alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-10 04:43:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

flash_encryption: Add several test environments for flash encryption test

Browse Source
This commit is contained in:
Cao Sen Miao
2022-07-14 12:29:43 +08:00
parent 075e0729de
commit e69f658ac6
16 changed files with 255 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
components/spi_flash/test_apps/flash_encryption/CMakeLists.txt Normal file
View File

@@ -0,0 +1,5 @@
# This is the project CMakeLists.txt file for the test subproject
cmake_minimum_required(VERSION 3.16)
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
project(test_flash_encryption)

6
components/spi_flash/test_apps/flash_encryption/README.md Normal file
View File

@@ -0,0 +1,6 @@
| Supported Targets | ESP32 | ESP32-C2 | ESP32-C3 | ESP32-S2 | ESP32-S3 |
| ----------------- | ----- | -------- | -------- | -------- | -------- |
## Prepare runner
To prepare flash encryption tunner, you can run `encrypt_flash.sh`. Note that doing so will burn efuses.

14
components/spi_flash/test_apps/flash_encryption/encrypt_flash.sh Normal file
View File

@@ -0,0 +1,14 @@
#This is the step for ESP32-S2/S3/C3
#!/bin/bash
set -e
if [ -z "$ESPPORT" ]; then
echo "ESPPORT must be set"
exit 1
fi
dd if=/dev/zero of=key.bin bs=1 count=32
# Change the first byte as espsecure uses modules that won't
# allow symmetric keys
echo -ne \\xFF | dd conv=notrunc bs=1 count=1 of=key.bin
espefuse.py --do-not-confirm -p $ESPPORT burn_efuse SPI_BOOT_CRYPT_CNT 0x1
espefuse.py --do-not-confirm -p $ESPPORT burn_key BLOCK_KEY2 key.bin XTS_AES_128_KEY

5
components/spi_flash/test_apps/flash_encryption/main/CMakeLists.txt Normal file
View File

@@ -0,0 +1,5 @@
set(srcs "test_app_main.c"
"test_flash_encryption.c")
idf_component_register(SRCS ${srcs}
WHOLE_ARCHIVE)

57
components/spi_flash/test_apps/flash_encryption/main/test_app_main.c Normal file
View File

@@ -0,0 +1,57 @@
/*
* SPDX-FileCopyrightText: 2015-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include "unity.h"
#include "unity_test_runner.h"
#include "esp_heap_caps.h"
// Some resources are lazy allocated in flash encryption, the threadhold is left for that case
#define TEST_MEMORY_LEAK_THRESHOLD (-300)
static size_t before_free_8bit;
static size_t before_free_32bit;
static void check_leak(size_t before_free, size_t after_free, const char *type)
{
ssize_t delta = after_free - before_free;
printf("MALLOC_CAP_%s: Before %u bytes free, After %u bytes free (delta %d)\n", type, before_free, after_free, delta);
TEST_ASSERT_MESSAGE(delta >= TEST_MEMORY_LEAK_THRESHOLD, "memory leak");
}
void setUp(void)
{
before_free_8bit = heap_caps_get_free_size(MALLOC_CAP_8BIT);
before_free_32bit = heap_caps_get_free_size(MALLOC_CAP_32BIT);
}
void tearDown(void)
{
size_t after_free_8bit = heap_caps_get_free_size(MALLOC_CAP_8BIT);
size_t after_free_32bit = heap_caps_get_free_size(MALLOC_CAP_32BIT);
check_leak(before_free_8bit, after_free_8bit, "8BIT");
check_leak(before_free_32bit, after_free_32bit, "32BIT");
}
void app_main(void)
{
// ####### #######
// # # ## #### # # # #### # # ##### # # ##### ##### # #### # #
// # # # # # # # # # # ## # # # # # # # # # # # ## #
// ##### # # # #### ###### ##### # # # # # # # # # # # # # # # #
// # # ###### # # # # # # # # ##### # ##### # # # # # # #
// # # # # # # # # # # # # ## # # # # # # # # # ##
// # ###### # # #### # # ####### #### # # # # # # # # #### # #
printf(" ####### ####### \n");
printf("# # ## #### # # # #### # # ##### # # ##### ##### # #### # #\n");
printf("# # # # # # # # # # ## # # # # # # # # # # # ## #\n");
printf("##### # # # #### ###### ##### # # # # # # # # # # # # # # # #\n");
printf("# # ###### # # # # # # # # ##### # ##### # # # # # # #\n");
printf("# # # # # # # # # # # # ## # # # # # # # # # ##\n");
printf("# ###### # # #### # # ####### #### # # # # # # # # #### # #\n");
unity_run_menu();
}

