alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-11-14 09:14:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
bfe6b51ac97ac4dd62d5824cc81862380e2ca75c
esp-idf/examples/system/ota/advanced_https_ota/sdkconfig.ci.anti_rollback
Laukik Hase 1ea0fc261d change(nvs_sec_provider): Make the HMAC-based NVS security scheme default for supported SoCs 
- When NVS encryption is enabled on SoCs with the HMAC peripheral that have flash encryption
  enabled, the HMAC-based NVS encryption scheme is now selected as default instead of the
  flash encryption-based scheme.
- If your application previously used the flash encryption-based scheme, you need to manually
  configure the NVS encryption scheme to flash encryption from HMAC through ``menuconfig``
  or your project's ``sdkconfig`` (i.e., setting ``CONFIG_NVS_SEC_KEY_PROTECT_USING_FLASH_ENC=y``).
2025-09-19 10:38:38 +05:30

42 lines
1.6 KiB
Plaintext
Raw Blame History

CONFIG_EXAMPLE_FIRMWARE_UPGRADE_URL="FROM_STDIN"
CONFIG_EXAMPLE_SKIP_COMMON_NAME_CHECK=y
CONFIG_EXAMPLE_SKIP_VERSION_CHECK=y
CONFIG_EXAMPLE_OTA_RECV_TIMEOUT=3000
CONFIG_PARTITION_TABLE_CUSTOM=y
CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="anti_rollback_partition.csv"
CONFIG_PARTITION_TABLE_FILENAME="anti_rollback_partition.csv"
CONFIG_PARTITION_TABLE_OFFSET=0xd000
CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y
CONFIG_ESPTOOLPY_FLASHSIZE="4MB"
CONFIG_BOOTLOADER_APP_ROLLBACK_ENABLE=y
CONFIG_BOOTLOADER_APP_ANTI_ROLLBACK=y
CONFIG_BOOTLOADER_APP_SECURE_VERSION=1
CONFIG_EXAMPLE_CONNECT_ETHERNET=y
CONFIG_EXAMPLE_CONNECT_WIFI=n
CONFIG_EXAMPLE_USE_INTERNAL_ETHERNET=y
CONFIG_EXAMPLE_ETH_PHY_IP101=y
CONFIG_EXAMPLE_ETH_MDC_GPIO=23
CONFIG_EXAMPLE_ETH_MDIO_GPIO=18
CONFIG_EXAMPLE_ETH_PHY_RST_GPIO=5
CONFIG_EXAMPLE_ETH_PHY_ADDR=1
CONFIG_MBEDTLS_TLS_CLIENT_ONLY=y
CONFIG_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_EXAMPLE_CONNECT_IPV6=n
# Default settings for testing this example in CI.
# This configuration is not secure, don't use it in production!
# See Flash Encryption API Guide for more details.
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=y
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=y
CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED=y
CONFIG_NVS_ENCRYPTION=n # this test combination is only for flash encryption and anti-rollback use-case and hence disabling it.
CONFIG_NVS_SEC_KEY_PROTECT_USING_FLASH_ENC=y
Reference in New Issue View Git Blame Copy Permalink