Merge branch 'bugfix/fix_condition_to_verify_when_no_SB_v5.0' into 'release/v5.0'

fix(bootloader_support): Fix condition for checking signature in the application (v5.0) See merge request espressif/esp-idf!26226
2025-11-03 16:41:44 +01:00 · 2023-09-27 18:14:46 +08:00
parent 6c9b6207b2 c71801f9fa
commit f2077b13fb
2 changed files with 7 additions and 9 deletions
--- a/components/bootloader/Kconfig.projbuild
+++ b/components/bootloader/Kconfig.projbuild
@@ -691,14 +691,12 @@ menu "Security features"

    config SECURE_BOOT_VERIFICATION_KEY
        string "Secure boot public signature verification key"
-        depends on SECURE_SIGNED_APPS && !SECURE_BOOT_BUILD_SIGNED_BINARIES && !SECURE_SIGNED_APPS_RSA_SCHEME
+        depends on SECURE_SIGNED_APPS && SECURE_SIGNED_APPS_ECDSA_SCHEME && !SECURE_BOOT_BUILD_SIGNED_BINARIES
        default "signature_verification_key.bin"
        help
            Path to a public key file used to verify signed images.
            Secure Boot V1: This ECDSA public key is compiled into the bootloader and/or
            app, to verify app images.
-            Secure Boot V2: This RSA public key is compiled into the signature block at
-            the end of the bootloader/app.

            Key file is in raw binary format, and can be extracted from a
            PEM formatted private key using the espsecure.py