342
components/spi_flash/test_apps/flash_encryption/main/test_flash_encryption.c Normal file
View File

@@ -0,0 +1,342 @@
/*
* SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Unlicense OR CC0-1.0
*/
#include <stdio.h>
#include <stdlib.h>
#include "esp_log.h"
#include "unity.h"
#include "esp_flash.h"
#include <spi_flash_mmap.h>
#include <esp_attr.h>
#include <esp_flash_encrypt.h>
#include <string.h>
#include "esp_log.h"
#include "esp_partition.h"
#include "esp_heap_caps.h"
/*-------------------- For running this test, some configurations are necessary -------------------*/
/* ESP32 | CONFIG_SECURE_FLASH_ENC_ENABLED | SET */
/* ESP32S2 | CONFIG_SECURE_FLASH_ENC_ENABLED | SET */
/* | CONFIG_EFUSE_VIRTUAL | NOT SET */
/* | CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED | SET */
/* ESP32C3 | CONFIG_SECURE_FLASH_ENC_ENABLED | SET */
/* | CONFIG_EFUSE_VIRTUAL | NOT SET */
/* | CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED | SET */
#ifdef CONFIG_SECURE_FLASH_ENC_ENABLED
static void test_encrypted_write(size_t offset, const uint8_t *data, size_t length);
static void verify_erased_flash(size_t offset, size_t length);
static size_t start;
const esp_partition_t *get_test_data_partition(void)
{
/* This finds "flash_test" partition defined in partition_table_unit_test_app.csv */
const esp_partition_t *result = esp_partition_find_first(ESP_PARTITION_TYPE_DATA,
ESP_PARTITION_SUBTYPE_ANY, "flash_test");
TEST_ASSERT_NOT_NULL(result); /* means partition table set wrong */
return result;
}
static void setup_tests(void)
{
const esp_partition_t *part = get_test_data_partition();
start = part->address;
printf("Test data partition @ 0x%x\n", start);
}
static void verify_erased_flash(size_t offset, size_t length)
{
uint8_t *readback = (uint8_t *)heap_caps_malloc(SPI_FLASH_SEC_SIZE, MALLOC_CAP_32BIT | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
printf("verify erased 0x%x - 0x%x\n", offset, offset + length);
TEST_ASSERT_EQUAL_HEX(ESP_OK,
esp_flash_read(NULL, readback, offset, length));
for (int i = 0; i < length; i++) {
TEST_ASSERT_EQUAL_HEX8(0xFF, readback[i]);
}
free(readback);
}
TEST_CASE("test 16 byte encrypted writes", "[flash_encryption]")
{
setup_tests();
TEST_ASSERT_EQUAL_HEX(ESP_OK,
esp_flash_erase_region(NULL, start, SPI_FLASH_SEC_SIZE));
uint8_t fortyeight_bytes[0x30]; // 0, 1, 2, 3, 4... 47
for(int i = 0; i < sizeof(fortyeight_bytes); i++) {
fortyeight_bytes[i] = i;
}
/* Verify unaligned start or length fails */
TEST_ASSERT_EQUAL_HEX(ESP_ERR_INVALID_ARG,
esp_flash_write_encrypted(NULL, start + 1, fortyeight_bytes, 32));
TEST_ASSERT_EQUAL_HEX(ESP_ERR_INVALID_SIZE,
esp_flash_write_encrypted(NULL, start, fortyeight_bytes, 15));
/* ensure nothing happened to the flash yet */
verify_erased_flash(start, 0x20);
/* Write 32 byte block, this is the "normal" encrypted write */
test_encrypted_write(start, fortyeight_bytes, 0x20);
verify_erased_flash(start + 0x20, 0x20);
/* Slip in an unaligned esp_flash_read_encrypted() test */
uint8_t buf[0x10];
