out image_sign.pem 2048
-
-This created a file which contains both the private and public key,
-and will be used when signing images.
-
-Then you need to extract the public key from this to include it
-in the bootloader. Bootloader need to keep key parsing minimal,
-so it expects simple key format.
-
-openssl rsa -in image_sign.pem -pubout -out image_sign_pub.der -outform DER -RSAPublicKey_out
-
-Now the public key is in file called image_sign_pub.der.
-
-## Creating a key package
-
-xxd -i image_sign_pub.der image_sign_pub.c.import
-
-Then you need to create a package containing this key, or keys.
-In the pkg.yml for this package, you advertise feature IMAGE_KEYS_RSA or
-IMAGE_KEYS_EC.
-Once this is done, bootloader will expect keys to be filled in
-'bootutil_keys', and the number of keys to be in 'bootutil_key_cnt'.
-
-## Sample pkg.yml
-This gets bootutil to turn on image signature validation.
-
-    pkg.name: libs/mykeys
-    pkg.deps:
-        - libs/bootutil
-    pkg.features.bootloader:
-        - IMAGE_KEYS_RSA
-
-## Sample source file
-This exports the keys.
-
-    #include <bootutil/sign_key.h>
-
-    #include "image_sign_pub.c.import"
-
-    const struct bootutil_key bootutil_keys[] = {
-        [0] = {
-            .key = image_sign_pub_der,
-            .len = &image_sign_pub_der_len,
-        }
-    };
-
-    const int bootutil_key_cnt = sizeof(bootutil_keys) / sizeof(bootutil_keys[0]);
-
-## Building bootloader
-
-After you've created the key package, you must include it in the build
-for bootloader. So modify the pkg.yml for apps/boot to include it.

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/src/bootutil_misc.c
----------------------------------------------------------------------
diff --git a/libs/bootutil/src/bootutil_misc.c b/libs/bootutil/src/bootutil_misc.c
deleted file mode 100644
index f64d2a4..0000000
--- a/libs/bootutil/src/bootutil_misc.c
+++ /dev/null
@@ -1,319 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#include <assert.h>
-#include <string.h>
-#include <inttypes.h>
-
-#include "syscfg/syscfg.h"
-#include "hal/hal_bsp.h"
-#include "hal/hal_flash.h"
-#include "hal/flash_map.h"
-#include "os/os.h"
-#include "bootutil/image.h"
-#include "bootutil/loader.h"
-#include "bootutil/bootutil_misc.h"
-#include "bootutil_priv.h"
-
-/*
- * Read the image trailer from a given slot.
- */
-static int
-boot_vect_read_img_trailer(int slot, struct boot_img_trailer *bit)
-{
-    int rc;
-    const struct flash_area *fap;
-    uint32_t off;
-
-    rc = flash_area_open(slot, &fap);
-    if (rc) {
-        return rc;
-    }
-    off = fap->fa_size - sizeof(struct boot_img_trailer);
-    rc = flash_area_read(fap, off, bit, sizeof(*bit));
-    flash_area_close(fap);
-
-    return rc;
-}
-
-/**
- * Retrieves from the slot number of the test image (i.e.,
- * the image that has not been proven stable, and which will only run once).
- *
- * @param slot              On success, the slot number of image to boot.
- *
- * @return                  0 on success; nonzero on failure.
- */
-int
-boot_vect_read_test(int *slot)
-{
-    struct boot_img_trailer bit;
-    int i;
-    int rc;
-
-    for (i = FLASH_AREA_IMAGE_0; i <= FLASH_AREA_IMAGE_1; i++) {
-        if (i == bsp_imgr_current_slot()) {
-            continue;
-        }
-        rc = boot_vect_read_img_trailer(i, &bit);
-        if (rc) {
-            continue;
-        }
-        if (bit.bit_copy_start == BOOT_IMG_MAGIC) {
-            *slot = i;
-            return 0;
-        }
-    }
-    return -1;
-}
-
-/**
- * Retrieves from the slot number of the main image. If this is
- * different from test image slot, next restart will revert to main.
- *
- * @param out_ver           On success, the main version gets written here.
- *
- * @return                  0 on success; nonzero on failure.
- */
-int
-boot_vect_read_main(int *slot)
-{
-    int rc;
-    struct boot_img_trailer bit;
-
-    rc = boot_vect_read_img_trailer(FLASH_AREA_IMAGE_0, &bit);
-    assert(rc == 0);
-
-    if (bit.bit_copy_start != BOOT_IMG_MAGIC || bit.bit_img_ok != 0xff) {
-        /*
-         * If there never was copy that took place, or if the current
-         * image has been marked good, we'll keep booting it.
-         */
-        *slot = FLASH_AREA_IMAGE_0;
-    } else {
-        *slot = FLASH_AREA_IMAGE_1;
-    }
-    return 0;
-}
-
-/**
- * Write the test image version number from the boot vector.
- *
- * @return                  0 on success; nonzero on failure.
- */
-int
-boot_vect_write_test(int slot)
-{
-    const struct flash_area *fap;
-    uint32_t off;
-    uint32_t magic;
-    int rc;
-
-    rc = flash_area_open(slot, &fap);
-    if (rc) {
-        return rc;
-    }
-
-    off = fap->fa_size - sizeof(struct boot_img_trailer);
-    magic = BOOT_IMG_MAGIC;
-
-    rc = flash_area_write(fap, off, &magic, sizeof(magic));
-    flash_area_close(fap);
-
-    return rc;
-}
-
-/**
- * Deletes the main image version number from the boot vector.
- * This must be called by the app to confirm that it is ok to keep booting
- * to this image.
- *
- * @return                  0 on success; nonzero on failure.
- */
-int
-boot_vect_write_main(void)
-{
-    const struct flash_area *fap;
-    uint32_t off;
-    int rc;
-    uint8_t val;
-
-    /*
-     * Write to slot 0.
