Mahavir Jain
2882b6f68b
docs: add ECDSA peripheral chapter for H2/P4
...
- Add ECDSA peripheral chapter and instructions to program efuse key block
- Update security guide for ECDSA peripheral mention for device identity
- Link with ESP-TLS guide about using ECDSA peripheral in TLS connection
2023-11-17 07:13:53 +00:00
Mahavir Jain
b4f6edecbc
fix(docs): correct the target specific macros for secure boot v2 guide
...
It appears that target specific or'ing is not supported through the
docs build. Actual text rendering on the docs site was still using
"default" field from the custom macro, rather than using target
specific.
2023-11-15 15:34:12 +05:30
walerii
478879ab0d
Update host-based-security-workflows.rst
...
Fixed typos in the code examples which caused troubles when trying to follow the secure boot workflow and improved the grammar.
Closes https://github.com/espressif/esp-idf/pull/12262
2023-10-17 14:27:30 +05:30
Mahavir Jain
eea2536dc4
Merge branch 'feature/conservative_key_revocation_in_secure_boot_v2' into 'master'
...
feat: Add API to verify the bootloader and application image before revoking...
Closes IDF-7078
See merge request espressif/esp-idf!24572
2023-10-16 12:42:49 +08:00
Mahavir Jain
1501aef1b3
Merge branch 'feature/enable_secure_boot_esp32p4' into 'master'
...
feat(secure_boot): add secure boot support for esp32p4
Closes IDF-7544 and IDF-7745
See merge request espressif/esp-idf!26335
2023-10-16 11:07:14 +08:00
harshal.patil
6cf9cc2c9b
docs(secure_boot_v1): add missing digest byte swap information
...
- In the secure bootloader digest algorithm section, the final
four byte word byte-swap information was not mentioned.
2023-10-12 17:35:10 +05:30
Harshit Malpani
1df186d4e1
feat: Add API to verify the bootloader and app image
...
Added an API to verify the bootloader and app image before revoking the key in Secure Boot V2.
This will help in preventing the device to be bricked if the bootloader/application cannot be
verified by any other keys in efuse
2023-10-12 14:53:57 +05:30
harshal.patil
f46a93e565
feat(secure_boot): add secure boot support for esp32p4
2023-10-12 10:12:54 +05:30
renpeiying
6fba4113cc
docs: Update Chinese translation for security/flash-encryption.rst and index.rst
2023-10-09 14:31:07 +08:00
KonstantinKondrashov
3b440adfab
fix(doc): Fix incorrect description for xts_key_length_256 efuse
2023-08-31 04:06:47 +08:00
Mahavir Jain
77fb44a489
Merge branch 'fix/fix_host_based_security_workflow_documentation' into 'master'
...
fix(security): Fixed the host-based security workflows
See merge request espressif/esp-idf!25460
2023-08-23 23:25:58 +08:00
Cai Xin Ying
bcb87c4b8f
docs: update format issues for both EN and CN under security and contribute folder
2023-08-22 23:59:44 +08:00
Aditya Patwardhan
388a61c7b7
fix(security): Fixed the host-based security workflows
2023-08-22 15:05:14 +05:30
Marius Vikhammer
27baef2424
docs(esp32p4): added building docs for ESP32-P4
2023-08-16 10:13:47 +08:00
Aditya Patwardhan
083e943704
docs(security): Added host based workflow to enable secure boot externally
...
* Styling changes for the host-based workflow document
* Fix formatting for the document for host based security wofkflows
2023-07-19 10:11:30 +05:30
Wang Zi Yan
3e4152cdcf
docs: Update CN for nvs_flash.rst and flash-encryption.rst
2023-07-14 04:05:53 +00:00
Doc-intern2
37af2b7a22
Docs: add CN translation for security/security.rst
2023-07-07 17:16:37 +08:00
Aditya Patwardhan
d9b66226cd
docs/security: Separate documents under different subsection
2023-06-23 08:15:13 +05:30
Aditya Patwardhan
2a4fddb48b
docs/Security:Add references to second stage bootloader to avoid confusion bettwen
...
bootloader and 2nd stage bootloader
2023-06-22 17:18:08 +05:30
Aditya Patwardhan
253d80f560
docs/security: Move security related docs in a separate section
2023-06-17 10:04:01 +05:30
Aditya Patwardhan
b078541ca5
docs/Flash encryption: Add encrypted partitions section
2023-06-17 10:04:01 +05:30
Aditya Patwardhan
6d4a116625
docs: Added documentation about enabling the Security Features
...
externally with help of espefuse tool
flash_encryption_doc: Fix the document to also inform users about what
happens in case of host generated private key in the Flash encryption process
2023-06-17 10:04:01 +05:30
Mahavir Jain
1696be719c
crypto: add support for DPA protection configuration in C6/H2
...
- Technical details covered in section "15.3.2 Anti-DPA Attack Security
Control" chapter of the ESP32-C6 TRM
- Default configuration sets the security level low for the DPA
protection
- This change applies to all the crypto peripherals where the clock
frequency is dynamically adjusted to create randomness in the power
consumption trajectory
- This configuration helps to make the SCA attacks difficult on the
crypto peripherals
2023-06-08 11:09:23 +05:30
KonstantinKondrashov
56b966829d
docs: update CN trans for flash-encryption
2023-05-26 16:06:49 +08:00
Laukik Hase
a06118012e
docs: Update nvs_flash
docs for the HMAC-based NVS encr-keys protection scheme
...
