Sachin Parekh
812a92c703
secure_boot: Added Kconfig option for aggressive key revoke
...
Applicable to S2, C3, and S3
2021-11-17 12:35:06 +05:30
KonstantinKondrashov
75e099129e
secure_boot_v2(doc): secure_boot_v2 key/s must be readable
2021-08-23 12:28:32 +05:00
Sachin Parekh
9f1854533e
doc/secure_boot_v2: Fix the steps mentioned for enabling secure boot
2021-07-30 19:16:46 +05:30
Angus Gratton
6507d1d892
secure boot doc: Clarify limits for verifying signed updates without secure boot
...
Closes https://github.com/espressif/esp-idf/issues/7080
2021-06-16 14:04:49 +10:00
Angus Gratton
6f3b1a0554
docs: split the 'general notes' page into two
2021-04-23 19:12:06 +10:00
KonstantinKondrashov
19b90e8ba9
docs: Adds secure_boot_v2 for ESP32-C3 ECO3
2021-04-08 14:35:35 +08:00
Jiang Jiang Jian
d4ac30a978
Merge branch 'fix/dont_disable_uart_dl_mode_by_default_v4.3' into 'release/v4.3'
...
bootloader/ ESP32_ECO3: Do not disable UART download mode by default (v4.3)
See merge request espressif/esp-idf!12907
2021-03-26 05:50:48 +00:00
KonstantinKondrashov
26d362040e
secure_boot/SIGNED_ON_UPDATE_NO_SECURE_BOOT: Only the first position of signature blocks is used to verify any update
2021-03-25 15:40:24 +08:00
Aditya Patwardhan
f6a794cf51
bootloader/ ESP32_ECO3: Do not disable UART download mode by default
2021-03-25 10:32:37 +05:30
Angus Gratton
802a01c0b7
docs: Add docs for Secure Boot V2 "verify on update without secure boot"
2021-03-17 17:08:59 +08:00
KonstantinKondrashov
ea2eb9d833
doc(esp32c3): Updates secure features doc
2021-02-25 21:08:55 +08:00
Marius Vikhammer
548fd02d10
docs: initial update of programming guide for C3
...
Updates "front page" content, get-started, and api-guides with C3 content
Enable building and publishing of C3 docs in CI
2021-02-01 15:40:02 +08:00
kirill.chalov
f634c59289
Add hypertargets to all TRM references
2021-01-26 05:51:52 +00:00
Angus Gratton
a7da0c894b
Merge branch 'feature/c3_master_flash_enc_support' into 'master'
...
flash encryption: merge C3 flash encryption changes to master
See merge request espressif/esp-idf!12040
2021-01-22 12:58:38 +08:00
KonstantinKondrashov
98f726fa4b
bootloader/esp32c3: Adds secure boot (not yet supported)
2021-01-19 20:51:13 +08:00
Marius Vikhammer
03fa63b0c9
bootloader: add flash encryption support for C3
...
Adds flash encryption support for C3 and updates docs for S2 & C3
2021-01-18 14:10:54 +08:00
KonstantinKondrashov
b19c4739c3
bootloader: Secure_boot name replaced by secure_boot_v1 & secure_boot_v2
...
- espefuse.py burn_key secure_boot is no longer used.
- Secure boot V1: espefuse.py burn_key secure_boot_v1 file.bin
- Secure boot V2: espefuse.py burn_key secure_boot_v2 file.bin
2020-10-15 16:48:23 +08:00
Supreet Deshpande
33979a9361
Docs: Secure boot v2 support for ESP32-S2
2020-07-27 00:01:10 +00:00
Angus Gratton
f64ae4fa99
efuse: Add 'disable Download Mode' & ESP32-S2 'Secure Download Mode' functionality
2020-05-28 17:50:45 +10:00
Marius Vikhammer
d193790f85
doc: update flash encryption with S2 specific content
2020-04-08 11:17:31 +08:00
Kirill Chalov
0cc9ffb8f7
Implement comments and add info on ESP32S2
2020-04-08 10:30:22 +08:00
Kirill Chalov
9ed60af1f2
Review security/flash-encryption.rst
2020-04-08 10:30:22 +08:00
Angus Gratton
4358f3b573
doc: Add warnings about using JTAG debugging with hardware security features
...
This is related to the following issues but is not a fix, just documentation of a workaround until we can
improve the support:
https://github.com/espressif/esp-idf/issues/4878
https://github.com/espressif/esp-idf/issues/4734
2020-04-01 17:36:08 +11:00
Angus Gratton
fe64ab6de0
docs: secure boot v2: Add a note about maximum bootloader size
2020-03-30 18:13:42 +11:00
Angus Gratton
142f69448f
secure boot v2: esp32: Prevent read disabling additional efuses
...
