# Copyright (c) 2022 Nordic Semiconductor
#
# SPDX-License-Identifier: Apache-2.0

config SUPPORT_BOOTLOADER
	bool
	default y

config SUPPORT_BOOTLOADER_MCUBOOT_ZEPHYR
	bool
	default y

choice BOOTLOADER
	prompt "Bootloader support"
	default BOOTLOADER_NONE
	depends on SUPPORT_BOOTLOADER

config BOOTLOADER_NONE
	bool "None"
	help
	  Do not Include a bootloader in the build

config BOOTLOADER_MCUBOOT
	bool "MCUboot"
	depends on SUPPORT_BOOTLOADER_MCUBOOT_ZEPHYR
	help
	  Include MCUboot (Zephyr port) as the bootloader to use

endchoice

if BOOTLOADER_MCUBOOT

choice MCUBOOT_MODE
	prompt "Mode of operation"
	# Should be removed if board dts is updated
	default MCUBOOT_MODE_SWAP_USING_MOVE if SOC_FAMILY_ESPRESSIF_ESP32
	default MCUBOOT_MODE_SWAP_USING_OFFSET
	help
	  The operating mode of MCUboot (which will also be propagated to the application).

config MCUBOOT_MODE_SINGLE_APP
	bool "Single slot"
	help
	  MCUboot will only boot slot0_partition placed application and does not care about other
	  slots. In this mode application is not able to DFU its own update to secondary slot and
	  all updates need to be performed using MCUboot serial recovery.

config MCUBOOT_MODE_SWAP_USING_OFFSET
	bool "Swap using offset"
	help
	  MCUboot expects slot0_partition and slot1_partition to be present in DT and application
	  will boot from slot0_partition. MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected
	  in main application if MCUboot has been built with MCUBOOT_DOWNGRADE_PREVENTION.

config MCUBOOT_MODE_SWAP_USING_MOVE
	bool "Swap using move"
	help
	  MCUboot expects slot0_partition and slot1_partition to be present in DT and application
	  will boot from slot0_partition. MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected
	  in main application if MCUboot has been built with MCUBOOT_DOWNGRADE_PREVENTION.

config MCUBOOT_MODE_SWAP_SCRATCH
	bool "Swap using scratch"
	help
	  MCUboot expects slot0_partition, slot1_partition and scratch_partition to be present in
	  DT, and application will boot from slot0_partition. In this mode scratch_partition is
	  used as temporary storage when MCUboot swaps application from the secondary slot to the
	  primary slot.
	  MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected in main application if MCUboot
	  has been built with MCUBOOT_DOWNGRADE_PREVENTION.

config MCUBOOT_MODE_OVERWRITE_ONLY
	bool "Overwrite"
	help
	  MCUboot will take contents of secondary slot of an image and will overwrite primary slot
	  with it. In this mode it is not possible to revert back to previous version as it is not
	  stored in the secondary slot.
	  This mode supports MCUBOOT_BOOTLOADER_NO_DOWNGRADE which means that the overwrite will
	  not happen unless the version of secondary slot is higher than the version in primary
	  slot.

config MCUBOOT_MODE_DIRECT_XIP
	bool "DirectXIP"
	help
	  MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode MCUboot
	  can boot from either partition and will select one with higher application image version,
	  which usually means major.minor.patch triple, unless BOOT_VERSION_CMP_USE_BUILD_NUMBER is
	  also selected in MCUboot that enables comparison of build number.
	  This option automatically selects MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is not possible
	  to swap back to older version of application.

config MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT
	bool "DirectXIP with revert"
	help
	  MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode MCUboot
	  will boot the application with the higher version from either slot, as long as it has
	  been marked to be boot next time for test or permanently. In case when application is
	  marked for test it needs to confirm itself, on the first boot, or it will be removed and
	  MCUboot will revert to booting previously approved application.
	  This mode does not allow freely switching between application versions, as, once higher
	  version application is approved, it is not possible to select lower version for boot.
	  This mode selects MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is not possible to downgrade
	  running application, but note that MCUboot may do that if application with higher
	  version will not get confirmed.

config MCUBOOT_MODE_RAM_LOAD
	bool "RAM load"
	help
	  MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode, MCUboot
	  will select the image with the higher version number, copy it to RAM and begin execution
	  from there. The image must be linked to execute from RAM, the address that it is copied
	  to is specified using the load-addr argument when running imgtool.