esp_flash_read_encrypted(NULL, start+0x10, buf, 0x10);
TEST_ASSERT_EQUAL_HEX8_ARRAY(fortyeight_bytes+0x10, buf, 16);
/* Write 16 bytes unaligned */
test_encrypted_write(start + 0x30, fortyeight_bytes, 0x10);
/* the 16 byte regions before and after the 16 bytes we just wrote should still be 0xFF */
verify_erased_flash(start + 0x20, 0x10);
verify_erased_flash(start + 0x40, 0x10);
/* Write 48 bytes starting at a 32-byte aligned offset */
test_encrypted_write(start + 0x40, fortyeight_bytes, 0x30);
/* 16 bytes after this write should still be 0xFF -unencrypted- */
verify_erased_flash(start + 0x70, 0x10);
/* Write 48 bytes starting at a 16-byte aligned offset */
test_encrypted_write(start + 0x90, fortyeight_bytes, 0x30);
/* 16 bytes after this write should still be 0xFF -unencrypted- */
verify_erased_flash(start + 0x120, 0x10);
}
static void test_encrypted_write(size_t offset, const uint8_t *data, size_t length)
{
uint8_t readback[length];
printf("encrypt %d bytes at 0x%x\n", length, offset);
TEST_ASSERT_EQUAL_HEX(ESP_OK,
esp_flash_write_encrypted(NULL, offset, data, length));
TEST_ASSERT_EQUAL_HEX(ESP_OK,
esp_flash_read_encrypted(NULL, offset, readback, length));
TEST_ASSERT_EQUAL_HEX8_ARRAY(data, readback, length);
}
TEST_CASE("test read & write random encrypted data", "[flash_encryption]")
{
const int MAX_LEN = 192;
//buffer to hold the read data
WORD_ALIGNED_ATTR uint8_t buffer_to_write[MAX_LEN+4];
//test with unaligned buffer
uint8_t* data_buf = &buffer_to_write[3];
setup_tests();
esp_err_t err = esp_flash_erase_region(NULL, start, SPI_FLASH_SEC_SIZE);
TEST_ESP_OK(err);
//initialize the buffer to compare
uint8_t *cmp_buf = heap_caps_malloc(SPI_FLASH_SEC_SIZE, MALLOC_CAP_32BIT | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
assert(((intptr_t)cmp_buf % 4) == 0);
err = esp_flash_read_encrypted(NULL, start, cmp_buf, SPI_FLASH_SEC_SIZE);
TEST_ESP_OK(err);
srand(789);
uint32_t offset = 0;
do {
//the encrypted write only works at 16-byte boundary
int skip = (rand() % 4) * 16;
int len = ((rand() % (MAX_LEN/16)) + 1) * 16;
for (int i = 0; i < MAX_LEN; i++) {
data_buf[i] = rand();
}
offset += skip;
if (offset + len > SPI_FLASH_SEC_SIZE) {
if (offset > SPI_FLASH_SEC_SIZE) {
break;
}
len = SPI_FLASH_SEC_SIZE - offset;
}
printf("write %d bytes to 0x%08x...\n", len, start + offset);
err = esp_flash_write_encrypted(NULL, start + offset, data_buf, len);
TEST_ESP_OK(err);
memcpy(cmp_buf + offset, data_buf, len);
offset += len;
} while (offset < SPI_FLASH_SEC_SIZE);
offset = 0;
do {
int len = ((rand() % (MAX_LEN/16)) + 1) * 16;
if (offset + len > SPI_FLASH_SEC_SIZE) {
len = SPI_FLASH_SEC_SIZE - offset;
}
err = esp_flash_read_encrypted(NULL, start + offset, data_buf, len);
TEST_ESP_OK(err);
printf("compare %d bytes at 0x%08x...\n", len, start + offset);
TEST_ASSERT_EQUAL_HEX8_ARRAY(cmp_buf + offset, data_buf, len);
offset += len;
} while (offset < SPI_FLASH_SEC_SIZE);
free(cmp_buf);
}
static char TAG[] = "flash_encrypt_test";
static const char plainttext_data[] = "$$$$#### Welcome! This is flash encryption test, ..., ..., hello_world. &&&&***";
