Inicio Explorar Axuda
Iniciar sesión
RT-Thread-packages
/
esp-idf
réplica de https://github-proxy.rt-thread.io/RT-Thread-packages/esp-idf.git
2
0
Fork 0
Ficheiros Incidencias 0 Wiki
Rama: master
Ramas Etiquetas
esp-idf
/
components
/
bootloader_support
/
private_include
/
bootloader_signature.h

bootloader_signature.h 2.4 KB
Permalink Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 
  1. /*
    2. 

  2.  * SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
    3. 

  3.  *
    4. 

  4.  * SPDX-License-Identifier: Apache-2.0
    5. 

  5.  */
    6. 

  6. #pragma once
    7. 

  7. 

  8. #include "sdkconfig.h"
    9. 

  9. #include <esp_err.h>
    10. 

  10. #include <stdint.h>
    11. 

  11. 

  12. #if CONFIG_IDF_TARGET_ESP32
    13. 

  13. #include "esp32/rom/secure_boot.h"
    14. 

  14. #elif CONFIG_IDF_TARGET_ESP32S2
    15. 

  15. #include "esp32s2/rom/secure_boot.h"
    16. 

  16. #elif CONFIG_IDF_TARGET_ESP32C3
    17. 

  17. #include "esp32c3/rom/secure_boot.h"
    18. 

  18. #elif CONFIG_IDF_TARGET_ESP32S3
    19. 

  19. #include "esp32s3/rom/secure_boot.h"
    20. 

  20. #elif CONFIG_IDF_TARGET_ESP32C2
    21. 

  21. #include "esp32c2/rom/secure_boot.h"
    22. 

  22. #elif CONFIG_IDF_TARGET_ESP32C6
    23. 

  23. #include "esp32c6/rom/secure_boot.h"
    24. 

  24. #elif CONFIG_IDF_TARGET_ESP32H2
    25. 

  25. #include "esp32h2/rom/secure_boot.h"
    26. 

  26. #elif CONFIG_IDF_TARGET_ESP32P4
    27. 

  27. #include "esp32p4/rom/secure_boot.h"
    28. 

  28. #endif
    29. 

  29. 

  30. #if !CONFIG_IDF_TARGET_ESP32 || CONFIG_ESP32_REV_MIN_FULL >= 300
    31. 

  31. 

  32. #if CONFIG_SECURE_BOOT_V2_ENABLED || CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT
    33. 

  33. 

  34. /** @brief Verify the secure boot signature block for Secure Boot V2.
    35. 

  35.  *
    36. 

  36.  *  Performs RSA-PSS or ECDSA verification of the SHA-256 image based on the public key
    37. 

  37.  *  in the signature block, compared against the public key digest stored in efuse.
    38. 

  38.  *
    39. 

  39.  * Similar to esp_secure_boot_verify_signature(), but can be used when the digest is precalculated.
    40. 

  40.  * @param sig_block Pointer to signature block data
    41. 

  41.  * @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.
    42. 

  42.  * @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)
    43. 

  43.  *
    44. 

  44.  */
    45. 

  45. esp_err_t esp_secure_boot_verify_sbv2_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest);
    46. 

  46. 

  47. /** @brief Legacy function to verify RSA secure boot signature block for Secure Boot V2.
    48. 

  48.  *
    49. 

  49.  * @note This is kept for backward compatibility. It internally calls esp_secure_boot_verify_sbv2_signature_block.
    50. 

  50.  *
    51. 

  51.  * @param sig_block Pointer to RSA signature block data
    52. 

  52.  * @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.
    53. 

  53.  * @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)
    54. 

  54.  *
    55. 

  55.  */
    56. 

  56. esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest);
    57. 

  57. 

  58. #endif /* CONFIG_SECURE_BOOT_V2_ENABLED || CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT */
    59. 

  59. 

  60. #endif
    61.