No Rust Embedded Secure Bootloaders?

I'm working on an embedded Rust project and was hoping to implement a secure bootloader, specifically WolfBoot from WolfSSL. I've found out that WolfBoot, written in C, will need a rust wrapper of some sort to work. I've read over this page https://rust-embedded.github.io/book/interoperability/c-with-rust.html on wrappers, but I'm not sure how involved this would get as I have never done this before. I have not found any other bootloaders that works with rust, and to raise the stakes even higher, I'm on RISC-V, which wolfBoot does support. Any suggestions/advice is appreciated.

I'm not aware of any pure-Rust bootloaders that are production ready, currently. There has been some talk of adopting Rust in at least one existing one, but it's still very much a "maybe" stage.

We'll see how things develop. Lots of things going on here.

1 Like

are you aware of any prototype versions that is available for testing?
EDIT
looks like my best bet is to try to use WolfBoot with wrappers, and maybe use bindgen

No, but if you want to look into it, Linaro posted a video about a month ago about how MCUBoot is using it in their test infra, but not the boot loader itself for now.

1 Like

Why do you think you have to cree a wrapper? In my understanding wolfboot is just linked to the binary together with a signature of the binary.

In my opinion you just have to ensure that the entry point is at the start address of your primary partition.

Well, there are some APIs that are used to trigger firmware updates etc. I asked wolfBoot if I needed wrappers or not and the reply was.

Thank you so much for reaching out to wolfSSL support. We have internally been discussing a RUST wrapper and how to go about it (either a PURE-C rust binding or a non-pure-c rust binding). Unfortunately we have only notes on paper at this point and no code has been started for that effort yet.

If you know of any interested parties that would want to partner with us on the implementation be sure to let them know we're discussing it internally. Additionally our team would note that if someone completes something before we do we'll gladly review and consider accepting a contribution that adds a rust wrapper to the wolfSSL sources.

I'm not interested in triggering firmware updates at this time, so if I could use my rust app without wrappers, I would be all for it at this point. I've never done this so I'm a little bit lost.

Which MCU do you use?

I'm on the HiFive1 RevB