-     */
-    rc = flash_area_open(FLASH_AREA_IMAGE_0, &fap);
-    if (rc) {
-        return rc;
-    }
-
-    off = fap->fa_size - sizeof(struct boot_img_trailer);
-    off += (sizeof(uint32_t) + sizeof(uint8_t));
-    rc = flash_area_read(fap, off, &val, sizeof(val));
-    if (!rc && val == 0xff) {
-        val = 0;
-        rc = flash_area_write(fap, off, &val, sizeof(val));
-    }
-    return rc;
-}
-
-/**
- * Reads the header of image present in flash.  Header corresponding to
- * empty image slot is filled with 0xff bytes.
- *
- * @param out_headers           Points to an array of image headers.  Each
- *                                  element is filled with the header of the
- *                                  corresponding image in flash.
- * @param addresses             An array containing the flash addresses of each
- *                                  image slot.
- * @param num_addresses         The number of headers to read.  This should
- *                                  also be equal to the lengths of the
- *                                  out_headers and addresses arrays.
- */
-int
-boot_read_image_header(struct boot_image_location *loc,
-                       struct image_header *out_hdr)
-{
-    int rc;
-
-    rc = hal_flash_read(loc->bil_flash_id, loc->bil_address, out_hdr,
-                        sizeof *out_hdr);
-    if (rc != 0) {
-        rc = BOOT_EFLASH;
-    } else if (out_hdr->ih_magic != IMAGE_MAGIC) {
-        rc = BOOT_EBADIMAGE;
-    }
-
-    if (rc) {
-        memset(out_hdr, 0xff, sizeof(*out_hdr));
-    }
-    return rc;
-}
-
-/*
- * How far has the copy progressed?
- */
-static void
-boot_read_status_bytes(struct boot_status *bs, uint8_t flash_id, uint32_t off)
-{
-    uint8_t status;
-
-    assert(bs->elem_sz);
-    off -= bs->elem_sz * 2;
-    while (1) {
-        hal_flash_read(flash_id, off, &status, sizeof(status));
-        if (status == 0xff) {
-            break;
-        }
-        off -= bs->elem_sz;
-        if (bs->state == 2) {
-            bs->idx++;
-            bs->state = 0;
-        } else {
-            bs->state++;
-        }
-    }
-}
-
-/**
- * Reads the boot status from the flash.  The boot status contains
- * the current state of an interrupted image copy operation.  If the boot
- * status is not present, or it indicates that previous copy finished,
- * there is no operation in progress.
- */
-int
-boot_read_status(struct boot_status *bs)
-{
-    struct boot_img_trailer bit;
-    uint8_t flash_id;
-    uint32_t off;
-
-    /*
-     * Check if boot_img_trailer is in scratch, or at the end of slot0.
-     */
-    boot_slot_magic(0, &bit);
-    if (bit.bit_copy_start == BOOT_IMG_MAGIC && bit.bit_copy_done == 0xff) {
-        boot_magic_loc(0, &flash_id, &off);
-        boot_read_status_bytes(bs, flash_id, off);
-        return 1;
-    }
-    boot_scratch_magic(&bit);
-    if (bit.bit_copy_start == BOOT_IMG_MAGIC && bit.bit_copy_done == 0xff) {
-        boot_scratch_loc(&flash_id, &off);
-        boot_read_status_bytes(bs, flash_id, off);
-        return 1;
-    }
-    return 0;
-}
-
-
-/**
- * Writes the supplied boot status to the flash file system.  The boot status
- * contains the current state of an in-progress image copy operation.
- *
- * @param bs                    The boot status to write.
- *
- * @return                      0 on success; nonzero on failure.
- */
-int
-boot_write_status(struct boot_status *bs)
-{
-    uint32_t off;
-    uint8_t flash_id;
-    uint8_t val;
-
-    if (bs->idx == 0) {
-        /*
-         * Write to scratch
-         */
-        boot_scratch_loc(&flash_id, &off);
-    } else {
-        /*
-         * Write to slot 0;
-         */
-        boot_magic_loc(0, &flash_id, &off);
-    }
-    off -= ((3 * bs->elem_sz) * bs->idx + bs->elem_sz * (bs->state + 1));
-
-    val = bs->state;
-    hal_flash_write(flash_id, off, &val, sizeof(val));
-
-    return 0;
-}
-
-/**
- * Finalizes the copy-in-progress status on the flash.  The boot status
- * contains the current state of an in-progress image copy operation.  By
- * clearing this, it is implied that there is no copy operation in
- * progress.
- */
-void
-boot_clear_status(void)
-{
-    uint32_t off;
-    uint8_t val = 0;
-    uint8_t flash_id;
-
-    /*
-     * Write to slot 0; boot_img_trailer is the 8 bytes within image slot.
-     * Here we say that copy operation was finished.
-     */
-    boot_magic_loc(0, &flash_id, &off);
-    off += sizeof(uint32_t);
-    hal_flash_write(flash_id, off, &val, sizeof(val));
-}

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/src/bootutil_priv.h
----------------------------------------------------------------------
diff --git a/libs/bootutil/src/bootutil_priv.h b/libs/bootutil/src/bootutil_priv.h
deleted file mode 100644
index e5b231c..0000000
--- a/libs/bootutil/src/bootutil_priv.h
+++ /dev/null
@@ -1,75 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#ifndef H_BOOTUTIL_PRIV_
-#define H_BOOTUTIL_PRIV_
-
-#include "bootutil/image.h"
-
-#define BOOT_EFLASH     1
-#define BOOT_EFILE      2
-#define BOOT_EBADIMAGE  3
-#define BOOT_EBADVECT   4
-#define BOOT_EBADSTATUS 5
-#define BOOT_ENOMEM     6
-#define BOOT_EBADARGS   7
-
-#define BOOT_TMPBUF_SZ  256
-
-
-
-/*
- * Maintain state of copy progress.
- */
-struct boot_status {
-    uint32_t idx;       /* Which area we're operating on */
-    uint8_t elem_sz;    /* Size of the status element to write in bytes */
-    uint8_t state;      /* Which part of the swapping process are we at */
-};
-
-/*
- * End-of-image slot data structure.
