alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-29 13:45:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

change: Add error logs for secure boot scheme and key mismatch

Browse Source
This commit is contained in:
Harshit Malpani
2024-05-30 16:19:49 +05:30
parent e863e6069c
commit ff16ce4314
6 changed files with 59 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/bootloader_support/src/secure_boot_v2/secure_boot.c
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2015-2022 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/

4
components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_app.c
View File

@@ -44,6 +44,10 @@ static esp_err_t validate_signature_block(const ets_secure_boot_sig_block_t *blo
|| block->block_crc != esp_rom_crc32_le(0, (uint8_t *)block, CRC_SIGN_BLOCK_LEN)) {
return ESP_FAIL;
}
if (block->version != ESP_SECURE_BOOT_SCHEME) {
ESP_LOGE(TAG, "%s signing scheme selected but signature block generated for %s scheme", esp_secure_boot_get_scheme_name(ESP_SECURE_BOOT_SCHEME), esp_secure_boot_get_scheme_name(block->version));
return ESP_FAIL;
}
return ESP_OK;
}

16
components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_bootloader.c
View File

@@ -61,6 +61,10 @@ static esp_err_t validate_signature_block(const ets_secure_boot_sig_block_t *blo
|| block->block_crc != esp_rom_crc32_le(0, (uint8_t *)block, CRC_SIGN_BLOCK_LEN)) {
return ESP_FAIL;
}
if (block->version != ESP_SECURE_BOOT_SCHEME) {
ESP_LOGE(TAG, "%s signing scheme selected but signature block generated for %s scheme", esp_secure_boot_get_scheme_name(ESP_SECURE_BOOT_SCHEME), esp_secure_boot_get_scheme_name(block->version));
return ESP_FAIL;
}
return ESP_OK;
}
@@ -148,9 +152,21 @@ esp_err_t esp_secure_boot_verify_sbv2_signature_block(const ets_secure_boot_sign
int sb_result = ets_secure_boot_verify_signature(sig_block, image_digest, trusted.key_digests[0], verified_digest);
#else
ets_secure_boot_key_digests_t trusted_key_digests = {0};
bool valid_sig_blk = false;
for (unsigned i = 0; i < SECURE_BOOT_NUM_BLOCKS; i++) {
if (sig_block->block[i].version != ESP_SECURE_BOOT_SCHEME) {
ESP_LOGD(TAG, "%s signing scheme selected but signature block %d generated for %s scheme", esp_secure_boot_get_scheme_name(ESP_SECURE_BOOT_SCHEME), i, esp_secure_boot_get_scheme_name(sig_block->block[i].version));
continue;
} else {
valid_sig_blk = true;
}
trusted_key_digests.key_digests[i] = &trusted.key_digests[i];
}
if (valid_sig_blk != true) {
ESP_LOGE(TAG, "No signature block generated for valid scheme");
ESP_LOGE(TAG, "%s signing scheme selected but no signature block for the selected scheme", esp_secure_boot_get_scheme_name(ESP_SECURE_BOOT_SCHEME));
return ESP_FAIL;
}
// Key revocation happens in ROM bootloader.
// Do NOT allow key revocation while verifying application