• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2015-2019 Espressif Systems (Shanghai) PTE LTD
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #include <strings.h>
16 #include "sdkconfig.h"
17 #include "esp_log.h"
18 #include "esp_efuse.h"
19 #include "esp_efuse_table.h"
20 #include "esp_secure_boot.h"
21 
22 #ifndef BOOTLOADER_BUILD
23 static __attribute__((unused)) const char *TAG = "secure_boot";
24 
25 #if CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
26 
rsa_check_signature_on_update_check(void)27 static void rsa_check_signature_on_update_check(void)
28 {
29     // We rely on the keys used to sign this app to verify the next app on OTA, so make sure there is at
30     // least one to avoid a stuck firmware
31     esp_image_sig_public_key_digests_t digests = { 0 };
32 
33     esp_err_t err = esp_secure_boot_get_signature_blocks_for_running_app(false, &digests);
34 
35     if (err != ESP_OK || digests.num_digests == 0) {
36         ESP_LOGE(TAG, "This app is not signed, but check signature on update is enabled in config. It won't be possible to verify any update.");
37         abort();
38     }
39 #if CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT && SECURE_BOOT_NUM_BLOCKS > 1
40     if (digests.num_digests > 1) {
41         ESP_LOGW(TAG, "App has %d signatures. Only the first position of signature blocks is used to verify any update", digests.num_digests);
42     }
43 #endif
44 }
45 #endif // CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
46 
esp_secure_boot_init_checks(void)47 void esp_secure_boot_init_checks(void)
48 {
49 
50 
51 
52 #if CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
53     rsa_check_signature_on_update_check();
54 #endif // CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
55 
56 }
57 #endif // not BOOTLOADER_BUILD
58