Commit Graph

15 Commits

Author SHA1 Message Date
Angus Gratton
98b42a8b71 Merge branch 'bugfix/disable_coding_scheme_security_features' into 'master'
bootloader: Don't enable secure boot or flash encryption for 3/4 Coding Scheme

See merge request idf/esp-idf!3369
2018-10-02 07:54:11 +08:00
Angus Gratton
ff33406e74 bootloader: Don't enable secure boot or flash encryption for 3/4 Coding Scheme 2018-09-26 18:26:06 +10:00
Sagar Bijwe
48fccbf5dd nvs_flash: Add support for nvs encryption 2018-09-24 11:25:21 +05:30
Konstantin Kondrashov
9c715d7946 bootloader_support: Fix enable rtc_wdt for resolve issue with varying supply
Eliminates the issue with the lock up in the bootloader due to a power drawdown during its operation.

Closes https://github.com/espressif/esp-idf/issues/1814
2018-09-03 05:43:01 +00:00
Jiang Jiang Jian
98eaa5c2ec Merge branch 'docs/security' into 'master'
docs: Added more wordings to capture secure boot and flash encryption dependency.

See merge request idf/esp-idf!2947
2018-08-16 19:31:36 +08:00
Sagar Bijwe
b27773e87c docs: Added more wordings to capture secure boot and flash encryption dependency. 2018-08-14 11:27:29 +05:30
Konstantin Kondrashov
117c79eae5 app_update: Add API for getting sha256_of_partition
Added bootloader_common_get_sha256_of_partition() and esp_partition_get_sha256() - get or calculate SHA-256
digest for app and data partitions.
Added bootloader_sha256_hex_to_str() - helps to print SHA-256 digest
Added esp_partition_check_identity() - compares two partitions by SHA-256 digest

Refactoring a function esp_image_load() in bootloader space to esp_image_verify() and
bootloader_load_image(). Old name function esp_image_load is deprecated
and will remove in V4.0 version.

spi_flash/sim: Fix error test_host. Add stub for bootloader_common_get_sha256_of_partition in sim/stubs
2018-08-13 13:59:07 +05:00
Angus Gratton
fb439e48f5 bootloader: Don't verify Partition Table as part of Secure Boot
Partition Tables are still signed for backwards compatibility, but signature is no longer checked as
part of bootloader.

Closes https://github.com/espressif/esp-idf/issues/1641
2018-07-13 15:45:15 +10:00
Angus Gratton
7a18575af8 flash encryption: Also always disable ROM BASIC console when enabling flash encryption 2017-08-29 14:52:00 +10:00
Angus Gratton
0c8888d68f bootloader: Combine loading from flash & verifying to save boot time
Still needs updating to account for secure boot.
2017-07-19 18:25:17 +10:00
Tian Zhong Xing
2173ad3b45 bootloader_support: fix bug OTA & flash encryption incompatible
ota data partition should be encrypted unconditionally when flash encrypt enable
2017-01-26 16:20:06 +11:00
Angus Gratton
3922ce47b2 bootloader: Enable early boot RNG entropy source
This reverts commit ceb8566970.
2017-01-04 17:07:12 +11:00
Angus Gratton
ceb8566970 Flash encryption / secure boot: Temporarily disable on-device key generation
Will be enabled after seeding of HWRNG in bootloader is fully tested/qualified.
2016-12-01 23:49:13 -08:00
Angus Gratton
506c8cd964 secure boot & flash encryption: Rework configuration options
Add UART bootloader disable options for flash encryption
2016-12-01 23:49:12 -08:00
Angus Gratton
9eb135fd73 Flash encryption: Support enabling flash encryption in bootloader, app support
* App access functions are all flash encryption-aware
* Documentation for flash encryption
* Partition read/write is flash aware
* New encrypted write function
2016-12-01 23:49:12 -08:00