Harshit Malpani
a7f654fd64
feat: Add API to verify the bootloader and app image
...
Added an API to verify the bootloader and app image before revoking the key in Secure Boot V2.
This will help in preventing the device to be bricked if the bootloader/application cannot be
verified by any other keys in efuse
2024-01-19 14:04:06 +05:30
Mahavir Jain
5f9f8ac068
fix(docs): correct the target specific macros for secure boot v2 guide
...
It appears that target specific or'ing is not supported through the
docs build. Actual text rendering on the docs site was still using
"default" field from the custom macro, rather than using target
specific.
2023-11-15 15:37:59 +05:30
Mahavir Jain
11e034b387
docs: add ESP32-H2 secure boot guide
...
Close IDF-6681
2023-03-06 16:58:08 +05:30
Sachin Parekh
2bb9499a7e
esp32c6: Enable ECDSA based secure boot
...
- Updated documentation for C6
2023-02-13 13:02:11 +05:30
Mahavir Jain
02fb6fab09
docs: secure-boot-v2: add a section about secure padding
2023-02-08 12:01:52 +05:30
harshal.patil
3c0778a069
docs: refactored Secure Boot V2 documentation
...
- Added "Signing using pre-calculate signatures" section
- Refactored "Signing using an external HSM" section
2023-02-08 12:01:47 +05:30
Zhang Xiao Yan
ae639f68a6
Merge branch 'docs/update_USB-OTG_ESP32S2_ESP32S3' into 'master'
...
updated USB_OTG in dfu.rst, usb_device.rst and secure-boot-v2.rst
Closes DOC-3565
See merge request espressif/esp-idf!20144
2022-12-27 14:38:51 +08:00
Mahavir Jain
371a6abdca
Merge branch 'docs/support_for_pre_calculated_signatures' into 'master'
...
docs: Added documetation for using pre-calculated signatures
See merge request espressif/esp-idf!21377
2022-12-20 14:03:04 +08:00
harshal.patil
54d6ab2044
docs: Added documentation for using pre-calculated signatures
...
to generate secure boot enabled binaries.
2022-12-06 10:23:45 +05:30
harshal.patil
6809eaf375
docs: fix secure boot "Remote Signing of Images" section command
2022-12-01 18:03:44 +05:30
Linda
9c0d573eae
updated USB_OTG in dfu.rst, usb_device.rst and secure-boot-v2.rst
2022-11-29 10:08:59 +08:00
Mahavir Jain
e40d733d5a
secure-boot-v2: fix minor typo (s/MFG1/MGF1)
2022-08-23 16:37:14 +05:30
Linda
3d5f2fbafc
docs:updates based on feedbacks
2022-07-22 15:58:09 +08:00
Mahavir Jain
26514959dd
docs: secure-boot-v2: remove incorrect note about bootloader re-flash
...
In secure-boot-v2 scheme, one can always regenerate signature using
secure boot signing key and re-flash either bootloader or application.
2022-06-27 14:24:42 +05:30
KonstantinKondrashov
6e6b5474c3
doc(esp32c2): Updates Flash Encryption chapter
2022-05-31 11:12:21 +00:00
Stefan Wallentowitz
dd7aece4bf
Secure boot v2 image format: CRC size
...
The CRC size is documented as 1095 bytes, but in the code I find 1196 bytes:
https://github.com/espressif/esp-idf/blob/master/components/bootloader_support/src/secure_boot_v2/secure_boot.c#L35
2022-05-30 23:30:34 +02:00
Sachin Parekh
2c725264f7
esp32c2: Support Secure Boot V2 based on ECDSA scheme
2022-05-11 18:00:03 +05:30
Mahavir Jain
1501a22e02
docs: fix salt length in secure-boot-v2 docs
2021-12-07 09:49:28 +05:30
Roland Dobai
9c1d4f5b54
Build & config: Remove the "make" build system
...
The "make" build system was deprecated in v4.0 in favor of idf.py
(cmake). The remaining support is removed in v5.0.