static void test_encrypted_write_new_impl(size_t offset, const uint8_t *data, size_t length)
{
uint8_t *readback = (uint8_t *)heap_caps_malloc(SPI_FLASH_SEC_SIZE, MALLOC_CAP_32BIT | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
printf("encrypt %d bytes at 0x%x\n", length, offset);
TEST_ASSERT_EQUAL_HEX(ESP_OK,
esp_flash_write_encrypted(NULL, offset, data, length));
TEST_ASSERT_EQUAL_HEX(ESP_OK,
esp_flash_read_encrypted(NULL, offset, readback, length));
TEST_ASSERT_EQUAL_HEX8_ARRAY(data, readback, length);
free(readback);
}
TEST_CASE("test 16 byte encrypted writes (esp_flash)", "[flash_encryption]")
{
setup_tests();
TEST_ASSERT_EQUAL_HEX(ESP_OK,
esp_flash_erase_region(NULL, start, SPI_FLASH_SEC_SIZE));
uint8_t fortyeight_bytes[0x30]; // 0, 1, 2, 3, 4... 47
for(int i = 0; i < sizeof(fortyeight_bytes); i++) {
fortyeight_bytes[i] = i;
}
/* Verify unaligned start or length fails */
TEST_ASSERT_EQUAL_HEX(ESP_ERR_INVALID_ARG,
esp_flash_write_encrypted(NULL, start+1, fortyeight_bytes, 32));
TEST_ASSERT_EQUAL_HEX(ESP_ERR_INVALID_SIZE,
esp_flash_write_encrypted(NULL, start, fortyeight_bytes, 15));
/* ensure nothing happened to the flash yet */
verify_erased_flash(start, 0x20);
/* Write 32 byte block, this is the "normal" encrypted write */
test_encrypted_write_new_impl(start, fortyeight_bytes, 0x20);
verify_erased_flash(start + 0x20, 0x20);
/* Slip in an unaligned esp_flash_read_encrypted() test */
uint8_t buf[0x10];
esp_flash_read_encrypted(NULL, start+0x10, buf, 0x10);
TEST_ASSERT_EQUAL_HEX8_ARRAY(fortyeight_bytes+0x10, buf, 16);
/* Write 16 bytes unaligned */
test_encrypted_write_new_impl(start + 0x30, fortyeight_bytes, 0x10);
/* the 16 byte regions before and after the 16 bytes we just wrote should still be 0xFF */
verify_erased_flash(start + 0x20, 0x10);
verify_erased_flash(start + 0x40, 0x10);
/* Write 48 bytes starting at a 32-byte aligned offset */
test_encrypted_write_new_impl(start + 0x40, fortyeight_bytes, 0x30);
/* 16 bytes after this write should still be 0xFF -unencrypted- */
verify_erased_flash(start + 0x70, 0x10);
/* Write 48 bytes starting at a 16-byte aligned offset */
test_encrypted_write_new_impl(start + 0x90, fortyeight_bytes, 0x30);
/* 16 bytes after this write should still be 0xFF -unencrypted- */
verify_erased_flash(start + 0x120, 0x10);
}
TEST_CASE("test read & write encrypted data(32 bytes alianed address)", "[flash_encryption]")
{
setup_tests();
TEST_ESP_OK(esp_flash_erase_region(NULL, start, SPI_FLASH_SEC_SIZE));
start = (start + 31) & (~31); // round up to 32 byte boundary
ESP_LOG_BUFFER_HEXDUMP(TAG, plainttext_data, sizeof(plainttext_data), ESP_LOG_INFO);
printf("Encrypteed writting......\n");
TEST_ESP_OK(esp_flash_write_encrypted(NULL, start, plainttext_data, sizeof(plainttext_data)));
uint8_t *cmp_encrypt_buf = heap_caps_malloc(SPI_FLASH_SEC_SIZE, MALLOC_CAP_32BIT | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
printf("Encrypted reading......\n");
TEST_ESP_OK(esp_flash_read_encrypted(NULL, start, cmp_encrypt_buf, SPI_FLASH_SEC_SIZE));
