eaw/esp-idf
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,020 Commits 16 Branches 99 Tags
ef88625583eabf332ded98bbd282e680cb65e151
Commit Graph

9 Commits

Author SHA1 Message Date
Mahavir Jain
2a885ae694 secure_boot_v2: fix issue in pre-flashed digest (manual) workflow 
This commit fixes issue where empty (unprogrammed) digest slot out of
multiple supported (e.g. 3 for ESP32-C3) could cause issue in
workflow enablement process.

Notes:

1. This issue was applicable for chips supporting "secure-boot-v2"
scheme with multiple digests slots
2. This issue was affecting only manual workflow, where digest of
public was pre-flashed in efuse
3. Change in "flash_encrypt.c" is only for additional safety purpose
 2021-11-02 15:26:24 +08:00
Sachin Parekh
724fdbc9f1 secure_boot: Do not allow key revocation in bootloader 2021-10-22 12:20:14 +05:30
Angus Gratton
e3ca61a200 secure boot: Fix incorrect handling of mbedtls_ctr_drbg_seed() failure in signature verification 
Increase the test app optimization level to one that would find this issue.
 2021-07-08 19:17:04 +10:00
Konstantin Kondrashov
f339b3fc96 efuse(esp32): Deprecate esp_efuse_burn_new_values() & esp_efuse_write_random_key() 
These functions were used only for esp32 in secure_boot and flash encryption.
Use idf efuse APIs instead of efuse regs.
 2021-06-17 07:21:36 +08:00
Jan Brudný
a2686dc4eb bootloader: update copyright notice 2021-05-10 04:58:34 +02:00
KonstantinKondrashov
7f40717eb2 secure_boot/SIGNED_ON_UPDATE_NO_SECURE_BOOT: Only the first position of signature blocks is used to verify any update 2021-03-25 12:27:05 +00:00
Angus Gratton
6a29b45bd4 secure boot v2: Fix issue checking multiple signature blocks on OTA update 2021-03-15 12:30:20 +00:00
Angus Gratton
d709631393 secure boot: Add boot check for SBV2 "check app signature on update" 
As this mode uses the public keys attached to the existing app's signatures to
verify the next app, checking that a signature block is found on boot prevents
the possibility of deploying a non-updatable device from the factory.
 2021-03-15 12:30:20 +00:00
KonstantinKondrashov
95564b4687 secure_boot: Secure Boot V2 verify app signature on update (without Secure boot) 
- ESP32 ECO3, ESP32-S2/C3/S3
 2021-03-15 12:30:20 +00:00