alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-09-30 19:19:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

secure boot: Support secure boot signatures without hardware secure boot

Browse Source 
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.

Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).

Requires:
* [ ] More testing
* [ ] Documentation
This commit is contained in:
Angus Gratton
2018-07-19 15:15:37 +10:00
committed by Angus Gratton
parent 27f3c3e668
commit b364f23e17
5 changed files with 88 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/app_update/esp_ota_ops.c
View File

@@ -376,7 +376,7 @@ esp_err_t esp_ota_set_boot_partition(const esp_partition_t *partition)
return ESP_ERR_OTA_VALIDATE_FAILED;
}
#ifdef CONFIG_SECURE_BOOT_ENABLED
#ifdef CONFIG_SECURE_SIGNED_ON_UPDATE
esp_err_t ret = esp_secure_boot_verify_signature(partition->address, data.image_len);
if (ret != ESP_OK) {
return ESP_ERR_OTA_VALIDATE_FAILED;