Angus Gratton
3783e28f0e
bootloader: Check all partitions fit inside configured flash size
2016-12-30 14:19:46 +11:00
Angus Gratton
d6fafd00db
Secure boot: Option for app & partition table signing to happen outside build system
2016-12-19 13:12:05 +11:00
Angus Gratton
ceb8566970
Flash encryption / secure boot: Temporarily disable on-device key generation
...
Will be enabled after seeding of HWRNG in bootloader is fully tested/qualified.
2016-12-01 23:49:13 -08:00
Angus Gratton
a9d5e26748
Secure boot: Correctly re-sign if signing key changes, better error if missing
2016-12-01 23:49:12 -08:00
Angus Gratton
506c8cd964
secure boot & flash encryption: Rework configuration options
...
Add UART bootloader disable options for flash encryption
2016-12-01 23:49:12 -08:00
Angus Gratton
9eb135fd73
Flash encryption: Support enabling flash encryption in bootloader, app support
...
* App access functions are all flash encryption-aware
* Documentation for flash encryption
* Partition read/write is flash aware
* New encrypted write function
2016-12-01 23:49:12 -08:00
Angus Gratton
c48612e516
mbedTLS SHA acceleration: Allow concurrent digest calculation, works with TLS
...
SHA hardware allows each of SHA1, SHA256, SHA384&SHA512 to calculate digests
concurrently.
Currently incompatible with AES acceleration due to a hardware reset problem.
Ref TW7111.
2016-11-22 20:42:38 +11:00
Angus Gratton
60f29236f6
Build system: Raise warning level
...
Default esp-idf builds now show -Wextra warnings (except for a few:
signed/unsigned comparison, unused parameters, old-style C declarations.)
CI building of examples runs with that level raised to -Werror, to catch
those changes going into the main repo.
2016-11-16 15:57:34 +11:00
Angus Gratton
c15024e629
Merge branch 'master' into feature/build_component_project_vars
2016-11-14 14:54:41 +11:00
Angus Gratton
8691b54758
secure boot: Rename efuse option for UART bootloader to option for ROM interpreter
2016-11-14 11:08:42 +11:00
Angus Gratton
e459f803da
secure boot: Functional partition table & app signature verification
2016-11-14 11:08:42 +11:00
Angus Gratton
fe66dd85f0
secure boot: Enable based on sdkconfig, remove "secure boot flag" from binary image
2016-11-14 11:08:42 +11:00
Angus Gratton
7402a1b973
partition_table: Move from 0x4000 to 0x8000
...
Also fix a bug with correctly padding bootloader image when length is
already a multiple of 16.
2016-11-14 11:08:42 +11:00
Angus Gratton
64f3893cb9
secure boot: Derive secure bootloader key from private key
...
Means only one key needs to be managed.
2016-11-14 11:08:42 +11:00
Angus Gratton
b5de581399
Secure boot: initial image signature support
2016-11-14 11:08:42 +11:00
Angus Gratton
98a0387854
bootloader_support: Move secure boot code to bootloader_support
2016-11-08 11:13:54 +11:00
Angus Gratton
aceb6517c0
Refactor existing bootloader common functionality into bootloader_support component
2016-11-02 17:58:41 +11:00