When SECURE BOOT V2 is enabled and CONFIG_SECURE_BOOT_SIGNED_BINARIES
is not set, sector-pad the bootloader image, which is required for an
external PKCS#11 interface to generate a signature.
esptool_py: Update submodule to release/v3 (4bc311767b7c6df41def6f95a50f87b1c9406cbd)
Changed optional value parameter 'encrypted' to a named parameter
called 'ALWAYS_PLAINTEXT'. This flag can be passed to:
- esptool_py_flash_target
- esptool_py_flash_target_image
Fix wrong identation.
- Add the function esptool_py_flash_to_partition to flash a binary
image to a named partition. If encryption is enabled, this function
will also determine if the partition needs to be encrypted or not
according the its type, subtype and flag in the CSV file (if any).
- Use idf.py encrypted-flash will now flash both encrypted and
non-encrypted file if any (spiffs for example) using esptool.py's
--encrypt-files option.
Closes IDF-2387
Relates to IDF-723
Relates to IDF-2231
Currently USB CDC Download requires the `--no-stub` option of `esptool`. This change inverts the Kconfig option to negative, so that it can be `selected` by other options or enabled in applications through `sdkconfig.defaults`.
esptool_py used to create its own custom target to attach properties to.
This commit uses component properties instead, and the APIs used to set
and retrieve those properties in order to simplify generation of
argument files to esptool.py.
Do not include bootloader in flash target when secure boot is enabled.
Emit signing warning on all cases where signed apps are enabled (secure
boot and signed images)
Follow convention of capital letters for SECURE_BOOT_SIGNING_KEY variable, since it is
relevant to other components, not just bootloader.
Pass signing key and verification key via config, not requiring
bootloader to know parent app dir.
Misc. variables name corrections
Path was accidentally generated as build/<absolute path to input file> which creates unexpected path structure on Linux/macOS and breaks Windows (as can't have a directory named "C:".
Regression in e8582e9aa4
Closes https://github.com/espressif/esp-idf/issues/3687
Closes IDFGH-1409
This MR improves existing flash encryption document to provide simplified steps
Adds two new modes for user: Development & Release
Adds a simple example
Supports encrypted write through make command
esptool_py defines command `esptool_py_flash_project_args` that
generates arg file for esptool.py. Two of the arguments are the offset
and image, which are not being used when a template file is given.
This commit makes variables OFFSET and IMAGE available to the template
file, which will holds the value of the offset and image arguments to
`esptool_py_flash_project_args`.
Since OUTPUT argument of custom command does not currently support
generator expressions, the project image is only generated as a side
effect. The primary generated file is a timestamp file. Unfortunately as a consequence
the output logs when the
binary is about to be generated is not as helpful anymore.
Set a custom comment that is more descriptive of what is happening,
and provide more feedback as to what has been generated.
A problem if the Python interpreter used for idf.py (or set via PYTHON
variable) didn't match
"/usr/bin/env python" (or the associated executable for .py files, on
Windows).
Closes https://github.com/espressif/esp-idf/issues/3160
Possibly also fix for https://github.com/espressif/esp-idf/issues/2936
Adds build system test to catch any future direct execution of Python in
the standard build process.