alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-11 13:00:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

secure boot v2: Fix issue checking multiple signature blocks on OTA update

Browse Source
This commit is contained in:
Angus Gratton
2021-03-12 16:59:36 +11:00
committed by bot
parent bc7e00896e
commit 6a29b45bd4
2 changed files with 44 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
components/esp_rom/include/esp32/rom/secure_boot.h
View File

@@ -73,12 +73,13 @@ typedef struct {
} ets_secure_boot_sig_block_t;
_Static_assert(sizeof(ets_secure_boot_sig_block_t) == 1216, "invalid sig block size");
#define MAX_APPENDED_SIGN_BLOCKS_TO_IMAGE 3
/* ROM supports up to 3, but IDF only checks the first one (SECURE_BOOT_NUM_BLOCKS) */
#define SECURE_BOOT_MAX_APPENDED_SIGN_BLOCKS_TO_IMAGE 3
/* Multiple key block support */
typedef struct {
ets_secure_boot_sig_block_t block[MAX_APPENDED_SIGN_BLOCKS_TO_IMAGE];
uint8_t _padding[4096 - (sizeof(ets_secure_boot_sig_block_t) * MAX_APPENDED_SIGN_BLOCKS_TO_IMAGE)];
ets_secure_boot_sig_block_t block[SECURE_BOOT_MAX_APPENDED_SIGN_BLOCKS_TO_IMAGE];
uint8_t _padding[4096 - (sizeof(ets_secure_boot_sig_block_t) * SECURE_BOOT_MAX_APPENDED_SIGN_BLOCKS_TO_IMAGE)];
} ets_secure_boot_signature_t;
_Static_assert(sizeof(ets_secure_boot_signature_t) == 4096, "invalid sig sector size");