- */
-#define BOOT_IMG_MAGIC  0x12344321
-struct boot_img_trailer {
-    uint32_t bit_copy_start;
-    uint8_t  bit_copy_done;
-    uint8_t  bit_img_ok;
-    uint16_t _pad;
-};
-
-int bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, int slen,
-    uint8_t key_id);
-
-int boot_read_image_header(struct boot_image_location *loc,
-  struct image_header *out_hdr);
-int boot_write_status(struct boot_status *bs);
-int boot_read_status(struct boot_status *bs);
-void boot_clear_status(void);
-
-void boot_magic_loc(int slot_num, uint8_t *flash_id, uint32_t *off);
-void boot_scratch_loc(uint8_t *flash_id, uint32_t *off);
-void boot_slot_magic(int slot_num, struct boot_img_trailer *bit);
-void boot_scratch_magic(struct boot_img_trailer *bit);
-
-struct boot_req;
-void boot_req_set(struct boot_req *req);
-
-#endif
-

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/src/image_ec.c
----------------------------------------------------------------------
diff --git a/libs/bootutil/src/image_ec.c b/libs/bootutil/src/image_ec.c
deleted file mode 100644
index f3adfcf..0000000
--- a/libs/bootutil/src/image_ec.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#include "syscfg/syscfg.h"
-
-#if MYNEWT_VAL(BOOTUTIL_SIGN_EC)
-#include "bootutil/sign_key.h"
-
-#include "mbedtls/sha256.h"
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/asn1.h"
-
-#include "bootutil_priv.h"
-
-/*
- * Declaring these like this adds NULL termination.
- */
-static const uint8_t ec_pubkey_oid[] = MBEDTLS_OID_EC_ALG_UNRESTRICTED;
-static const uint8_t ec_secp224r1_oid[] = MBEDTLS_OID_EC_GRP_SECP224R1;
-
-/*
- * Parse the public key used for signing. Simple RSA format.
- */
-static int
-bootutil_parse_eckey(mbedtls_ecdsa_context *ctx, uint8_t **p, uint8_t *end)
-{
-    size_t len;
-    mbedtls_asn1_buf alg;
-    mbedtls_asn1_buf param;
-
-    if (mbedtls_asn1_get_tag(p, end, &len,
-        MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) {
-        return -1;
-    }
-    end = *p + len;
-
-    if (mbedtls_asn1_get_alg(p, end, &alg, &param)) {
-        return -2;
-    }
-    if (alg.len != sizeof(ec_pubkey_oid) - 1 ||
-      memcmp(alg.p, ec_pubkey_oid, sizeof(ec_pubkey_oid) - 1)) {
-        return -3;
-    }
-    if (param.len != sizeof(ec_secp224r1_oid) - 1||
-      memcmp(param.p, ec_secp224r1_oid, sizeof(ec_secp224r1_oid) - 1)) {
-        return -4;
-    }
-
-    if (mbedtls_ecp_group_load_secp224r1(&ctx->grp)) {
-        return -5;
-    }
-
-    if (mbedtls_asn1_get_bitstring_null(p, end, &len)) {
-        return -6;
-    }
-    if (*p + len != end) {
-        return -7;
-    }
-
-    if (mbedtls_ecp_point_read_binary(&ctx->grp, &ctx->Q, *p, end - *p)) {
-        return -8;
-    }
-
-    if (mbedtls_ecp_check_pubkey(&ctx->grp, &ctx->Q)) {
-        return -9;
-    }
-    return 0;
-}
-
-static int
-bootutil_cmp_sig(mbedtls_ecdsa_context *ctx, uint8_t *hash, uint32_t hlen,
-  uint8_t *sig, int slen)
-{
-    return mbedtls_ecdsa_read_signature(ctx, hash, hlen, sig, slen);
-}
-
-int
-bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, int slen,
-  uint8_t key_id)
-{
-    int rc;
-    uint8_t *cp;
-    uint8_t *end;
-    mbedtls_ecdsa_context ctx;
-
-    mbedtls_ecdsa_init(&ctx);
-
-    cp = (uint8_t *)bootutil_keys[key_id].key;
-    end = cp + *bootutil_keys[key_id].len;
-
-    rc = bootutil_parse_eckey(&ctx, &cp, end);
-    if (rc) {
-        return -1;
-    }
-
-    while (sig[slen - 1] == '\0') {
-        slen--;
-    }
-    rc = bootutil_cmp_sig(&ctx, hash, hlen, sig, slen);
-    mbedtls_ecdsa_free(&ctx);
-
-    return rc;
-}
-#endif /* MYNEWT_VAL(BOOTUTIL_SIGN_EC) */

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/src/image_rsa.c
----------------------------------------------------------------------
diff --git a/libs/bootutil/src/image_rsa.c b/libs/bootutil/src/image_rsa.c
deleted file mode 100644
index e556092..0000000
--- a/libs/bootutil/src/image_rsa.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#include "syscfg/syscfg.h"
-
-#if MYNEWT_VAL(BOOTUTIL_SIGN_RSA)
-#include "bootutil/sign_key.h"
-
-#include "mbedtls/rsa.h"
-#include "mbedtls/asn1.h"
-
-#include "bootutil_priv.h"
-
-static const uint8_t sha256_oid[] = {
-    0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
-    0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05,
-    0x00, 0x04, 0x20
-};
-
-/*
- * Parse the public key used for signing. Simple RSA format.
- */
-static int
-bootutil_parse_rsakey(mbedtls_rsa_context *ctx, uint8_t **p, uint8_t *end)
-{
-    int rc;
-    size_t len;
-
-    if ((rc = mbedtls_asn1_get_tag(p, end, &len,
-          MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
-        return -1;
-    }
-
-    if (*p + len != end) {
-        return -2;
-    }
-
-    if ((rc = mbedtls_asn1_get_mpi(p, end, &ctx->N)) != 0 ||
-      (rc = mbedtls_asn1_get_mpi(p, end, &ctx->E)) != 0) {
-        return -3;
-    }
-
-    if (*p != end) {
-        return -4;
-    }
-
-    if ((rc = mbedtls_rsa_check_pubkey(ctx)) != 0) {
-        return -5;
-    }
-
-    ctx->len = mbedtls_mpi_size(&ctx->N);
-
-    return 0;
-}
-
-/*
- * PKCS1.5 using RSA2048 computed over SHA256.
