espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-03 20:54:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bugfix/secure_ota_without_padding_v5.1' into 'release/v5.1'

Browse Source 
fix(secure_ota): secure app verification issue without padding bytes (v5.1)

See merge request espressif/esp-idf!25211
This commit is contained in:
Mahavir Jain
2023-08-23 18:15:30 +08:00
parent 6cca4bddd2 5e0129c91b
commit 0f849d4c40
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
components/bootloader_support/src/esp_image_format.c
View File

@@ -864,7 +864,7 @@ static esp_err_t verify_secure_boot_signature(bootloader_sha256_handle_t sha_han
bootloader_munmap(simple_hash); bootloader_munmap(simple_hash);
} }
#if CONFIG_SECURE_BOOT_V2_ENABLED #if CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME || CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME
// End of the image needs to be padded all the way to a 4KB boundary, after the simple hash // End of the image needs to be padded all the way to a 4KB boundary, after the simple hash
// (for apps they are usually already padded due to --secure-pad-v2, only a problem if this option was not used.) // (for apps they are usually already padded due to --secure-pad-v2, only a problem if this option was not used.)
uint32_t padded_end = ALIGN_UP(end, FLASH_SECTOR_SIZE); uint32_t padded_end = ALIGN_UP(end, FLASH_SECTOR_SIZE);
@@ -874,7 +874,7 @@ static esp_err_t verify_secure_boot_signature(bootloader_sha256_handle_t sha_han
bootloader_munmap(padding); bootloader_munmap(padding);
end = padded_end; end = padded_end;
} }
#endif #endif // CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME || CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME
bootloader_sha256_finish(sha_handle, image_digest); bootloader_sha256_finish(sha_handle, image_digest);