alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-12-10 18:06:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

bootloader: Calculate SHA256 hash of image on every boot

Browse Source 
Makes app image booting more reliable (256-bit rather than 8-bit verification.)

Some measurements, time to boot a 655KB app.bin file and run to app_main() execution.

(All for rev 1 silicon, ie no 340ms spurious WDT delay.)

80MHz QIO mode:
before = 300ms
after = 140ms

40MHz DIO mode:
before = 712ms
after = 577ms

40MHz DIO mode, secure boot enabled
before = 1380ms
after = 934ms

(Secure boot involves two ECC signature verifications (partition table, app) that take approx 300ms each with 80MHz CPU.)
This commit is contained in:
Angus Gratton
2017-06-28 16:46:34 +10:00
committed by Angus Gratton
parent caaa29c676
commit 17adb40ca8
12 changed files with 290 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
components/app_update/esp_ota_ops.c
View File

@@ -241,7 +241,7 @@ esp_err_t esp_ota_end(esp_ota_handle_t handle)
}
#ifdef CONFIG_SECURE_BOOT_ENABLED
ret = esp_secure_boot_verify_signature(it->part->address, data.image_length);
ret = esp_secure_boot_verify_signature(it->part->address, data.image_len);
if (ret != ESP_OK) {
ret = ESP_ERR_OTA_VALIDATE_FAILED;
goto cleanup;
@@ -385,7 +385,7 @@ esp_err_t esp_ota_set_boot_partition(const esp_partition_t *partition)
}
#ifdef CONFIG_SECURE_BOOT_ENABLED
esp_err_t ret = esp_secure_boot_verify_signature(partition->address, data.image_length);
esp_err_t ret = esp_secure_boot_verify_signature(partition->address, data.image_len);
if (ret != ESP_OK) {
return ESP_ERR_OTA_VALIDATE_FAILED;
}