- */
-static int
-bootutil_cmp_rsasig(mbedtls_rsa_context *ctx, uint8_t *hash, uint32_t hlen,
-  uint8_t *sig)
-{
-    uint8_t buf[MBEDTLS_MPI_MAX_SIZE];
-    uint8_t *p;
-
-    if (ctx->len != 256) {
-        return -1;
-    }
-
-    if (mbedtls_rsa_public(ctx, sig, buf)) {
-        return -1;
-    }
-
-    p = buf;
-
-    if (*p++ != 0 || *p++ != MBEDTLS_RSA_SIGN) {
-        return -1;
-    }
-
-    while (*p != 0) {
-        if (p >= buf + ctx->len - 1 || *p != 0xFF) {
-            return -1;
-        }
-        p++;
-    }
-    p++;
-
-    if ((p - buf) + sizeof(sha256_oid) + hlen != ctx->len) {
-        return -1;
-    }
-
-    if (memcmp(p, sha256_oid, sizeof(sha256_oid))) {
-        return -1;
-    }
-    p += sizeof(sha256_oid);
-
-    if (memcmp(p, hash, hlen)) {
-        return -1;
-    }
-
-    return 0;
-}
-
-int
-bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, int slen,
-  uint8_t key_id)
-{
-    mbedtls_rsa_context ctx;
-    int rc;
-    uint8_t *cp;
-    uint8_t *end;
-
-    mbedtls_rsa_init(&ctx, 0, 0);
-
-    cp = (uint8_t *)bootutil_keys[key_id].key;
-    end = cp + *bootutil_keys[key_id].len;
-
-    rc = bootutil_parse_rsakey(&ctx, &cp, end);
-    if (rc || slen != ctx.len) {
-        mbedtls_rsa_free(&ctx);
-        return rc;
-    }
-    rc = bootutil_cmp_rsasig(&ctx, hash, hlen, sig);
-    mbedtls_rsa_free(&ctx);
-
-    return rc;
-}
-#endif /* MYNEWT_VAL(BOOTUTIL_SIGN_RSA) */

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/src/image_validate.c
----------------------------------------------------------------------
diff --git a/libs/bootutil/src/image_validate.c b/libs/bootutil/src/image_validate.c
deleted file mode 100644
index 3793948..0000000
--- a/libs/bootutil/src/image_validate.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#include <assert.h>
-#include <stddef.h>
-#include <inttypes.h>
-#include <string.h>
-
-#include "syscfg/syscfg.h"
-#include "hal/hal_flash.h"
-#include "bootutil/image.h"
-#include "bootutil/sign_key.h"
-
-#include "mbedtls/sha256.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/asn1.h"
-
-#include "bootutil_priv.h"
-
-/*
- * Compute SHA256 over the image.
- */
-static int
-bootutil_img_hash(struct image_header *hdr, uint8_t flash_id, uint32_t addr,
-  uint8_t *tmp_buf, uint32_t tmp_buf_sz, uint8_t *hash_result, uint8_t *seed, int seed_len)
-{
-    mbedtls_sha256_context sha256_ctx;
-    uint32_t blk_sz;
-    uint32_t size;
-    uint32_t off;
-    int rc;
-
-    mbedtls_sha256_init(&sha256_ctx);
-    mbedtls_sha256_starts(&sha256_ctx, 0);
-
-    /* in some cases (split image) the hash is seeded with data from
-     * the loader image */
-    if(seed && (seed_len > 0)) {
-        mbedtls_sha256_update(&sha256_ctx, seed, seed_len);
-    }
-
-    size = hdr->ih_img_size + hdr->ih_hdr_size;
-
-    /*
-     * Hash is computed over image header and image itself. No TLV is
-     * included ATM.
-     */
-    size = hdr->ih_img_size + hdr->ih_hdr_size;
-    for (off = 0; off < size; off += blk_sz) {
-        blk_sz = size - off;
-        if (blk_sz > tmp_buf_sz) {
-            blk_sz = tmp_buf_sz;
-        }
-        rc = hal_flash_read(flash_id, addr + off, tmp_buf, blk_sz);
-        if (rc) {
-            return rc;
-        }
-        mbedtls_sha256_update(&sha256_ctx, tmp_buf, blk_sz);
-    }
-    mbedtls_sha256_finish(&sha256_ctx, hash_result);
-
-    return 0;
-}
-
-/*
- * Verify the integrity of the image.
- * Return non-zero if image could not be validated/does not validate.
- */
-int
-bootutil_img_validate(struct image_header *hdr, uint8_t flash_id, uint32_t addr,
-  uint8_t *tmp_buf, uint32_t tmp_buf_sz, uint8_t *seed, int seed_len, uint8_t *out_hash)
-{
-    uint32_t off;
-    uint32_t size;
-    uint32_t sha_off = 0;
-#if MYNEWT_VAL(BOOTUTIL_SIGN_RSA) || MYNEWT_VAL(BOOTUTIL_SIGN_EC)
-    uint32_t sig_off = 0;
-    uint32_t sig_len = 0;
-#endif
-    struct image_tlv tlv;
-    uint8_t buf[256];
-    uint8_t hash[32];
-    int rc;
-
-#if MYNEWT_VAL(BOOTUTIL_SIGN_RSA)
-    if ((hdr->ih_flags & IMAGE_F_PKCS15_RSA2048_SHA256) == 0) {
-        return -1;
-    }
-#endif
-#if MYNEWT_VAL(BOOTUTIL_SIGN_EC)
-    if ((hdr->ih_flags & IMAGE_F_ECDSA224_SHA256) == 0) {
-        return -1;
-    }
-#endif
-    if ((hdr->ih_flags & IMAGE_F_SHA256) == 0) {
-        return -1;
-    }
-
-    rc = bootutil_img_hash(hdr, flash_id, addr, tmp_buf, tmp_buf_sz, hash, seed, seed_len);
-    if (rc) {
-        return rc;
-    }
-
-    if(out_hash) {
-        memcpy(out_hash, hash, 32);
-    }
-
-    /*
-     * After image there's TLVs.
