Commit Graph

22 Commits

Author SHA1 Message Date
Mahavir Jain
5e436add7a
docs: secure-boot-v2: remove incorrect note about bootloader re-flash
In secure-boot-v2 scheme, one can always regenerate signature using
secure boot signing key and re-flash either bootloader or application.
2022-11-25 14:23:24 +05:30
Sachin Parekh
7fe2a4815d secure_boot: Added Kconfig option for aggressive key revoke
Applicable to S2, C3, and S3
2021-11-09 15:19:47 +05:30
Jakob Hasse
ea2e2b0d62 [docs]: Clarified and improved Secure Boot docs 2021-10-13 11:41:53 +08:00
Sachin Parekh
2d82560ed5 bootloader: Enable Secure boot V2 for ESP32-S3 2021-08-19 14:08:12 +05:30
KonstantinKondrashov
93512edc7a secure_boot_v2(doc): secure_boot_v2 key/s must be readable 2021-08-04 15:39:48 +05:00
Sachin Parekh
082cc36532 doc/secure_boot_v2: Fix the steps mentioned for enabling secure boot 2021-07-30 14:40:32 +08:00
Mahavir Jain
77c96e51bb docs: security: fix minor formatting issues or typos 2021-07-22 15:18:56 +05:30
Angus Gratton
c01da712f6 docs: Move the bootloader size section into the Bootloader guide 2021-07-13 17:35:04 +10:00
Angus Gratton
1bad8a28bb secure boot doc: Clarify limits for verifying signed updates without secure boot
Closes https://github.com/espressif/esp-idf/issues/7080
2021-06-15 17:44:03 +10:00
KonstantinKondrashov
9295e54c9d docs: Adds secure_boot_v2 for ESP32-C3 ECO3 2021-04-08 14:22:46 +08:00
KonstantinKondrashov
7f40717eb2 secure_boot/SIGNED_ON_UPDATE_NO_SECURE_BOOT: Only the first position of signature blocks is used to verify any update 2021-03-25 12:27:05 +00:00
Aditya Patwardhan
2095148b31 bootloader/ ESP32_ECO3: Do not disable UART download mode by default 2021-03-23 08:15:32 +00:00
Angus Gratton
bc7e00896e docs: Add docs for Secure Boot V2 "verify on update without secure boot" 2021-03-15 12:30:20 +00:00
Angus Gratton
501af6dfa2 Merge branch 'feature/secure_boot_revoke_check' into 'master'
secure_boot: Checks secure boot efuses

Closes IDF-2609

See merge request espressif/esp-idf!12148
2021-02-25 22:38:42 +00:00
KonstantinKondrashov
90f2d3199a secure_boot: Checks secure boot efuses
ESP32 V1 and V2 - protection bits.
ESP32xx V2: revoke bits, protection bits

- refactor efuse component
- adds some APIs for esp32 chips as well as for esp32xx chips
2021-02-23 03:56:21 +08:00
KonstantinKondrashov
70dd884fee doc(esp32c3): Updates secure features doc 2021-02-22 18:01:35 +08:00
KonstantinKondrashov
98f726fa4b bootloader/esp32c3: Adds secure boot (not yet supported) 2021-01-19 20:51:13 +08:00
Supreet Deshpande
33979a9361 Docs: Secure boot v2 support for ESP32-S2 2020-07-27 00:01:10 +00:00
Angus Gratton
4358f3b573 doc: Add warnings about using JTAG debugging with hardware security features
This is related to the following issues but is not a fix, just documentation of a workaround until we can
improve the support:
https://github.com/espressif/esp-idf/issues/4878
https://github.com/espressif/esp-idf/issues/4734
2020-04-01 17:36:08 +11:00
Angus Gratton
fe64ab6de0 docs: secure boot v2: Add a note about maximum bootloader size 2020-03-30 18:13:42 +11:00
Angus Gratton
142f69448f secure boot v2: esp32: Prevent read disabling additional efuses
Also reduce the number of eFuse write cycles during first boot when
Secure Boot and/or Flash Encryption are enabled.
2020-03-30 18:00:40 +11:00
Supreet Deshpande
073ba0a608 feat/secure_boot_v2: Adding docs for secure boot v2 ESP32-ECO3 2020-02-25 01:28:22 +05:30