I would prefer a better technique using proper crypto.
The bootloader embeds an RSA-4096 public key that you have the private key of. After writing the firmware image to the flash, the SHA-256 hash of the image is calculated. An RSA-encrypted signature is then received, decrypted using the embedded public key, and compared against the calculated hash. If the hashes agree the image is accepted.
To guard against incomplete uploads and TOCTTOU vulnerabilities, the Reset vector and initial stack pointer is not written to the Flash before the entire image is verified. Instead the entry point and stack pointer of the bootloader is written there.
RSA-4096 and SHA-512 are both strong crypto. Unless either someone got big enough a quantum computer, got way too much CPU cycles, or hacked your computer holding the private key, your bootloader won't accept anything that is not cryptographically signed by you. And if you managed to prevent your bootloader from being bypassed, you can use it as a root of trust, and your microcontroller won't be running a single instruction that is not signed by you.