- Also updated the `nvs_partition_generator` and `mass_mfg` tools
documentation
2023-05-23 13:55:57 +05:30
Linda
65ee4992ce
docs: update the algorithm and key name from AES-XTS to XTS-AES
2023-05-15 17:54:50 +08:00
Mahavir Jain
a88130a71e
docs: add flash enc process logs for ESP32-H2 and ESP32-C6
2023-03-27 22:27:09 +05:30
Mahavir Jain
11e034b387
docs: add ESP32-H2 secure boot guide
...
Close IDF-6681
2023-03-06 16:58:08 +05:30
Aditya Patwardhan
7b40852d2f
docs/flash_encryption: Update docs for esp32h2 target
2023-02-24 15:21:51 +05:30
Sachin Parekh
2bb9499a7e
esp32c6: Enable ECDSA based secure boot
...
- Updated documentation for C6
2023-02-13 13:02:11 +05:30
Mahavir Jain
02fb6fab09
docs: secure-boot-v2: add a section about secure padding
2023-02-08 12:01:52 +05:30
harshal.patil
3c0778a069
docs: refactored Secure Boot V2 documentation
...
- Added "Signing using pre-calculate signatures" section
- Refactored "Signing using an external HSM" section
2023-02-08 12:01:47 +05:30
Aditya Patwardhan
b06a029677
esp32c6: update documentation for flash encryption
2023-02-03 16:01:06 +05:30
Marius Vikhammer
7100b7d1ff
docs: add support for building H2 docs
2023-01-17 10:04:26 +08:00
mofeifei
3bdad0032e
docs: update cn trans for flash-encryptions
2023-01-03 19:32:41 +08:00
Zhang Xiao Yan
ae639f68a6
Merge branch 'docs/update_USB-OTG_ESP32S2_ESP32S3' into 'master'
...
updated USB_OTG in dfu.rst, usb_device.rst and secure-boot-v2.rst
Closes DOC-3565
See merge request espressif/esp-idf!20144
2022-12-27 14:38:51 +08:00
Mahavir Jain
5b6cc09dce
docs: remove mention of DIS_BOOT_REMAP for chips other than ESP32-S2
...
Relevant: https://esp32.com/viewtopic.php?f=13&t=31188
2022-12-21 14:16:50 +05:30
Mahavir Jain
371a6abdca
Merge branch 'docs/support_for_pre_calculated_signatures' into 'master'
...
docs: Added documetation for using pre-calculated signatures
See merge request espressif/esp-idf!21377
2022-12-20 14:03:04 +08:00
Mahavir Jain
46588e7126
docs: security: enable memory protection section for ESP32-C2/ESP32-C6
2022-12-14 10:03:47 +05:30
Mahavir Jain
188017d6b1
docs: Fix Secure DL mode documentation about flash read being unsupported
...
Simple flash read command is not supported if Secure DL mode is enabled on the target.
Remove reference of this from the relevant docs part.
Related: https://github.com/espressif/esptool/issues/810
Related: ESPTOOL-567
Closes IDF-6468
2022-12-14 10:03:46 +05:30
harshal.patil
54d6ab2044
docs: Added documentation for using pre-calculated signatures
...
to generate secure boot enabled binaries.
2022-12-06 10:23:45 +05:30
harshal.patil
6809eaf375
docs: fix secure boot "Remote Signing of Images" section command
2022-12-01 18:03:44 +05:30
Linda
9c0d573eae
updated USB_OTG in dfu.rst, usb_device.rst and secure-boot-v2.rst
2022-11-29 10:08:59 +08:00
Mahavir Jain
11f2683c27
docs: add chapter about overall "security" area guide
...
List down considerations for the following areas:
- Hardware security
- Network security
- Product security
Also added brief explanation about "Security Policy" for ESP-IDF.
Closes IDF-1565
2022-11-25 03:17:05 +00:00
Marius Vikhammer
ca4ad3ce7c
docs: add support for building C6 docs
2022-10-13 04:39:16 +00:00
Mahavir Jain
e40d733d5a
secure-boot-v2: fix minor typo (s/MFG1/MGF1)
2022-08-23 16:37:14 +05:30
Wang Fang
83a0cd33ce
docs: updated documents related to wakeup source, ulp, flash-encryption and memory types
2022-07-25 10:57:40 +08:00
Linda
3d5f2fbafc
docs:updates based on feedbacks
2022-07-22 15:58:09 +08:00
Shang Zhou
7f8fae8548
docs: update CN translation for flash_encryption
2022-07-08 11:15:57 +08:00
Mahavir Jain
26514959dd
docs: secure-boot-v2: remove incorrect note about bootloader re-flash
...
In secure-boot-v2 scheme, one can always regenerate signature using
secure boot signing key and re-flash either bootloader or application.
2022-06-27 14:24:42 +05:30