Merge branch 'bugfix/bootloader_skip_verify_jtag_v4.1' into 'release/v4.1'

bootloader_support: don't check signature when JTAG is attached (v4.1)

See merge request espressif/esp-idf!10379

components/bootloader_support/src/esp_image_format.c

@@ -220,8 +220,17 @@ static esp_err_t image_load(esp_image_load_mode_t mode, const esp_partition_pos_
 
 #ifdef SECURE_BOOT_CHECK_SIGNATURE
             // secure boot images have a signature appended
-            err = verify_secure_boot_signature(sha_handle, data, image_digest, verified_digest);
-#else
+#if defined(BOOTLOADER_BUILD) && !defined(CONFIG_SECURE_BOOT)
+            // If secure boot is not enabled in hardware, then
+            // skip the signature check in bootloader when the debugger is attached.
+            // This is done to allow for breakpoints in Flash.
+            if (!esp_cpu_in_ocd_debug_mode()) {
+#else // CONFIG_SECURE_BOOT
+            if (true) {
+#endif // end checking for JTAG
+                err = verify_secure_boot_signature(sha_handle, data, image_digest, verified_digest);
+            }
+#else // SECURE_BOOT_CHECK_SIGNATURE
             // No secure boot, but SHA-256 can be appended for basic corruption detection
             if (sha_handle != NULL && !esp_cpu_in_ocd_debug_mode()) {
                 err = verify_simple_hash(sha_handle, data);