2021-11-10 09:53:53 +01:00
Sachin Parekh
8ff3dbc05d
secure_boot: Added Kconfig option for aggressive key revoke
...
Applicable to S2, C3, and S3
2021-10-22 12:20:14 +05:30
Jakob Hasse
ea2e2b0d62
[docs]: Clarified and improved Secure Boot docs
2021-10-13 11:41:53 +08:00
Sachin Parekh
2d82560ed5
bootloader: Enable Secure boot V2 for ESP32-S3
2021-08-19 14:08:12 +05:30
KonstantinKondrashov
93512edc7a
secure_boot_v2(doc): secure_boot_v2 key/s must be readable
2021-08-04 15:39:48 +05:00
Sachin Parekh
082cc36532
doc/secure_boot_v2: Fix the steps mentioned for enabling secure boot
2021-07-30 14:40:32 +08:00
Mahavir Jain
77c96e51bb
docs: security: fix minor formatting issues or typos
2021-07-22 15:18:56 +05:30
Angus Gratton
c01da712f6
docs: Move the bootloader size section into the Bootloader guide
2021-07-13 17:35:04 +10:00
Angus Gratton
1bad8a28bb
secure boot doc: Clarify limits for verifying signed updates without secure boot
...
Closes https://github.com/espressif/esp-idf/issues/7080
2021-06-15 17:44:03 +10:00
KonstantinKondrashov
9295e54c9d
docs: Adds secure_boot_v2 for ESP32-C3 ECO3
2021-04-08 14:22:46 +08:00
KonstantinKondrashov
7f40717eb2
secure_boot/SIGNED_ON_UPDATE_NO_SECURE_BOOT: Only the first position of signature blocks is used to verify any update
2021-03-25 12:27:05 +00:00
Aditya Patwardhan
2095148b31
bootloader/ ESP32_ECO3: Do not disable UART download mode by default
2021-03-23 08:15:32 +00:00
Angus Gratton
bc7e00896e
docs: Add docs for Secure Boot V2 "verify on update without secure boot"
2021-03-15 12:30:20 +00:00
Angus Gratton
501af6dfa2
Merge branch 'feature/secure_boot_revoke_check' into 'master'
...
secure_boot: Checks secure boot efuses
Closes IDF-2609
See merge request espressif/esp-idf!12148
2021-02-25 22:38:42 +00:00
KonstantinKondrashov
90f2d3199a
secure_boot: Checks secure boot efuses
...
ESP32 V1 and V2 - protection bits.
ESP32xx V2: revoke bits, protection bits
- refactor efuse component
- adds some APIs for esp32 chips as well as for esp32xx chips
2021-02-23 03:56:21 +08:00
KonstantinKondrashov
70dd884fee
doc(esp32c3): Updates secure features doc
2021-02-22 18:01:35 +08:00
KonstantinKondrashov
98f726fa4b
bootloader/esp32c3: Adds secure boot (not yet supported)
2021-01-19 20:51:13 +08:00
Supreet Deshpande
33979a9361
Docs: Secure boot v2 support for ESP32-S2
2020-07-27 00:01:10 +00:00
Angus Gratton
4358f3b573
doc: Add warnings about using JTAG debugging with hardware security features
...
This is related to the following issues but is not a fix, just documentation of a workaround until we can
improve the support:
https://github.com/espressif/esp-idf/issues/4878
https://github.com/espressif/esp-idf/issues/4734
2020-04-01 17:36:08 +11:00
Angus Gratton
fe64ab6de0
docs: secure boot v2: Add a note about maximum bootloader size
2020-03-30 18:13:42 +11:00
Angus Gratton
142f69448f
secure boot v2: esp32: Prevent read disabling additional efuses
...
Also reduce the number of eFuse write cycles during first boot when
Secure Boot and/or Flash Encryption are enabled.
2020-03-30 18:00:40 +11:00
Supreet Deshpande
073ba0a608
feat/secure_boot_v2: Adding docs for secure boot v2 ESP32-ECO3
2020-02-25 01:28:22 +05:30