feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3

components/esp_rom/include/esp32/rom/secure_boot.h

@@ -12,6 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+#include "sdkconfig.h"
+
 #ifndef _ROM_SECURE_BOOT_H_
 #define _ROM_SECURE_BOOT_H_
 
@@ -39,8 +41,74 @@ bool ets_secure_boot_check_start(uint8_t abs_index, uint32_t iv_addr);
 
 int ets_secure_boot_check_finish(uint32_t *abstract);
 
-#ifdef __cplusplus
-}
-#endif
+#ifdef CONFIG_ESP32_REV_MIN_3
+#define SECURE_BOOT_NUM_BLOCKS 1
 
-#endif /* _ROM_SECURE_BOOT_H_ */
+typedef enum {
+    SBV2_SUCCESS = 0x3A5A5AA5,
+    SBV2_FAILED = 0xA533885A,
+} secure_boot_v2_status_t;
+
+/* Secure Boot Version 2 - Public Key format */
+typedef struct {
+    uint8_t n[384]; /* Public key modulus */
+    uint32_t e;     /* Public key exponent */
+    uint8_t rinv[384];
+    uint32_t mdash;
+} ets_rsa_pubkey_t;
+
+/* Secure Boot Version 2 signature format for ESP32 ECO3 */
+typedef struct {
+    uint8_t magic_byte;
+    uint8_t version;
+    uint8_t _reserved1;
+    uint8_t _reserved2;
+    uint8_t image_digest[32];
+    ets_rsa_pubkey_t key;
+    uint8_t signature[384];
+    uint32_t block_crc;
+    uint8_t _padding[16];
+} ets_secure_boot_sig_block_t;
+
+/* Multiple key block support */
+struct ets_secure_boot_signature {
+    ets_secure_boot_sig_block_t block[SECURE_BOOT_NUM_BLOCKS];
+    uint8_t _padding[4096 - (sizeof(ets_secure_boot_sig_block_t) * SECURE_BOOT_NUM_BLOCKS)];
+};
+typedef struct ets_secure_boot_signature ets_secure_boot_signature_t;
+
+/** @brief Verifies the signature block appended to a firmware image. Implemented in the ROM.
+ *
+ * This function is used to verify the bootloader before burning its public key hash into Efuse.
+ * Also, it is used to verify the app on loading the image on boot and on OTA.
+ * 
+ * @param sig The signature block flashed aligned 4096 bytes from the firmware.
+ * @param image_digest The SHA-256 Digest of the firmware to be verified
+ * @param trusted_key_digest The SHA-256 Digest of the public key (ets_rsa_pubkey_t) of a single signature block.
+ * @param verified_digest RSA-PSS signature of image_digest. Pass an uninitialised array. 
+ *
+ * @return SBV2_SUCCESS if signature is valid
+ * SBV2_FAILED for failures.
+ */
+secure_boot_v2_status_t ets_secure_boot_verify_signature(const ets_secure_boot_signature_t *sig, const uint8_t *image_digest, const uint8_t *trusted_key_digest, uint8_t *verified_digest);
+
+/** @brief This function verifies the 1st stage bootloader. Implemented in the ROM.
+ *  Reboots post verification. It reads the Efuse key for verification of the public key.
+ * 
+ * This function is not used in the current workflow.
+ * 
+ */
+void ets_secure_boot_verify_boot_bootloader(void);
+
+/** @brief Confirms if the secure boot V2 has been enabled. Implemented in the ROM.
+ * 
+ * In ESP32-ECO3 - It checks the value of ABS_DONE_1 in EFuse.
+ * 
+ * @return true if is Secure boot v2 has been enabled
+ * False if Secure boot v2 has not been enabled.
+ */
+bool ets_use_secure_boot_v2();
+
+#endif /* CONFIG_ESP32_REV_MIN_3 */
+
+#endif /* _ROM_SECURE_BOOT_H_ */