-     */
-    off = hdr->ih_img_size + hdr->ih_hdr_size;
-    size = off + hdr->ih_tlv_size;
-
-    for (; off < size; off += sizeof(tlv) + tlv.it_len) {
-        rc = hal_flash_read(flash_id, addr + off, &tlv, sizeof(tlv));
-        if (rc) {
-            return rc;
-        }
-        if (tlv.it_type == IMAGE_TLV_SHA256) {
-            if (tlv.it_len != sizeof(hash)) {
-                return -1;
-            }
-            sha_off = addr + off + sizeof(tlv);
-        }
-#if MYNEWT_VAL(BOOTUTIL_SIGN_RSA)
-        if (tlv.it_type == IMAGE_TLV_RSA2048) {
-            if (tlv.it_len != 256) { /* 2048 bits */
-                return -1;
-            }
-            sig_off = addr + off + sizeof(tlv);
-            sig_len = tlv.it_len;
-        }
-#endif
-#if MYNEWT_VAL(BOOTUTIL_SIGN_EC)
-        if (tlv.it_type == IMAGE_TLV_ECDSA224) {
-            if (tlv.it_len < 64) { /* oids + 2 * 28 bytes */
-                return -1;
-            }
-            sig_off = addr + off + sizeof(tlv);
-            sig_len = tlv.it_len;
-        }
-#endif
-    }
-    if (hdr->ih_flags & IMAGE_F_SHA256) {
-        if (!sha_off) {
-            /*
-             * Header said there should be hash TLV, no TLV found.
-             */
-            return -1;
-        }
-        rc = hal_flash_read(flash_id, sha_off, buf, sizeof(hash));
-        if (rc) {
-            return rc;
-        }
-        if (memcmp(hash, buf, sizeof(hash))) {
-            return -1;
-        }
-    }
-#if MYNEWT_VAL(BOOTUTIL_SIGN_RSA) || MYNEWT_VAL(BOOTUTIL_SIGN_EC)
-    if (!sig_off) {
-        /*
-         * Header said there should be PKCS1.v5 signature, no TLV
-         * found.
-         */
-        return -1;
-    }
-    rc = hal_flash_read(flash_id, sig_off, buf, sig_len);
-    if (rc) {
-        return -1;
-    }
-
-    if (hdr->ih_key_id >= bootutil_key_cnt) {
-        return -1;
-    }
-    rc = bootutil_verify_sig(hash, sizeof(hash), buf, sig_len, hdr->ih_key_id);
-    if (rc) {
-        return -1;
-    }
-#endif
-    return 0;
-}

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/src/loader.c
----------------------------------------------------------------------
diff --git a/libs/bootutil/src/loader.c b/libs/bootutil/src/loader.c
deleted file mode 100644
index e2d4cfa..0000000
--- a/libs/bootutil/src/loader.c
+++ /dev/null
@@ -1,652 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-#include <assert.h>
-#include <stddef.h>
-#include <inttypes.h>
-#include <stdlib.h>
-#include <string.h>
-#include <hal/flash_map.h>
-#include <hal/hal_flash.h>
-#include <os/os_malloc.h>
-#include "bootutil/loader.h"
-#include "bootutil/image.h"
-#include "bootutil/bootutil_misc.h"
-#include "bootutil_priv.h"
-
-/** Number of image slots in flash; currently limited to two. */
-#define BOOT_NUM_SLOTS              2
-
-/** The request object provided by the client. */
-static const struct boot_req *boot_req;
-
-/** Info about image slots. */
-static struct boot_img {
-    struct image_header hdr;
-    struct boot_image_location loc;
-    uint32_t area;
-} boot_img[BOOT_NUM_SLOTS];
-
-static struct boot_status boot_state;
-
-static int boot_erase_area(int area_idx, uint32_t sz);
-static uint32_t boot_copy_sz(int max_idx, int *cnt);
-
-
-int
-boot_build_request(struct boot_req *preq, int area_descriptor_max)
-{
-    int cnt;
-    int total;
-    int rc;
-    const struct flash_area *fap;
-    struct flash_area *descs = preq->br_area_descs;
-    uint8_t *img_starts = preq->br_slot_areas;
-
-    cnt = area_descriptor_max;
-    rc = flash_area_to_sectors(FLASH_AREA_IMAGE_0, &cnt, descs);
-    img_starts[0] = 0;
-    total = cnt;
-
-    flash_area_open(FLASH_AREA_IMAGE_0, &fap);
-    preq->br_img_sz = fap->fa_size;
-
-    cnt = area_descriptor_max - total;
-    if( cnt < 0) {
-        return -1;
-    }
-
-    rc = flash_area_to_sectors(FLASH_AREA_IMAGE_1, &cnt, &descs[total]);
-    if(rc != 0) {
-        return -2;
-    }
-    img_starts[1] = total;
-    total += cnt;
-
-    cnt = area_descriptor_max - total;
-    if( cnt < 0) {
-        return -3;
-    }
-
-    rc = flash_area_to_sectors(FLASH_AREA_IMAGE_SCRATCH, &cnt, &descs[total]);
-    if(rc != 0) {
-        return -4;
-    }
-
-    preq->br_scratch_area_idx = total;
-    total += cnt;
-    preq->br_num_image_areas = total;
-    return 0;
-}
-
-void
-boot_req_set(struct boot_req *req)
-{
-    boot_req = req;
-}
-
-/**
- * Calculates the flash offset of the specified image slot.
