esp-idf/components/bootloader_support/private_include/bootloader_signature.h

/*
 * SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
#pragma once

#include "sdkconfig.h"
#include <esp_err.h>
#include <stdint.h>

#if CONFIG_IDF_TARGET_ESP32
#include "esp32/rom/secure_boot.h"
#elif CONFIG_IDF_TARGET_ESP32S2
#include "esp32s2/rom/secure_boot.h"
#elif CONFIG_IDF_TARGET_ESP32C3
#include "esp32c3/rom/secure_boot.h"
#elif CONFIG_IDF_TARGET_ESP32S3
#include "esp32s3/rom/secure_boot.h"
#elif CONFIG_IDF_TARGET_ESP32C2
#include "esp32c2/rom/secure_boot.h"
#elif CONFIG_IDF_TARGET_ESP32C6
#include "esp32c6/rom/secure_boot.h"
#elif CONFIG_IDF_TARGET_ESP32H2
#include "esp32h2/rom/secure_boot.h"
#elif CONFIG_IDF_TARGET_ESP32P4
#include "esp32p4/rom/secure_boot.h"
#endif

#if !CONFIG_IDF_TARGET_ESP32 || CONFIG_ESP32_REV_MIN_FULL >= 300

#if CONFIG_SECURE_BOOT_V2_ENABLED || CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT

/** @brief Verify the secure boot signature block for Secure Boot V2.
 *
 *  Performs RSA-PSS or ECDSA verification of the SHA-256 image based on the public key
 *  in the signature block, compared against the public key digest stored in efuse.
 *
 * Similar to esp_secure_boot_verify_signature(), but can be used when the digest is precalculated.
 * @param sig_block Pointer to signature block data
 * @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.
 * @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)
 *
 */
esp_err_t esp_secure_boot_verify_sbv2_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest);

/** @brief Legacy function to verify RSA secure boot signature block for Secure Boot V2.
 *
 * @note This is kept for backward compatibility. It internally calls esp_secure_boot_verify_sbv2_signature_block.
 *
 * @param sig_block Pointer to RSA signature block data
 * @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.
 * @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)
 *
 */
esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest);

#endif /* CONFIG_SECURE_BOOT_V2_ENABLED || CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT */

#endif
refactor (bootloader_support, efuse)!: remove target-specific rom includes The following two functions in bootloader_support are private now: * esp_secure_boot_verify_sbv2_signature_block() * esp_secure_boot_verify_rsa_signature_block() They have been moved into private header files inside bootloader_private/ * Removed bootloader_reset_reason.h and bootloader_common_get_reset_reason() completely. Alternative in ROM component is available. * made esp_efuse.h independent of target-specific rom header 2022-05-23 00:36:02 -04:00			`/*`
esp32c6: Enable ECDSA based secure boot - Updated documentation for C6 2023-01-09 12:02:19 -05:00			`* SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD`
refactor (bootloader_support, efuse)!: remove target-specific rom includes The following two functions in bootloader_support are private now: * esp_secure_boot_verify_sbv2_signature_block() * esp_secure_boot_verify_rsa_signature_block() They have been moved into private header files inside bootloader_private/ * Removed bootloader_reset_reason.h and bootloader_common_get_reset_reason() completely. Alternative in ROM component is available. * made esp_efuse.h independent of target-specific rom header 2022-05-23 00:36:02 -04:00			`*`
			`* SPDX-License-Identifier: Apache-2.0`
			`*/`
			`#pragma once`

