feat: Add API to verify the bootloader and app image
Added an API to verify the bootloader and app image before revoking the key in Secure Boot V2. This will help in preventing the device to be bricked if the bootloader/application cannot be verified by any other keys in efuse
This commit is contained in:
Harshit Malpani
@@ -350,10 +350,10 @@ typedef enum {
|
||||
} esp_ota_secure_boot_public_key_index_t;
|
||||
|
||||
/**
|
||||
* @brief Revokes the old signature digest. To be called in the application after the rollback logic.
|
||||
* @brief Revokes the signature digest denoted by the given index. This should be called in the application only after the rollback logic otherwise the device may end up in unrecoverable state.
|
||||
*
|
||||
* Relevant for Secure boot v2 on ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6, ESP32-H2 where up to 3 key digests can be stored (Key \#N-1, Key \#N, Key \#N+1).
|
||||
* When key \#N-1 used to sign an app is invalidated, an OTA update is to be sent with an app signed with key \#N-1 & Key \#N.
|
||||
* When a key used to sign an app is invalidated, an OTA update is to be sent with an app signed with at least one of the other two keys which has not been revoked already.
|
||||
* After successfully booting the OTA app should call this function to revoke Key \#N-1.
|
||||
*
|
||||
* @param index - The index of the signature block to be revoked
|
||||
|
||||
Reference in New Issue
Block a user