- *
- * @param slot_num              The number of the slot to calculate.
- * @param loc                   The flash location of the slot.
- *
- */
-static void
-boot_slot_addr(int slot_num, struct boot_image_location *loc)
-{
-    const struct flash_area *area_desc;
-    uint8_t area_idx;
-
-    area_idx = boot_req->br_slot_areas[slot_num];
-    area_desc = boot_req->br_area_descs + area_idx;
-    loc->bil_flash_id = area_desc->fa_flash_id;
-    loc->bil_address = area_desc->fa_off;
-}
-
-/*
- * Status about copy-in-progress is either in slot0 (target slot) or
- * in scratch area. It is in scratch area if the process is currently
- * moving the last sector within image.
- *
- * If the copy-in-progress status is within the image slot, it will
- * be at the end of the area.
- * If the sector containing the boot copy status is in scratch, it's
- * offset from beginning of scratch depends on how much of the image
- * fits inside the scratch area.
- *
- * We start copy from the end of image, so boot-copy-status is in
- * scratch when the first area is being moved. Otherwise it will be
- * in slot 0.
- */
-void
-boot_magic_loc(int slot_num, uint8_t *flash_id, uint32_t *off)
-{
-    struct boot_img *b;
-
-    b = &boot_img[slot_num];
-    *flash_id = b->loc.bil_flash_id;
-    *off = b->area + b->loc.bil_address - sizeof(struct boot_img_trailer);
-}
-
-void
-boot_scratch_loc(uint8_t *flash_id, uint32_t *off)
-{
-    struct flash_area *scratch;
-    int cnt;
-
-    scratch = &boot_req->br_area_descs[boot_req->br_scratch_area_idx];
-    *flash_id = scratch->fa_flash_id;
-
-    /*
-     * Calculate where the boot status would be, if it was copied to scratch.
-     */
-    *off = boot_copy_sz(boot_req->br_slot_areas[1], &cnt);
-    *off += (scratch->fa_off - sizeof(struct boot_img_trailer));
-}
-
-void
-boot_slot_magic(int slot_num, struct boot_img_trailer *bit)
-{
-    uint32_t off;
-    uint8_t flash_id;
-
-    boot_magic_loc(slot_num, &flash_id, &off);
-    memset(bit, 0xff, sizeof(*bit));
-    hal_flash_read(flash_id, off, bit, sizeof(*bit));
-}
-
-void
-boot_scratch_magic(struct boot_img_trailer *bit)
-{
-    uint32_t off;
-    uint8_t flash_id;
-
-    boot_scratch_loc(&flash_id, &off);
-    memset(bit, 0xff, sizeof(*bit));
-    hal_flash_read(flash_id, off, bit, sizeof(*bit));
-}
-
-/*
- * Gather info about image in a given slot.
- */
-void
-boot_image_info(void)
-{
-    int i;
-    struct boot_img *b;
-    struct flash_area *scratch;
-
-    for (i = 0; i < BOOT_NUM_SLOTS; i++) {
-        b = &boot_img[i];
-        boot_slot_addr(i, &b->loc);
-        boot_read_image_header(&b->loc, &b->hdr);
-        b->area = boot_req->br_img_sz;
-    }
-
-    /*
-     * Figure out what size to write update status update as.
-     * The size depends on what the minimum write size is for scratch
-     * area, active image slot. We need to use the bigger of those 2
-     * values.
-     */
-    boot_state.elem_sz = hal_flash_align(boot_img[0].loc.bil_flash_id);
-
-    scratch = &boot_req->br_area_descs[boot_req->br_scratch_area_idx];
-    i = hal_flash_align(scratch->fa_flash_id);
-    if (i > boot_state.elem_sz) {
-        boot_state.elem_sz = i;
-    }
-}
-
-static int
-boot_image_bootable(struct image_header *hdr) {
-    return ((hdr->ih_flags & IMAGE_F_NON_BOOTABLE) == 0);
-}
-
-/*
- * Validate image hash/signature in a slot.
- */
-static int
-boot_image_check(struct image_header *hdr, struct boot_image_location *loc)
-{
-    static void *tmpbuf;
-
-    if (!tmpbuf) {
-        tmpbuf = malloc(BOOT_TMPBUF_SZ);
-        if (!tmpbuf) {
-            return BOOT_ENOMEM;
-        }
-    }
-    if (bootutil_img_validate(hdr, loc->bil_flash_id, loc->bil_address,
-        tmpbuf, BOOT_TMPBUF_SZ, NULL, 0, NULL)) {
-        return BOOT_EBADIMAGE;
-    }
-    return 0;
-}
-
-
-static int
-split_image_check(struct image_header *app_hdr, struct boot_image_location *app_loc,
-                  struct image_header *loader_hdr, struct boot_image_location *loader_loc)
-{
-    static void *tmpbuf;
-    uint8_t loader_hash[32];
-
-    if (!tmpbuf) {
-        tmpbuf = malloc(BOOT_TMPBUF_SZ);
-        if (!tmpbuf) {
-            return BOOT_ENOMEM;
-        }
-    }
-    if (bootutil_img_validate(loader_hdr, loader_loc->bil_flash_id, loader_loc->bil_address,
-        tmpbuf, BOOT_TMPBUF_SZ, NULL, 0, loader_hash)) {
-        return BOOT_EBADIMAGE;
-    }
-
-    if (bootutil_img_validate(app_hdr, app_loc->bil_flash_id, app_loc->bil_address,
-        tmpbuf, BOOT_TMPBUF_SZ, loader_hash, 32, NULL)) {
-        return BOOT_EBADIMAGE;
-    }
-    return 0;
-}
-
-/**
- * Selects a slot number to boot from.
- *
- * @return                      The slot number to boot from on success;
- *                              -1 if an appropriate slot could not be
- *                              determined.
- */
-static int
-boot_select_image_slot(void)
-{
-    /*
-     * Check for swap magic. Check the integrity of the suggested image.
