secure boot: Functional partition table & app signature verification

2025-11-26 12:50:30 +00:00 · 2016-11-07 15:45:57 +11:00
parent fe66dd85f0
commit e459f803da
14 changed files with 116 additions and 79 deletions
--- a/components/bootloader_support/include/esp_secure_boot.h
+++ b/components/bootloader_support/include/esp_secure_boot.h
@@ -60,7 +60,9 @@ static inline bool esp_secure_boot_enabled(void) {
 */
 esp_err_t esp_secure_boot_permanently_enable(void);

-/** @brief Verify the signature appended to some binary data in flash.
+/** @brief Verify the secure boot signature (determinstic ECDSA w/ SHA256) appended to some binary data in flash.
+ *
+ * Public key is compiled into the calling program. See docs/security/secure-boot.rst for details.
 *
 * @param src_addr Starting offset of the data in flash.
 * @param length Length of data in bytes. Signature is appended -after- length bytes.