Merge branch 'bugfix/fix_condition_to_verify_when_no_SB_v5.1' into 'release/v5.1'

fix(bootloader_support): Fix condition for checking signature in the application (v5.1) See merge request espressif/esp-idf!26225
2024-10-05 20:47:46 -04:00 · 2023-09-27 17:20:50 +08:00 · 2023-09-27 17:20:50 +08:00 · fd7f8ee8f9
commit fd7f8ee8f9
parent 86808a09f7 a4c13f156e
2 changed files with 7 additions and 9 deletions
--- a/components/bootloader/Kconfig.projbuild
+++ b/components/bootloader/Kconfig.projbuild
@ -704,14 +704,12 @@ menu "Security features"

    config SECURE_BOOT_VERIFICATION_KEY
        string "Secure boot public signature verification key"
-        depends on SECURE_SIGNED_APPS && !SECURE_BOOT_BUILD_SIGNED_BINARIES && !SECURE_SIGNED_APPS_RSA_SCHEME
+        depends on SECURE_SIGNED_APPS && SECURE_SIGNED_APPS_ECDSA_SCHEME && !SECURE_BOOT_BUILD_SIGNED_BINARIES
        default "signature_verification_key.bin"
        help
            Path to a public key file used to verify signed images.
            Secure Boot V1: This ECDSA public key is compiled into the bootloader and/or
            app, to verify app images.
-            Secure Boot V2: This RSA public key is compiled into the signature block at
-            the end of the bootloader/app.

            Key file is in raw binary format, and can be extracted from a
            PEM formatted private key using the espsecure.py
--- a/components/bootloader_support/src/secure_boot.c
+++ b/components/bootloader_support/src/secure_boot.c
@ -144,9 +144,9 @@ static esp_err_t secure_boot_v2_check(bool *need_fix)
 #endif
 #endif // CONFIG_SECURE_BOOT

-#if CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
+#if (CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME || CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME) && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT

-static void rsa_check_signature_on_update_check(void)
+static void check_signature_on_update_check(void)
 {
    // We rely on the keys used to sign this app to verify the next app on OTA, so make sure there is at
    // least one to avoid a stuck firmware
@ -164,7 +164,7 @@ static void rsa_check_signature_on_update_check(void)
    }
 #endif
 }
-#endif // CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
+#endif // (CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME || CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME) && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT

 void esp_secure_boot_init_checks(void)
 {
@ -184,9 +184,9 @@ void esp_secure_boot_init_checks(void)
 #endif // CONFIG_SECURE_BOOT


-#if CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
-    rsa_check_signature_on_update_check();
-#endif // CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
+#if (CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME || CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME) && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
+    check_signature_on_update_check();
+#endif // (CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME || CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME) && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT

 }