alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-26 02:02:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(secure_boot): Fix SB verification failure when sig block and key digest mismatch

Browse Source 
- Secure boot V2 verification failed when multiple keys are used to sign the bootloader
  and the application is signed with a key other than the first key that is used to
  sign the bootloader.
- The issue was introduced as a regression from the commit `ff16ce43`.
- Added a QEMU test for recreating the issue.
- Made SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT independent of SECURE_BOOT_BUILD_SIGNED_BINARIES.
This commit is contained in:
harshal.patil
2025-02-27 16:18:47 +05:30
parent afb2154247
commit a6ea9bcd41
12 changed files with 211 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
tools/test_apps/security/secure_boot/sdkconfig.ci.qemu Normal file
View File

@@ -0,0 +1,7 @@
CONFIG_IDF_TARGET="esp32c3"
CONFIG_SECURE_BOOT=y
CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=n
CONFIG_SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT=y
CONFIG_EXAMPLE_TARGET_QEMU=y