			`#include "sdkconfig.h"`
			`#include <esp_err.h>`
			`#include <stdint.h>`

			`#if CONFIG_IDF_TARGET_ESP32`
			`#include "esp32/rom/secure_boot.h"`
			`#elif CONFIG_IDF_TARGET_ESP32S2`
			`#include "esp32s2/rom/secure_boot.h"`
			`#elif CONFIG_IDF_TARGET_ESP32C3`
			`#include "esp32c3/rom/secure_boot.h"`
			`#elif CONFIG_IDF_TARGET_ESP32S3`
			`#include "esp32s3/rom/secure_boot.h"`
			`#elif CONFIG_IDF_TARGET_ESP32C2`
			`#include "esp32c2/rom/secure_boot.h"`
esp32c6: add bootloader support 2022-07-08 04:46:11 -04:00			`#elif CONFIG_IDF_TARGET_ESP32C6`
			`#include "esp32c6/rom/secure_boot.h"`
ESP32H2: Introduce new chip target esp32h2, hello_world example supported 2022-12-28 22:01:13 -05:00			`#elif CONFIG_IDF_TARGET_ESP32H2`
			`#include "esp32h2/rom/secure_boot.h"`
feat(esp32p4): introduced new target esp32p4, supported hello_world 2023-07-27 03:10:50 -04:00			`#elif CONFIG_IDF_TARGET_ESP32P4`
			`#include "esp32p4/rom/secure_boot.h"`
refactor (bootloader_support, efuse)!: remove target-specific rom includes The following two functions in bootloader_support are private now: * esp_secure_boot_verify_sbv2_signature_block() * esp_secure_boot_verify_rsa_signature_block() They have been moved into private header files inside bootloader_private/ * Removed bootloader_reset_reason.h and bootloader_common_get_reset_reason() completely. Alternative in ROM component is available. * made esp_efuse.h independent of target-specific rom header 2022-05-23 00:36:02 -04:00			`#endif`

all: Apply new version logic (major * 100 + minor) 2022-03-17 09:58:15 -04:00			`#if !CONFIG_IDF_TARGET_ESP32 \|\| CONFIG_ESP32_REV_MIN_FULL >= 300`
refactor (bootloader_support, efuse)!: remove target-specific rom includes The following two functions in bootloader_support are private now: * esp_secure_boot_verify_sbv2_signature_block() * esp_secure_boot_verify_rsa_signature_block() They have been moved into private header files inside bootloader_private/ * Removed bootloader_reset_reason.h and bootloader_common_get_reset_reason() completely. Alternative in ROM component is available. * made esp_efuse.h independent of target-specific rom header 2022-05-23 00:36:02 -04:00
esp32c6: Enable ECDSA based secure boot - Updated documentation for C6 2023-01-09 12:02:19 -05:00			`#if CONFIG_SECURE_BOOT_V2_ENABLED \|\| CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT`

refactor (bootloader_support, efuse)!: remove target-specific rom includes The following two functions in bootloader_support are private now: * esp_secure_boot_verify_sbv2_signature_block() * esp_secure_boot_verify_rsa_signature_block() They have been moved into private header files inside bootloader_private/ * Removed bootloader_reset_reason.h and bootloader_common_get_reset_reason() completely. Alternative in ROM component is available. * made esp_efuse.h independent of target-specific rom header 2022-05-23 00:36:02 -04:00			`/** @brief Verify the secure boot signature block for Secure Boot V2.`
			`*`
			`* Performs RSA-PSS or ECDSA verification of the SHA-256 image based on the public key`
			`* in the signature block, compared against the public key digest stored in efuse.`
			`*`
			`* Similar to esp_secure_boot_verify_signature(), but can be used when the digest is precalculated.`
			`* @param sig_block Pointer to signature block data`
			`* @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.`
			`* @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)`
			`*`
			`*/`
			`esp_err_t esp_secure_boot_verify_sbv2_signature_block(const ets_secure_boot_signature_t sig_block, const uint8_t image_digest, uint8_t *verified_digest);`

			`/** @brief Legacy function to verify RSA secure boot signature block for Secure Boot V2.`
			`*`
			`* @note This is kept for backward compatibility. It internally calls esp_secure_boot_verify_sbv2_signature_block.`
			`*`
			`* @param sig_block Pointer to RSA signature block data`
			`* @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.`
			`* @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)`
			`*`
			`*/`
			`esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signature_t sig_block, const uint8_t image_digest, uint8_t *verified_digest);`

esp32c6: Enable ECDSA based secure boot - Updated documentation for C6 2023-01-09 12:02:19 -05:00			`#endif /* CONFIG_SECURE_BOOT_V2_ENABLED \|\| CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT */`

refactor (bootloader_support, efuse)!: remove target-specific rom includes The following two functions in bootloader_support are private now: * esp_secure_boot_verify_sbv2_signature_block() * esp_secure_boot_verify_rsa_signature_block() They have been moved into private header files inside bootloader_private/ * Removed bootloader_reset_reason.h and bootloader_common_get_reset_reason() completely. Alternative in ROM component is available. * made esp_efuse.h independent of target-specific rom header 2022-05-23 00:36:02 -04:00			`#endif`