Features/secure boot enabling (#5)

Catalin Ioana · web-flow · commit fe4860a98c67 · 2018-03-16T11:27:02.000+02:00
components/bootloader_support: Enabled Secure Boot with re-flashable bootloader in wifi_scan project, add default a real key for signing partitions, workaround for an IDF bug, debug has to enabled for reflashable bootloader
diff --git a/components/bootloader/subproject/signature_verification_key.bin b/components/bootloader/subproject/signature_verification_key.bin
@@ -0,0 +1 @@
+Y��IA))��->!�Pb4k��J�ʬHe���toȡ��K�/��؆��r��fM��D;��|(E
diff --git a/components/bootloader_support/src/esp_image_format.c b/components/bootloader_support/src/esp_image_format.c
@@ -18,6 +18,7 @@
 #include <soc/cpu.h>
 #include <esp_image_format.h>
 #include <esp_secure_boot.h>
+#define LOG_LOCAL_LEVEL ESP_LOG_ERROR
 #include <esp_log.h>
 #include <bootloader_flash.h>
 #include <bootloader_random.h>
@@ -166,15 +167,18 @@ goto err;
        rewritten the header - rely on esptool.py having verified the bootloader at flashing time, instead.
     */
     if (!is_bootloader) {
-#ifdef CONFIG_SECURE_BOOT_ENABLED
-        // secure boot images have a signature appended
-        err = verify_secure_boot_signature(sha_handle, data);
-#else
-        // No secure boot, but SHA-256 can be appended for basic corruption detection
-        if (sha_handle != NULL) {
-            err = verify_simple_hash(sha_handle, data);
+//#ifdef CONFIG_SECURE_BOOT_ENABLED
+        if (esp_secure_boot_enabled()) {
+          // secure boot images have a signature appended
+          err = verify_secure_boot_signature(sha_handle, data);
+//#else
+        } else {
+          // No secure boot, but SHA-256 can be appended for basic corruption detection
+          if (sha_handle != NULL) {
+              err = verify_simple_hash(sha_handle, data);
+          }
         }
-#endif // CONFIG_SECURE_BOOT_ENABLED
+//#endif // CONFIG_SECURE_BOOT_ENABLED
     } else { // is_bootloader
         // bootloader may still have a sha256 digest handle open
         if (sha_handle != NULL) {
diff --git a/examples/wifi/scan/sdkconfig b/examples/wifi/scan/sdkconfig
@@ -26,7 +26,12 @@ CONFIG_BOOTLOADER_VDDSDIO_BOOST=y
 #
 # Security features
 #
-CONFIG_SECURE_BOOT_ENABLED=
+CONFIG_SECURE_BOOT_ENABLED=y
+CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH=
+CONFIG_SECURE_BOOTLOADER_REFLASHABLE=y
+CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=y
+CONFIG_SECURE_BOOT_SIGNING_KEY="secure_boot_signing_key.pem"
+CONFIG_SECURE_BOOT_INSECURE=
 CONFIG_FLASH_ENCRYPTION_ENABLED=
 
 #
diff --git a/examples/wifi/scan/secure_boot_signing_key.pem b/examples/wifi/scan/secure_boot_signing_key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEICMyAIK9+SQEoSM06ju1q2PHfyQf34uN0J6WS0OFwP9OoAoGCCqGSM49
+AwEHoUQDQgAEWc/nSUEpKYnULT4h7AVQYjRr6AK5SpzKrEhlgpmjdBBvyKHFBopL
+oS+5nNiGlPdym8YYZk3THReXRDv+/3woRQ==
+-----END EC PRIVATE KEY-----
diff --git a/examples/wifi/scan/signature_verification_key.bin b/examples/wifi/scan/signature_verification_key.bin
@@ -0,0 +1 @@
+Y��IA))��->!�Pb4k��J�ʬHe���toȡ��K�/��؆��r��fM��D;��|(E

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Y��IA))��->!�Pb4k��J�ʬHe��toȡ��K�/��؆��r��fM��D;��\|(E`
Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,12 @@ CONFIG_BOOTLOADER_VDDSDIO_BOOST=y`
`26`	`26`	`#`
`27`	`27`	`# Security features`
`28`	`28`	`#`
`29`		`-CONFIG_SECURE_BOOT_ENABLED=`
	`29`	`+CONFIG_SECURE_BOOT_ENABLED=y`
	`30`	`+CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH=`
	`31`	`+CONFIG_SECURE_BOOTLOADER_REFLASHABLE=y`
	`32`	`+CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=y`
	`33`	`+CONFIG_SECURE_BOOT_SIGNING_KEY="secure_boot_signing_key.pem"`
	`34`	`+CONFIG_SECURE_BOOT_INSECURE=`
`30`	`35`	`CONFIG_FLASH_ENCRYPTION_ENABLED=`
`31`	`36`
`32`	`37`	`#`