-     */
-    int rc;
-    int i;
-    struct boot_img *b;
-    struct boot_img_trailer bit;
-
-    boot_slot_magic(0, &bit);
-    if (bit.bit_copy_start == BOOT_IMG_MAGIC && bit.bit_copy_done != 0xff &&
-      bit.bit_img_ok == 0xff) {
-        /*
-         * Copied the image successfully, but image was not confirmed as good.
-         * We need to go back to another image.
-         */
-        boot_vect_write_test(FLASH_AREA_IMAGE_1);
-    }
-    for (i = 1; i < BOOT_NUM_SLOTS; i++) {
-        b = &boot_img[i];
-        boot_slot_magic(i, &bit);
-        if (bit.bit_copy_start == BOOT_IMG_MAGIC) {
-            if (b->hdr.ih_magic == IMAGE_MAGIC_NONE) {
-                continue;
-            }
-            if (!boot_image_bootable(&b->hdr)) {
-                continue;
-            }
-            rc = boot_image_check(&b->hdr, &b->loc);
-            if (rc) {
-                /*
-                 * Image fails integrity check. Erase it.
-                 */
-                boot_erase_area(boot_req->br_slot_areas[i], b->area);
-            } else {
-                return i;
-            }
-        }
-    }
-    return 0;
-}
-
-static int
-boot_status_sz(void)
-{
-    return sizeof(struct boot_img_trailer) + 32 * sizeof(uint32_t);
-}
-
-/*
- * How many sectors starting from sector[idx] can fit inside scratch.
- *
- */
-static uint32_t
-boot_copy_sz(int max_idx, int *cnt)
-{
-    int i;
-    uint32_t sz;
-    static uint32_t scratch_sz = 0;
-
-    if (!scratch_sz) {
-        for (i = boot_req->br_scratch_area_idx;
-             i < boot_req->br_num_image_areas;
-             i++) {
-            scratch_sz += boot_req->br_area_descs[i].fa_size;
-        }
-    }
-    sz = 0;
-    *cnt = 0;
-    for (i = max_idx - 1; i >= 0; i--) {
-        if (sz + boot_req->br_area_descs[i].fa_size > scratch_sz) {
-            break;
-        }
-        sz += boot_req->br_area_descs[i].fa_size;
-        *cnt = *cnt + 1;
-    }
-    return sz;
-}
-
-/**
- * Erase one area.  The destination area must
- * be erased prior to this function being called.
- *
- * @param area_idx            The index of the area.
- * @param sz                  The number of bytes to erase.
- *
- * @return                      0 on success; nonzero on failure.
- */
-static int
-boot_erase_area(int area_idx, uint32_t sz)
-{
-    const struct flash_area *area_desc;
-    int rc;
-
-    area_desc = boot_req->br_area_descs + area_idx;
-    rc = hal_flash_erase(area_desc->fa_flash_id, area_desc->fa_off, sz);
-    if (rc != 0) {
-        return BOOT_EFLASH;
-    }
-    return 0;
-}
-
-/**
- * Copies the contents of one area to another.  The destination area must
- * be erased prior to this function being called.
- *
- * @param from_area_idx       The index of the source area.
- * @param to_area_idx         The index of the destination area.
- * @param sz                  The number of bytes to move.
- *
- * @return                      0 on success; nonzero on failure.
- */
-static int
-boot_copy_area(int from_area_idx, int to_area_idx, uint32_t sz)
-{
-    const struct flash_area *from_area_desc;
-    const struct flash_area *to_area_desc;
-    uint32_t from_addr;
-    uint32_t to_addr;
-    uint32_t off;
-    int chunk_sz;
-    int rc;
-
-    static uint8_t buf[1024];
-
-    from_area_desc = boot_req->br_area_descs + from_area_idx;
-    to_area_desc = boot_req->br_area_descs + to_area_idx;
-
-    assert(to_area_desc->fa_size >= from_area_desc->fa_size);
-
-    off = 0;
-    while (off < sz) {
-        if (sz - off > sizeof buf) {
-            chunk_sz = sizeof buf;
-        } else {
-            chunk_sz = sz - off;
-        }
-
-        from_addr = from_area_desc->fa_off + off;
-        rc = hal_flash_read(from_area_desc->fa_flash_id, from_addr, buf,
-                            chunk_sz);
-        if (rc != 0) {
-            return rc;
-        }
-
-        to_addr = to_area_desc->fa_off + off;
-        rc = hal_flash_write(to_area_desc->fa_flash_id, to_addr, buf,
-                             chunk_sz);
-        if (rc != 0) {
-            return rc;
-        }
-
-        off += chunk_sz;
-    }
-
-    return 0;
-}
-
-/**
- * Swaps the contents of two flash areas belonging to images.
- *
- * @param area_idx            The index of first slot to exchange. This area
- *                                  must be part of the first image slot.
- * @param sz                  The number of bytes swap.
- *
- * @param end_area            Boolean telling whether this includes this
- *                                  area has last slots.
- *
- * @return                      0 on success; nonzero on failure.
