feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

Merge branch 'bugfix/bootloader_skip_verify_jtag_v4.1' into 'release/v4.1'

Browse Source 
bootloader_support: don't check signature when JTAG is attached (v4.1)

See merge request espressif/esp-idf!10379
This commit is contained in:
Angus Gratton
2020-09-15 15:06:17 +08:00
parent b022bb2770 42e694bb8f
commit ab98baff14
1 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
components/bootloader_support/src/esp_image_format.c
View File

@@ -220,8 +220,17 @@ static esp_err_t image_load(esp_image_load_mode_t mode, const esp_partition_pos_
#ifdef SECURE_BOOT_CHECK_SIGNATURE #ifdef SECURE_BOOT_CHECK_SIGNATURE
// secure boot images have a signature appended // secure boot images have a signature appended
err = verify_secure_boot_signature(sha_handle, data, image_digest, verified_digest); #if defined(BOOTLOADER_BUILD) && !defined(CONFIG_SECURE_BOOT)
#else // If secure boot is not enabled in hardware, then
// skip the signature check in bootloader when the debugger is attached.
// This is done to allow for breakpoints in Flash.
if (!esp_cpu_in_ocd_debug_mode()) {
#else // CONFIG_SECURE_BOOT
if (true) {
#endif // end checking for JTAG
err = verify_secure_boot_signature(sha_handle, data, image_digest, verified_digest);
}
#else // SECURE_BOOT_CHECK_SIGNATURE
// No secure boot, but SHA-256 can be appended for basic corruption detection // No secure boot, but SHA-256 can be appended for basic corruption detection
if (sha_handle != NULL && !esp_cpu_in_ocd_debug_mode()) { if (sha_handle != NULL && !esp_cpu_in_ocd_debug_mode()) {
err = verify_simple_hash(sha_handle, data); err = verify_simple_hash(sha_handle, data);