	  Note: RAM must be assigned to the bootloader that is not used by the application in this
	  mode so that the bootloader is able to function until the application has booted.

config MCUBOOT_MODE_RAM_LOAD_WITH_REVERT
	bool "RAM load with revert"
	help
	  MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode, MCUboot
	  will select the image with the higher version number, copy it to RAM and begin execution
	  from there. MCUBoot will only boot an image if it has been marked to be boot next time
	  for test or permanently. In case when application is marked for test it needs to confirm
	  itself, on the first boot, or it will be removed and MCUboot will revert to booting
	  previously approved application. The image must be linked to execute from RAM, the address
	  that it is copied to is specified using the load-addr argument when running imgtool.

	  Note: RAM must be assigned to the bootloader that is not used by the application in this
	  mode so that the bootloader is able to function until the application has booted.

config MCUBOOT_MODE_FIRMWARE_UPDATER
	bool "Firmware updater"
	help
	  MCUboot will only boot slot0_partition for the main application but has an entrance
	  mechanism defined for entering the slot1_partition which is a dedicated firmware updater
	  application used to update the slot0_partition application.

config MCUBOOT_MODE_SINGLE_APP_RAM_LOAD
	bool "Single app RAM load mode"
	help
	  MCUboot can load the image to RAM from an arbitrary location. In this mode,
	  MCUboot will copy the image to RAM and begin execution from there. The image
	  must be linked to execute from RAM, the address that it is copied to is
	  specified using the load-addr argument when running imgtool.
	  Note that while not used directly, a slot0_partition must be defined in the
	  DT, as it is used to get information about size of the image to be loaded.
	  This option automatically selects MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is
	  not possible to swap back to older version of the application. In fact, none
	  of the swap operations are supported in this mode.

endchoice

config MCUBOOT_MODE_FIRMWARE_UPDATER_BOOT_MODE_ENTRANCE
	bool "Firmware updater retention boot mode entrance"
	depends on MCUBOOT_MODE_FIRMWARE_UPDATER
	help
	  Will enable retained memory, retention and the boot mode module in MCUboot and the main
	  application so that it can be used to force booting the firmware loader application
	  image. This needs the ``zephyr,boot-mode`` chosen node to be correctly configured.

config SIGNATURE_TYPE
	string
	default "NONE" if BOOT_SIGNATURE_TYPE_NONE
	default "RSA" if BOOT_SIGNATURE_TYPE_RSA
	default "ECDSA_P256" if BOOT_SIGNATURE_TYPE_ECDSA_P256
	default "ED25519" if BOOT_SIGNATURE_TYPE_ED25519

choice BOOT_SIGNATURE_TYPE
	prompt "Signature type"
	default BOOT_SIGNATURE_TYPE_RSA

config BOOT_SIGNATURE_TYPE_NONE
	bool "No signature; use only hash check"

config BOOT_SIGNATURE_TYPE_RSA
	bool "RSA signatures"

config BOOT_SIGNATURE_TYPE_ECDSA_P256
	bool "Elliptic curve digital signatures with curve P-256"

config BOOT_SIGNATURE_TYPE_ED25519
	bool "Edwards curve digital signatures using ed25519"

endchoice

config BOOT_SIGNATURE_KEY_FILE
	string "Signing PEM key file" if !BOOT_SIGNATURE_TYPE_NONE
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-ec-p256.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-ed25519.pem" if BOOT_SIGNATURE_TYPE_ED25519
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-rsa-2048.pem" if BOOT_SIGNATURE_TYPE_RSA
	default ""
	help
	  Absolute path to signing key file to use with MCUBoot.

config SUPPORT_BOOT_ENCRYPTION
	bool
	depends on !BOOT_SIGNATURE_TYPE_NONE && !MCUBOOT_MODE_DIRECT_XIP && !MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT && !MCUBOOT_MODE_FIRMWARE_UPDATER
	default y

config BOOT_ENCRYPTION
	bool "Encrypted image support"
	depends on SUPPORT_BOOT_ENCRYPTION
	help
	  Support encrypted images.

config BOOT_ENCRYPTION_KEY_FILE
	string "Encryption PEM key file"
	depends on BOOT_ENCRYPTION
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-ec256-priv.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-x25519-priv.pem" if BOOT_SIGNATURE_TYPE_ED25519
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-rsa2048-priv.pem" if BOOT_SIGNATURE_TYPE_RSA
	default ""
	help
	  Absolute path to encryption key file to use with MCUBoot.

if BOOT_ENCRYPTION

choice BOOT_ENCRYPTION_ALG
	prompt "Algorithm used for image encryption"
	default BOOT_ENCRYPTION_ALG_AES_128

config BOOT_ENCRYPTION_ALG_AES_128
	bool "Use AES-128 for image encryption"

config BOOT_ENCRYPTION_ALG_AES_256
	bool "Use AES-256 for image encryption"

endchoice # BOOT_ENCRYPTION_ALG

endif # BOOT_ENCRYPTION

endif
