Commit Graph

11 Commits

Author SHA1 Message Date
Mahavir Jain
202f689baa bootloader: use mbedTLS for secure boot verification in firmware 2019-04-01 15:46:52 +05:30
morris
c159984264 separate rom from esp32 component to esp_rom
1. separate rom include files and linkscript to esp_rom
2. modefiy "include rom/xxx.h" to "include esp32/rom/xxx.h"
3. Forward compatible
4. update mqtt
2019-03-21 18:51:45 +08:00
Angus Gratton
1cc726b2a3 secure boot: Use mbedtls_sha256() not esp_sha()
Latter is probably compiled into most firmwares already, saves some size.

Ref https://github.com/espressif/esp-idf/issues/3127
2019-03-14 05:56:06 +00:00
Angus Gratton
57b601ab7f secure boot: Pad to avoid data after the signature mapping into the address space
Because address space is mapped in 64KB pages, it was possible for unauthenticated data after the
app .bin to become mapped into the flash cache address space.

This problem is solved by 2 changes:

* "esptool elf2image --secure-pad" will pad the image so that the signature block ends close to the
  64KB boundary. Due to alignment constraints it will be 12 bytes too short after signing (but
  with flash encryption, these 12 bytes are still encrypted as part of the last block and can't be
  arbitrarily changed).
* By default, secure boot now requires all app partitions to be a multiple of 64KB in size.
2018-07-17 15:33:47 +10:00
Angus Gratton
17adb40ca8 bootloader: Calculate SHA256 hash of image on every boot
Makes app image booting more reliable (256-bit rather than 8-bit verification.)

Some measurements, time to boot a 655KB app.bin file and run to app_main() execution.

(All for rev 1 silicon, ie no 340ms spurious WDT delay.)

80MHz QIO mode:
before = 300ms
after = 140ms

40MHz DIO mode:
before = 712ms
after = 577ms

40MHz DIO mode, secure boot enabled
before = 1380ms
after = 934ms

(Secure boot involves two ECC signature verifications (partition table, app) that take approx 300ms each with 80MHz CPU.)
2017-07-19 18:31:59 +10:00
Angus Gratton
9eb135fd73 Flash encryption: Support enabling flash encryption in bootloader, app support
* App access functions are all flash encryption-aware
* Documentation for flash encryption
* Partition read/write is flash aware
* New encrypted write function
2016-12-01 23:49:12 -08:00
Angus Gratton
c48612e516 mbedTLS SHA acceleration: Allow concurrent digest calculation, works with TLS
SHA hardware allows each of SHA1, SHA256, SHA384&SHA512 to calculate digests
concurrently.

Currently incompatible with AES acceleration due to a hardware reset problem.

Ref TW7111.
2016-11-22 20:42:38 +11:00
Angus Gratton
60f29236f6 Build system: Raise warning level
Default esp-idf builds now show -Wextra warnings (except for a few:
signed/unsigned comparison, unused parameters, old-style C declarations.)

CI building of examples runs with that level raised to -Werror, to catch
those changes going into the main repo.
2016-11-16 15:57:34 +11:00
Angus Gratton
8691b54758 secure boot: Rename efuse option for UART bootloader to option for ROM interpreter 2016-11-14 11:08:42 +11:00
Angus Gratton
e459f803da secure boot: Functional partition table & app signature verification 2016-11-14 11:08:42 +11:00
Angus Gratton
b5de581399 Secure boot: initial image signature support 2016-11-14 11:08:42 +11:00