ESP_LOG_BUFFER_HEXDUMP(TAG, cmp_encrypt_buf, sizeof(plainttext_data), ESP_LOG_INFO);
TEST_ASSERT_EQUAL_HEX8_ARRAY(plainttext_data, cmp_encrypt_buf, sizeof(plainttext_data));
uint8_t *cmp_normal_buf = heap_caps_malloc(SPI_FLASH_SEC_SIZE, MALLOC_CAP_32BIT | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
TEST_ESP_OK(esp_flash_read(NULL, cmp_normal_buf, start, SPI_FLASH_SEC_SIZE));
printf("Normal read(esp_flash_read)......\n");
ESP_LOG_BUFFER_HEXDUMP(TAG, cmp_normal_buf, sizeof(plainttext_data), ESP_LOG_INFO);
free(cmp_normal_buf);
free(cmp_encrypt_buf);
}
TEST_CASE("test read & write encrypted data(16 bytes alianed but 32 bytes unaligned)", "[flash_encryption]")
{
setup_tests();
TEST_ESP_OK(esp_flash_erase_region(NULL, start, SPI_FLASH_SEC_SIZE));
do {
start++;
} while ((start % 16) != 0);
if (start % 32 == 0) {
start += 16;
}
printf("Write data partition @ 0x%x\n", start);
ESP_LOG_BUFFER_HEXDUMP(TAG, plainttext_data, sizeof(plainttext_data), ESP_LOG_INFO);
printf("Encrypteed writting......\n");
TEST_ESP_OK(esp_flash_write_encrypted(NULL, start, plainttext_data, sizeof(plainttext_data)));
uint8_t *cmp_encrypt_buf = heap_caps_malloc(SPI_FLASH_SEC_SIZE, MALLOC_CAP_32BIT | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
printf("Encrypted reading......\n");
TEST_ESP_OK(esp_flash_read_encrypted(NULL, start, cmp_encrypt_buf, SPI_FLASH_SEC_SIZE));
ESP_LOG_BUFFER_HEXDUMP(TAG, cmp_encrypt_buf, sizeof(plainttext_data), ESP_LOG_INFO);
TEST_ASSERT_EQUAL_HEX8_ARRAY(plainttext_data, cmp_encrypt_buf, sizeof(plainttext_data));
uint8_t *cmp_normal_buf = heap_caps_malloc(SPI_FLASH_SEC_SIZE, MALLOC_CAP_32BIT | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
TEST_ESP_OK(esp_flash_read(NULL, cmp_normal_buf, start, SPI_FLASH_SEC_SIZE));
printf("Normal read(esp_flash_read)......\n");
ESP_LOG_BUFFER_HEXDUMP(TAG, cmp_normal_buf, sizeof(plainttext_data), ESP_LOG_INFO);
free(cmp_normal_buf);
free(cmp_encrypt_buf);
}
static const uint8_t large_const_buffer[16432] = {
203, // first byte
1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20,
21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37,
[50 ... 99] = 2,
[108 ... 1520] = 0x9b,
[1600 ... 2000] = 0x3d,
[8000 ... 9000] = 0xf7,
[15000 ... 16398] = 0xe8,
43, 0x7f,
[16401 ... 16430] = 0xd1,
202, // last byte
};
TEST_CASE("test read & write encrypted data with large buffer(n*64+32+16)", "[flash_encryption]")
{
// The tested buffer should be n*64(or n*32)+16 bytes.
setup_tests();
TEST_ESP_OK(esp_flash_erase_region(NULL, start, 5 * 4096));
printf("Encrypteed writting......\n");
TEST_ESP_OK(esp_flash_write_encrypted(NULL, start, large_const_buffer, sizeof(large_const_buffer)));
uint8_t *buf = (uint8_t*)heap_caps_malloc(sizeof(large_const_buffer), MALLOC_CAP_32BIT | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
TEST_ESP_OK(esp_flash_read_encrypted(NULL, start, buf, sizeof(large_const_buffer)));
TEST_ASSERT_EQUAL_HEX8_ARRAY(buf, large_const_buffer, sizeof(large_const_buffer));
free(buf);
}
#endif // CONFIG_SECURE_FLASH_ENC_ENABLED

