secure_boot: Secure Boot V2 verify app signature on update (without Secure boot)

- ESP32 ECO3, ESP32-S2/C3/S3

components/esp_rom/include/esp32/rom/secure_boot.h

@@ -18,6 +18,7 @@
 #define _ROM_SECURE_BOOT_H_
 
 #include <stdint.h>
+#include "ets_sys.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -42,21 +43,22 @@ bool ets_secure_boot_check_start(uint8_t abs_index, uint32_t iv_addr);
 int ets_secure_boot_check_finish(uint32_t *abstract);
 
 #ifdef CONFIG_ESP32_REV_MIN_3
+#include "rsa_pss.h"
+
 #define SECURE_BOOT_NUM_BLOCKS 1
 
+#define CRC_SIGN_BLOCK_LEN 1196
+#define SIG_BLOCK_PADDING 4096
+#define ETS_SECURE_BOOT_V2_SIGNATURE_MAGIC 0xE7
+
+// Anti-FI measure: use full words for success/fail internally, instead of 0/non-zero
 typedef enum {
     SBV2_SUCCESS = 0x3A5A5AA5,
+    SB_SUCCESS   = 0x3A5A5AA5,
     SBV2_FAILED = 0xA533885A,
+    SB_FAILED   = 0xA533885A,
 } secure_boot_v2_status_t;
 
-/* Secure Boot Version 2 - Public Key format */
-typedef struct {
-    uint8_t n[384]; /* Public key modulus */
-    uint32_t e;     /* Public key exponent */
-    uint8_t rinv[384];
-    uint32_t mdash;
-} ets_rsa_pubkey_t;
-
 /* Secure Boot Version 2 signature format for ESP32 ECO3 */
 typedef struct {
     uint8_t magic_byte;
@@ -69,20 +71,28 @@ typedef struct {
     uint32_t block_crc;
     uint8_t _padding[16];
 } ets_secure_boot_sig_block_t;
+_Static_assert(sizeof(ets_secure_boot_sig_block_t) == 1216, "invalid sig block size");
+
+#define MAX_APPENDED_SIGN_BLOCKS_TO_IMAGE 3
 
 /* Multiple key block support */
-struct ets_secure_boot_signature {
-    ets_secure_boot_sig_block_t block[SECURE_BOOT_NUM_BLOCKS];
-    uint8_t _padding[4096 - (sizeof(ets_secure_boot_sig_block_t) * SECURE_BOOT_NUM_BLOCKS)];
-};
-typedef struct ets_secure_boot_signature ets_secure_boot_signature_t;
+typedef struct {
+    ets_secure_boot_sig_block_t block[MAX_APPENDED_SIGN_BLOCKS_TO_IMAGE];
+    uint8_t _padding[4096 - (sizeof(ets_secure_boot_sig_block_t) * MAX_APPENDED_SIGN_BLOCKS_TO_IMAGE)];
+} ets_secure_boot_signature_t;
+
+_Static_assert(sizeof(ets_secure_boot_signature_t) == 4096, "invalid sig sector size");
+
+typedef struct {
+    const void *key_digests[SECURE_BOOT_NUM_BLOCKS];
+} ets_secure_boot_key_digests_t;
 
 /** @brief Verifies the signature block appended to a firmware image. Implemented in the ROM.
  *
  * This function is used to verify the bootloader before burning its public key hash into Efuse.
  * Also, it is used to verify the app on loading the image on boot and on OTA.
  *
- * @param sig The signature block flashed aligned 4096 bytes from the firmware.
+ * @param sig The signature block flashed aligned 4096 bytes from the firmware. (ROM implementation expects 3 blocks, sig->block[3]).
  * @param image_digest The SHA-256 Digest of the firmware to be verified
  * @param trusted_key_digest The SHA-256 Digest of the public key (ets_rsa_pubkey_t) of a single signature block.
  * @param verified_digest RSA-PSS signature of image_digest. Pass an uninitialised array.
@@ -109,6 +119,9 @@ void ets_secure_boot_verify_boot_bootloader(void);
  */
 bool ets_use_secure_boot_v2(void);
 
+#else
+#define SECURE_BOOT_NUM_BLOCKS 0
+
 #endif /* CONFIG_ESP32_REV_MIN_3 */
 
 #ifdef __cplusplus