mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
fbec7de7f8
Old rationale for "priv" no longer applies. As reported here: https://esp32.com/viewtopic.php?f=13&t=6155&p=27151#p26601
46 lines
1.4 KiB
Makefile
46 lines
1.4 KiB
Makefile
COMPONENT_ADD_INCLUDEDIRS := include
|
|
|
|
ifdef IS_BOOTLOADER_BUILD
|
|
# share "include_bootloader" headers with bootloader main component
|
|
COMPONENT_ADD_INCLUDEDIRS += include_bootloader
|
|
else
|
|
COMPONENT_PRIV_INCLUDEDIRS := include_bootloader
|
|
endif
|
|
|
|
COMPONENT_SRCDIRS := src
|
|
|
|
#
|
|
# Secure boot signing key support
|
|
#
|
|
ifdef CONFIG_SECURE_BOOT_ENABLED
|
|
|
|
# this path is created relative to the component build directory
|
|
SECURE_BOOT_VERIFICATION_KEY := $(abspath signature_verification_key.bin)
|
|
|
|
ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES
|
|
# verification key derived from signing key.
|
|
$(SECURE_BOOT_VERIFICATION_KEY): $(SECURE_BOOT_SIGNING_KEY) $(SDKCONFIG_MAKEFILE)
|
|
$(ESPSECUREPY) extract_public_key --keyfile $< $@
|
|
else
|
|
# find the configured public key file
|
|
ORIG_SECURE_BOOT_VERIFICATION_KEY := $(call resolvepath,$(call dequote,$(CONFIG_SECURE_BOOT_VERIFICATION_KEY)),$(PROJECT_PATH))
|
|
|
|
$(ORIG_SECURE_BOOT_VERIFICATION_KEY):
|
|
@echo "Secure boot verification public key '$@' missing."
|
|
@echo "This can be extracted from the private signing key, see"
|
|
@echo "docs/security/secure-boot.rst for details."
|
|
exit 1
|
|
|
|
# copy it into the build dir, so the secure boot verification key has
|
|
# a predictable file name
|
|
$(SECURE_BOOT_VERIFICATION_KEY): $(ORIG_SECURE_BOOT_VERIFICATION_KEY) $(SDKCONFIG_MAKEFILE)
|
|
$(summary) CP $< $@
|
|
cp $< $@
|
|
endif
|
|
|
|
COMPONENT_EXTRA_CLEAN += $(SECURE_BOOT_VERIFICATION_KEY)
|
|
|
|
COMPONENT_EMBED_FILES := $(SECURE_BOOT_VERIFICATION_KEY)
|
|
|
|
endif
|