alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-11-24 12:00:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f2f62b590d445436a70a367a8d1ce8374b51b9f4
esp-idf/examples/security/flash_encryption/sdkconfig.ci.rom_impl
Laukik Hase 1ea0fc261d change(nvs_sec_provider): Make the HMAC-based NVS security scheme default for supported SoCs 
- When NVS encryption is enabled on SoCs with the HMAC peripheral that have flash encryption
  enabled, the HMAC-based NVS encryption scheme is now selected as default instead of the
  flash encryption-based scheme.
- If your application previously used the flash encryption-based scheme, you need to manually
  configure the NVS encryption scheme to flash encryption from HMAC through ``menuconfig``
  or your project's ``sdkconfig`` (i.e., setting ``CONFIG_NVS_SEC_KEY_PROTECT_USING_FLASH_ENC=y``).
2025-09-19 10:38:38 +05:30

16 lines
590 B
Plaintext
Raw Blame History

# Configurations for flash encryption.
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=y
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=y
CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED=y
CONFIG_NVS_SEC_KEY_PROTECT_USING_FLASH_ENC=y
CONFIG_SPI_FLASH_ROM_IMPL=y
CONFIG_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_BOOTLOADER_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_SILENT=y
Reference in New Issue View Git Blame Copy Permalink