From 801bbcc7add2847f54263a7272a5960f1ee8271c Mon Sep 17 00:00:00 2001 From: Supreet Deshpande Date: Fri, 18 Dec 2020 14:14:42 +0530 Subject: [PATCH] Secure boot v2: Fixes the issue of passing the flash calculated digest for ota verification. --- .../bootloader_support/src/idf/secure_boot_signatures.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/bootloader_support/src/idf/secure_boot_signatures.c b/components/bootloader_support/src/idf/secure_boot_signatures.c index ee541445bd..ca66be7059 100644 --- a/components/bootloader_support/src/idf/secure_boot_signatures.c +++ b/components/bootloader_support/src/idf/secure_boot_signatures.c @@ -260,8 +260,8 @@ esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signa goto exit; } - ret = mbedtls_rsa_rsassa_pss_verify( &pk, mbedtls_ctr_drbg_random, &ctr_drbg, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA256, 32, - sig_block->block[i].image_digest, sig_be); + ret = mbedtls_rsa_rsassa_pss_verify( &pk, mbedtls_ctr_drbg_random, &ctr_drbg, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA256, DIGEST_LEN, + image_digest, sig_be); if (ret != 0) { ESP_LOGE(TAG, "Failed mbedtls_rsa_rsassa_pss_verify, err: %d", ret); } else {