mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
32 lines
1.1 KiB
Plaintext
32 lines
1.1 KiB
Plaintext
|
# This example uses an extra partition to demonstrate encrypted/non-encrypted reads/writes.
|
||
|
|
CONFIG_PARTITION_TABLE_CUSTOM=y
|
||
|
|
CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
|
||
|
|
CONFIG_PARTITION_TABLE_FILENAME="partitions.csv"
|
||
|
|
CONFIG_PARTITION_TABLE_OFFSET=0xD000
|
||
|
|
|
||
|
|
# Secure Boot V2
|
||
|
|
CONFIG_SECURE_SIGNED_ON_BOOT=y
|
||
|
|
CONFIG_SECURE_SIGNED_ON_UPDATE=y
|
||
|
|
CONFIG_SECURE_SIGNED_APPS=y
|
||
|
|
CONFIG_SECURE_BOOT_V2_RSA_ENABLED=y
|
||
|
|
CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME=y
|
||
|
|
CONFIG_SECURE_BOOT=y
|
||
|
|
CONFIG_SECURE_BOOT_V2_ENABLED=y
|
||
|
|
CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=y
|
||
|
|
CONFIG_SECURE_BOOT_SIGNING_KEY="secure_boot_signing_key.pem"
|
||
|
|
|
||
|
|
CONFIG_SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT=y
|
||
|
|
|
||
|
|
# Please note that this does not make the device insecure as JTAG shall be soft disabled with instructions from README along
|
||
|
|
|
||
|
|
CONFIG_SECURE_BOOT_INSECURE=y
|
||
|
|
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
|
||
|
|
|
||
|
|
# Flash Encryption
|
||
|
|
CONFIG_SECURE_FLASH_ENC_ENABLED=y
|
||
|
|
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE=y
|
||
|
|
CONFIG_SECURE_FLASH_ENCRYPT_ONLY_IMAGE_LEN_IN_APP_PART=y
|
||
|
|
CONFIG_SECURE_FLASH_CHECK_ENC_EN_IN_APP=y
|
||
|
|
CONFIG_SECURE_ROM_DL_MODE_ENABLED=y
|
||
|
|
CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE=y
|