alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'bugfix/secure_ota_without_padding_v5.0' into 'release/v5.0'

Browse Source 
fix(secure_ota): secure app verification issue without padding bytes (v5.0)

See merge request espressif/esp-idf!25213
This commit is contained in:
Jiang Jiang Jian 2023-08-21 10:42:05 +08:00
commit f9816801a9
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
components/bootloader_support/src/esp_image_format.c
View File

@ -860,7 +860,7 @@ static esp_err_t verify_secure_boot_signature(bootloader_sha256_handle_t sha_han
bootloader_munmap(simple_hash); bootloader_munmap(simple_hash);
} }
#if CONFIG_SECURE_BOOT_V2_ENABLED #if CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME || CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME
// End of the image needs to be padded all the way to a 4KB boundary, after the simple hash // End of the image needs to be padded all the way to a 4KB boundary, after the simple hash
// (for apps they are usually already padded due to --secure-pad-v2, only a problem if this option was not used.) // (for apps they are usually already padded due to --secure-pad-v2, only a problem if this option was not used.)
uint32_t padded_end = ALIGN_UP(end, FLASH_SECTOR_SIZE); uint32_t padded_end = ALIGN_UP(end, FLASH_SECTOR_SIZE);
@ -870,7 +870,7 @@ static esp_err_t verify_secure_boot_signature(bootloader_sha256_handle_t sha_han
bootloader_munmap(padding); bootloader_munmap(padding);
end = padded_end; end = padded_end;
} }
#endif #endif // CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME || CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME
bootloader_sha256_finish(sha_handle, image_digest); bootloader_sha256_finish(sha_handle, image_digest);