Crash_Override/OVMS3-idf
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
OVMS3-idf/components/bootloader_support/src
History
Anurag Kar 62b0d51c02 Enable secure boot only after encrypting flash 
This prevents a device from being bricked in case when both secure boot & flash encryption are enabled and encryption gets interrupted during first boot. After interruption, all partitions on the device need to be reflashed (including the bootloader).

List of changes:
* Secure boot key generation and bootloader digest generation logic, implemented inside function esp_secure_boot_permanently_enable(), has been pulled out into new API esp_secure_boot_generate_digest(). The enabling of R/W protection of secure boot key on EFUSE still happens inside esp_secure_boot_permanently_enable()
* Now esp_secure_boot_permanently_enable() is called only after flash encryption process completes
* esp_secure_boot_generate_digest() is called before flash encryption process starts
2019-04-10 18:17:58 +05:30
..
bootloader_clock.c separate rom from esp32 component to esp_rom 2019-03-21 18:51:45 +08:00
bootloader_common.c separate rom from esp32 component to esp_rom 2019-03-21 18:51:45 +08:00
bootloader_flash.c separate rom from esp32 component to esp_rom 2019-03-21 18:51:45 +08:00
bootloader_init.c separate rom from esp32 component to esp_rom 2019-03-21 18:51:45 +08:00
bootloader_random.c esp32: Add esp_fill_random() function 2018-09-03 04:39:45 +00:00
bootloader_sha.c separate rom from esp32 component to esp_rom 2019-03-21 18:51:45 +08:00
bootloader_utility.c Enable secure boot only after encrypting flash 2019-04-10 18:17:58 +05:30
esp_image_format.c separate rom from esp32 component to esp_rom 2019-03-21 18:51:45 +08:00
flash_encrypt.c Enable secure boot only after encrypting flash 2019-04-10 18:17:58 +05:30
flash_partitions.c separate rom from esp32 component to esp_rom 2019-03-21 18:51:45 +08:00
flash_qio_mode.c separate rom from esp32 component to esp_rom 2019-03-21 18:51:45 +08:00
secure_boot.c Enable secure boot only after encrypting flash 2019-04-10 18:17:58 +05:30
secure_boot_signatures.c bootloader: use mbedTLS for secure boot verification in firmware 2019-04-01 15:46:52 +05:30