From 650c64a840f561907afcd9d68669030d55cbfe58 Mon Sep 17 00:00:00 2001 From: Harshit Malpani Date: Wed, 31 Jan 2024 12:22:26 +0530 Subject: [PATCH] fix(app_update): Fix reading secure boot digest from register While reading the key from the register, the register are read by 8 bit access which results in reading wrong data. Reading from the peripheral should be 32 bit aligned. The commit updates the code to read the secure boot key from the register using 32 bit access. Closes https://github.com/espressif/esp-idf/issues/12851 --- components/app_update/esp_ota_ops.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/app_update/esp_ota_ops.c b/components/app_update/esp_ota_ops.c index 766c2b4a6b..489bc8af07 100644 --- a/components/app_update/esp_ota_ops.c +++ b/components/app_update/esp_ota_ops.c @@ -924,8 +924,8 @@ esp_err_t esp_ota_revoke_secure_boot_public_key(esp_ota_secure_boot_public_key_i if (trusted_keys.key_digests[i] != NULL) { bool all_zeroes = true; - for (unsigned j = 0; j < ESP_SECURE_BOOT_DIGEST_LEN; j++) { - all_zeroes = all_zeroes && (*(uint8_t *)(trusted_keys.key_digests[i] + j) == 0); + for (unsigned j = 0; j < ESP_SECURE_BOOT_DIGEST_LEN; j+=4) { + all_zeroes = all_zeroes && (*(uint32_t *)(trusted_keys.key_digests[i] + j) == 0); } if (!all_zeroes) { memcpy(trusted_digests.key_digests[trusted_digests.num_digests++], (uint8_t *)trusted_keys.key_digests[i], ESP_SECURE_BOOT_DIGEST_LEN);