Also reduce the number of eFuse write cycles during first boot when
Secure Boot and/or Flash Encryption are enabled.
2020-03-30 18:00:40 +11:00
Supreet Deshpande
073ba0a608
feat/secure_boot_v2: Adding docs for secure boot v2 ESP32-ECO3
2020-02-25 01:28:22 +05:30
Marius Vikhammer
268816649c
Replace all TRM urls will generic template variable and remove duplicate sections
...
All references to TRM had the section duplicated for both targets using .. only:: , replaced these with a generic template url
2020-02-07 16:37:45 +11:00
Marius Vikhammer
9352899d69
doc: Update English pages with generic target name
2020-02-07 16:37:43 +11:00
Angus Gratton
6f2a00c425
doc: secure boot: Fix relative reference to key generation step
2020-01-07 06:14:03 +00:00
Angus Gratton
6bb09224b5
docs: Add note that flash encryption is required in OTA app updates
2019-12-03 15:03:46 +08:00
Hao Ning
9ecc34e086
add chinese translation into flash encryption
2019-10-22 19:37:28 +08:00
Angus Gratton
5c5770dddb
docs: Small cleanup of flash encryption docs
2019-09-10 11:28:11 +10:00
Angus Gratton
47bbb107a8
build system: Use CMake-based build system as default when describing commands
2019-07-08 17:31:27 +10:00
Hemal Gujarathi
a68c7c21e1
Improve flash encryption documentation and add Development & Release modes
...
This MR improves existing flash encryption document to provide simplified steps
Adds two new modes for user: Development & Release
Adds a simple example
Supports encrypted write through make command
2019-06-25 23:41:18 +00:00
Roland Dobai
1ad2283641
Rename Kconfig options (components/bootloader)
2019-05-21 09:32:55 +02:00
Angus Gratton
4b4cd7fb51
efuse/flash encryption: Reduce FLASH_CRYPT_CNT to a 7 bit efuse field
...
8th bit is not used by hardware.
As reported https://esp32.com/viewtopic.php?f=2&t=7800&p=40895#p40894
2019-04-03 14:07:20 +11:00
Angus Gratton
a2d0fbb9ab
docs: flash encryption: Fix description of behaviour when all bits of FLASH_CRYPT_CNT are set
...
Correct behaviour is described in section 25.3.3 Flash Decryption Block of the ESP32 TRM
2018-12-05 11:15:00 +11:00
Angus Gratton
ac1d1aa3c8
doc: secure boot: Explain output of digest_secure_bootloader command
...
Mentioned on forum https://esp32.com/viewtopic.php?f=13&t=8162&start=10#p34714
2018-12-04 12:34:59 +11:00
Angus Gratton
b45b0f2348
doc: security: Use less ambiguous language about using bot flash encryption & secure boot together
2018-12-04 12:34:38 +11:00
Angus Gratton
f53fef9936
Secure Boot & Flash encryption: Support 3/4 Coding Scheme
...
Includes esptool update to v2.6-beta1
2018-10-16 16:24:10 +11:00
Sagar Bijwe
454b69d2ea
nvs_flash: Update documentation at different places to indicate NVS encryotion is supported
2018-10-05 14:05:21 +05:30
Angus Gratton
8721173109
doc: Replace :envvar: config links with :ref:
2018-09-19 17:27:48 +10:00
Jitin George
458b167f1a
docs/en/security: Add documentation for signed apps without hardware secure boot feature
2018-08-29 17:05:34 +08:00
Sagar Bijwe
b27773e87c
docs: Added more wordings to capture secure boot and flash encryption dependency.
2018-08-14 11:27:29 +05:30
Angus Gratton
f2a3429812
partition table: Document 'flags' properly
2018-08-01 19:23:38 +10:00
Angus Gratton
cee6d7d5a9
docs: Add more ReST-isms in secure boot & flash encryption docs
...
(Original version of these docs were in Markdown.)
2018-07-16 11:52:52 +10:00
Angus Gratton
6a498bfe2b
docs: Add note about bootloader size for flash encryption & secure boot
2018-07-16 11:52:52 +10:00
Angus Gratton
8b5a2ccb8d
docs: Update Flash Encryption docs to clarify reflashing options
2018-07-13 16:18:07 +10:00
Mahavir Jain
6e48e52478
docs: fix flash_encryption key generation command
...
Signed-off-by: Mahavir Jain <mahavir@espressif.com>
2018-06-06 18:21:00 +05:30
Hrishikesh Dhayagude
d530036ad1
Fix few typos in the docs
...
Signed-off-by: Hrishikesh Dhayagude <hrishi@espressif.com>
2018-05-03 18:20:16 +05:30