5
components/spi_flash/test_apps/flash_encryption/partitions.csv Normal file
View File

@@ -0,0 +1,5 @@
# Name, Type, SubType, Offset, Size, Flags
# Note: if you have increased the bootloader size, make sure to update the offsets to avoid overlap
nvs, data, nvs, 0x9000, 0x6000,
factory, 0, 0, 0x10000, 1M
flash_test, data, fat, , 528K
1 # Name, Type, SubType, Offset, Size, Flags
2 # Note: if you have increased the bootloader size, make sure to update the offsets to avoid overlap
3 nvs, data, nvs, 0x9000, 0x6000,
4 factory, 0, 0, 0x10000, 1M
5 flash_test, data, fat, , 528K

51
components/spi_flash/test_apps/flash_encryption/pytest_flash_encrypted.py Normal file
View File

@@ -0,0 +1,51 @@
# SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
# SPDX-License-Identifier: Apache-2.0
import pytest
from pytest_embedded import Dut
@pytest.mark.esp32
@pytest.mark.esp32c3
@pytest.mark.flash_encryption
@pytest.mark.parametrize(
'config',
[
'release',
],
indirect=True,
)
def test_flash_encryption(dut: Dut) -> None:
dut.expect_exact('Press ENTER to see the list of tests')
dut.write('*')
dut.expect_unity_test_output()
@pytest.mark.esp32s3
@pytest.mark.flash_encryption_f4r8
@pytest.mark.parametrize(
'config',
[
'release_f4r8',
],
indirect=True,
)
def test_flash_encryption_f4r8(dut: Dut) -> None:
dut.expect_exact('Press ENTER to see the list of tests')
dut.write('*')
dut.expect_unity_test_output()
@pytest.mark.esp32s3
@pytest.mark.flash_encryption_f8r8
@pytest.mark.parametrize(
'config',
[
'release_f8r8',
],
indirect=True,
)
def test_flash_encryption_f8r8(dut: Dut) -> None:
dut.expect_exact('Press ENTER to see the list of tests')
dut.write('*')
dut.expect_unity_test_output()

15
components/spi_flash/test_apps/flash_encryption/sdkconfig.ci.release Normal file
View File

@@ -0,0 +1,15 @@
CONFIG_ESP_TASK_WDT=n
CONFIG_FREERTOS_USE_TICKLESS_IDLE=y
CONFIG_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_BOOTLOADER_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_SILENT=y
CONFIG_PARTITION_TABLE_CUSTOM=y
CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=y
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=y
CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED=y

17
components/spi_flash/test_apps/flash_encryption/sdkconfig.ci.release_f4r8 Normal file
View File

@@ -0,0 +1,17 @@
CONFIG_ESP_TASK_WDT=n
CONFIG_FREERTOS_USE_TICKLESS_IDLE=y
CONFIG_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_BOOTLOADER_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_SILENT=y
CONFIG_PARTITION_TABLE_CUSTOM=y
CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=y
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=y
CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED=y
CONFIG_SPIRAM_MODE_OCT=y
CONFIG_SPIRAM_TYPE_AUTO=y

18
components/spi_flash/test_apps/flash_encryption/sdkconfig.ci.release_f8r8 Normal file
View File

@@ -0,0 +1,18 @@
CONFIG_ESP_TASK_WDT=n
CONFIG_FREERTOS_USE_TICKLESS_IDLE=y
CONFIG_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_BOOTLOADER_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_SILENT=y
CONFIG_PARTITION_TABLE_CUSTOM=y
CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=y
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=y
CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED=y
CONFIG_SPIRAM_MODE_OCT=y
CONFIG_SPIRAM_TYPE_AUTO=y
CONFIG_ESPTOOLPY_FLASHMODE_OPI=y

11
components/spi_flash/test_apps/flash_encryption/sdkconfig.defaults Normal file
View File

@@ -0,0 +1,11 @@
CONFIG_ESP_TASK_WDT=n
CONFIG_PARTITION_TABLE_CUSTOM=y
CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=y
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=y
CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED=y