- */
-static int
-boot_swap_areas(int idx, uint32_t sz, int end_area)
-{
-    int area_idx_1;
-    int area_idx_2;
-    int rc;
-
-    area_idx_1 = boot_req->br_slot_areas[0] + idx;
-    area_idx_2 = boot_req->br_slot_areas[1] + idx;
-    assert(area_idx_1 != area_idx_2);
-    assert(area_idx_1 != boot_req->br_scratch_area_idx);
-    assert(area_idx_2 != boot_req->br_scratch_area_idx);
-
-    if (boot_state.state == 0) {
-        rc = boot_erase_area(boot_req->br_scratch_area_idx, sz);
-        if (rc != 0) {
-            return rc;
-        }
-
-        rc = boot_copy_area(area_idx_2, boot_req->br_scratch_area_idx, sz);
-        if (rc != 0) {
-            return rc;
-        }
-
-        boot_state.state = 1;
-        (void)boot_write_status(&boot_state);
-    }
-    if (boot_state.state == 1) {
-        rc = boot_erase_area(area_idx_2, sz);
-        if (rc != 0) {
-            return rc;
-        }
-
-        rc = boot_copy_area(area_idx_1, area_idx_2,
-          end_area ? (sz - boot_status_sz()) : sz);
-        if (rc != 0) {
-            return rc;
-        }
-
-        boot_state.state = 2;
-        (void)boot_write_status(&boot_state);
-    }
-    if (boot_state.state == 2) {
-        rc = boot_erase_area(area_idx_1, sz);
-        if (rc != 0) {
-            return rc;
-        }
-
-        rc = boot_copy_area(boot_req->br_scratch_area_idx, area_idx_1, sz);
-        if (rc != 0) {
-            return rc;
-        }
-
-        boot_state.idx++;
-        boot_state.state = 0;
-        (void)boot_write_status(&boot_state);
-    }
-    return 0;
-}
-
-/**
- * Swaps the two images in flash.  If a prior copy operation was interrupted
- * by a system reset, this function completes that operation.
- *
- * @return                      0 on success; nonzero on failure.
- */
-static int
-boot_copy_image(void)
-{
-    uint32_t sz;
-    int i;
-    int end_area = 1;
-    int cnt;
-    int cur_idx;
-
-    for (i = boot_req->br_slot_areas[1], cur_idx = 0; i > 0; cur_idx++) {
-        sz = boot_copy_sz(i, &cnt);
-        i -= cnt;
-        if (cur_idx >= boot_state.idx) {
-            boot_swap_areas(i, sz, end_area);
-        }
-        end_area = 0;
-    }
-    boot_clear_status();
-
-    return 0;
-}
-
-/**
- * Prepares the booting process.  Based on the information provided in the
- * request object, this function moves images around in flash as appropriate,
- * and tells you what address to boot from.
- *
- * @param req                   Contains information about the flash layout.
- * @param rsp                   On success, indicates how booting should occur.
- *
- * @return                      0 on success; nonzero on failure.
- */
-int
-boot_go(const struct boot_req *req, struct boot_rsp *rsp)
-{
-    int slot;
-    int rc;
-
-    /* Set the global boot request object.  The remainder of the boot process
-     * will reference the global.
-     */
-    boot_req = req;
-
-    /* Attempt to read an image header from each slot. */
-    boot_image_info();
-
-    /* Read the boot status to determine if an image copy operation was
-     * interrupted (i.e., the system was reset before the boot loader could
-     * finish its task last time).
-     */
-    if (boot_read_status(&boot_state)) {
-        /* We are resuming an interrupted image copy. */
-        rc = boot_copy_image();
-        if (rc != 0) {
-            /* We failed to put the images back together; there is really no
-             * solution here.
-             */
-            return rc;
-        }
-    }
-
-    /*
-     * Check if we should initiate copy, or revert back to earlier image.
-     *
-     */
-    slot = boot_select_image_slot();
-    if (slot == -1) {
-        return BOOT_EBADIMAGE;
-    }
-
-    if (slot) {
-        boot_state.idx = 0;
-        boot_state.state = 0;
-        rc = boot_copy_image();
-        if (rc) {
-            return rc;
-        }
-    }
-
-    /* Always boot from the primary slot. */
-    rsp->br_flash_id = boot_img[0].loc.bil_flash_id;
-    rsp->br_image_addr = boot_img[0].loc.bil_address;
-    rsp->br_hdr = &boot_img[slot].hdr;
-
-    return 0;
-}
-
-#define SPLIT_AREA_DESC_MAX     (255)
-
-int
-split_go(int loader_slot, int split_slot, void **entry)
-{
-    int rc;
-    /** Areas representing the beginning of image slots. */
-    uint8_t img_starts[2];
-    struct flash_area *descs;
-    uint32_t entry_val;
-    struct boot_req req = {
-        .br_slot_areas = img_starts,
-    };
-
-    descs = calloc(SPLIT_AREA_DESC_MAX, sizeof(struct flash_area));
-    if (descs == NULL) {
-        return SPLIT_GO_ERR;
-    }
-
-    req.br_area_descs = descs;
-
-    rc = boot_build_request(&req, SPLIT_AREA_DESC_MAX);
-    if (rc != 0) {
-        rc = SPLIT_GO_ERR;
-        goto split_app_go_end;
-    }
-
-    boot_req = &req;
-
-    boot_image_info();
-
-    /* Don't check the bootable image flag because we could really
-      * call a bootable or non-bootable image.  Just validate that
-      * the image check passes which is distinct from the normal check */
-    rc = split_image_check(&boot_img[split_slot].hdr,
-                           &boot_img[split_slot].loc,
-                           &boot_img[loader_slot].hdr,
-                           &boot_img[loader_slot].loc);
-    if (rc != 0) {
-        rc = SPLIT_GO_NON_MATCHING;
-        goto split_app_go_end;
-    }
-
-    entry_val = (uint32_t) boot_img[split_slot].loc.bil_address +
-                         (uint32_t)  boot_img[split_slot].hdr.ih_hdr_size;
-    *entry = (void*) entry_val;
-    rc = SPLIT_GO_OK;
-
-split_app_go_end:
-    free(descs);
-    return rc;
-}

http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/6a7432f4/libs/bootutil/test/pkg.yml
----------------------------------------------------------------------
diff --git a/libs/bootutil/test/pkg.yml b/libs/bootutil/test/pkg.yml
deleted file mode 100644
index 6f6718b..0000000
--- a/libs/bootutil/test/pkg.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-pkg.name: libs/bootutil/test
-pkg.type: unittest
-pkg.description: "Bootutil unit tests."
-pkg.author: "Apache Mynewt <dev@mynewt.incubator.apache.org>"
-pkg.homepage: "http://mynewt.apache.org/"
-pkg.keywords:
-
-pkg.deps: 
-    - libs/bootutil
-    - libs/testutil
-
-pkg.deps.SELFTEST:
-    - libs/console/stub


Mime
View raw message