How to validate integrity of a singed+encrypted image before rebooting?

[rretanubun]

Hello
I am referencing these docs and have a question on image integrity check before rebooting.

• https://docs.mcuboot.com/design.html
• https://docs.mcuboot.com/encrypted_images.html

For unencrypted image

I am able to take a binary with MCUBoot information added via imgtool and if I trim the binary to just these sections
(as shown by imgtool dumpinfo)

#### Image header (offset: 0x0) ############################
magic:              0x96f3b83d
load_addr:          0x0
hdr_size:           0x80
protected_tlv_size: 0x66
img_size:           0x77db8
flags:              0x0
version:            0.2.0+0
############################################################
#### Payload (offset: 0x80) ################################
|                                                          |
|              FW image (size: 0x77db8 Bytes)              |
|                                                          |
############################################################
#### Protected TLV area (offset: 0x77e38) ##################
magic:     0x6908
area size: 0x66
        ---------------------------------------------
        type: BOOT_RECORD (0x60)
        len:  0x5e
        data: <snip>
############################################################

I am able to compute the sha256 sum that matches the data in TLV type IMAGE_TLV_SHA256 (0x10).

For encrypted image

ref: https://docs.mcuboot.com/encrypted_images.html#design

When encrypting an image, only the payload (FW) is encrypted. The header, TLVs are still sent as plain data.

Hashing and signing also remain functionally the same way as before, applied over the un-encrypted data. Validation on encrypted images, checks that the encrypted flag is set and TLV data is OK, then it decrypts each image block before sending the data to the hash routines.

So an encrypted image need to be decrypted first and then have its SHA256 computed and compared
to the over in the TLV, over the same region of data, correct?

Question

• If my understanding is correct, is there an additional TLV that can be used to validate that the encrypted FW Image is sent over correctly?
  For example, when using FOTA based transfer, it is advantageous to be able to validate the encrypted image as received before rebooting.
  Maybe a IMAGE_TLV_SHA256_ENCRYPTED TLV Type? /* SHA256 of image ihdr + encrypted-body */
• Is there a different mechanism that I am missing to validate the integrity of an encrypted image before reboot?

Thanks for everyone's time