Commit Graph

544 Commits

Author SHA1 Message Date
Mahavir Jain
7c94e98d2c Merge branch 'fix/sb_digest_revocation_workflow_v5.5' into 'release/v5.5'
change(bootloader): honor SECURE_BOOT_ALLOW_UNUSED_DIGEST_SLOTS during first boot (v5.5)

See merge request espressif/esp-idf!49714
2026-06-17 14:36:48 +05:30
Mahavir Jain
7d0545db69 change(bootloader): honor SECURE_BOOT_ALLOW_UNUSED_DIGEST_SLOTS during first boot
Previously the bootloader unconditionally revoked unused secure boot key
digest slots while permanently enabling secure boot on the first boot,
ignoring CONFIG_SECURE_BOOT_ALLOW_UNUSED_DIGEST_SLOTS. Now the config is
honored on this path too: when set, the unused digest slots are left
un-revoked. This is safe as long as the debug and download interfaces are
disabled.

Update the Kconfig help and the Secure Boot v2 guide (en and zh_CN)
accordingly.
2026-06-16 13:35:23 +05:30
Aditya Patwardhan
66156479d2 change(secure_boot): mark ECDSA based Secure Boot V2 as insecure on affected SoCs
ECDSA based Secure Boot V2 is not functional for certain input vectors on
ESP32-C5/C61/H2/P4 and on the preview targets ESP32-H4/H21. RSA based Secure
Boot V2 is the recommended scheme where the SoC supports it. This issue will be
fixed in a future hardware ECO revision; more details will be shared through the
hardware errata document.

A new hidden Kconfig option SECURE_BOOT_V2_ECDSA_INSECURE marks the affected
mass-production SoCs (ESP32-C5/C61/H2/P4). On these SoCs, when hardware Secure
Boot V2 is enabled, the ECDSA (V2) signing scheme is no longer offered by
default; it must be turned on explicitly via SECURE_BOOT_V2_FORCE_ENABLE_ECDSA
under "Allow potentially insecure options" (CONFIG_SECURE_BOOT_INSECURE). App
signing without hardware Secure Boot is not affected. Note that ESP32-C61 has no
RSA based Secure Boot V2, so it has no Secure Boot scheme enabled by default.

The preview targets ESP32-H4 and ESP32-H21 mark ECDSA Secure Boot V2 as not
supported in their SoC capabilities instead of using the option above. As
ESP32-H4 has no other Secure Boot V2 scheme, Secure Boot is disabled entirely on
it; ESP32-H21 retains RSA based Secure Boot V2.

The security documentation keeps the ECDSA Secure Boot V2 content visible and
adds a warning describing the limitation (including that ECDSA Secure Boot V2 on
ESP32-C61 is not recommended for production). CI apps that exercise ECDSA Secure
Boot V2 on the affected SoCs set CONFIG_SECURE_BOOT_V2_FORCE_ENABLE_ECDSA
accordingly.
2026-06-10 08:08:07 +05:30
harshal.patil
8b2e942e4e change(esp_key_mgr): Store key_len field in the key_info
- Update the Key Manager key types to be generic
- Define a new enum to determine the length of the keys
- Refactor the Key Manager driver support generic key types and key lengths
- Also store key deployment mode in the key recovery info
2026-05-15 00:13:34 +05:30
Laukik Hase
d3300de850 fix(soc): Correct the ESP32-C61 ROM stack start address 2026-03-30 18:30:29 +05:30
Mahavir Jain
309f692ecc Merge branch 'bugfix/docs_anti_rollback_v5.5' into 'release/v5.5'
docs: clarify anti-rollback secure version bits for c2/c5 (v5.5)

See merge request espressif/esp-idf!47124
2026-03-30 12:42:22 +05:30
Mahavir Jain
eb9b06e525 docs: clarify anti-rollback secure version bits for c2/c5 2026-03-30 10:35:02 +05:30
nilesh.kale
7ff9f65a24 fix(bootloader_support): added ecdsa curve validation during secure boot
This commit added ECDSA key curve validation between
curve selected in menuconfig and key provided.
2026-03-05 10:31:22 +05:30
Xiao Xufeng
3d22ac034c fix(esp32p4): fix rom and ld misuse min_rev 2026-01-19 17:53:34 +08:00
wuzhenghui
67a62f45ce fix(esp_system): fix rom secure boot fast wake feature for c5/c6/h2/h21 2026-01-12 18:11:59 +08:00
harshal.patil
6ea63548d4 fix(esp_security): Set WR_DIS_SECURE_BOOT_SHA384_EN by default when
Flash Encryption Release mode is enabled and Secure Boot P384 scheme not is enabled.
2025-11-11 17:53:04 +05:30
Mahavir Jain
042f29dd66 Merge branch 'fix/change_write_protection_bit_of_shared_security_efuses_v5.5' into 'release/v5.5'
Reorder write protection bits of some shared security efuses (v5.5)

See merge request espressif/esp-idf!42033
2025-10-15 09:38:59 +05:30
armando
e6d4eec507 feat(p4): p4 rev3 real chip support 2025-10-13 15:25:23 +08:00
harshal.patil
d902072d80 fix(bootloader_support): Reorder write protection bits of some shared security efuses 2025-10-13 10:40:16 +05:30
Mahavir Jain
b0713ffe08 fix(bootloader): correct encryption length for secure update without secure boot
For secure update without secure boot case, the encryption length for
app image must consider signature block length as well. This was
correctly handled for secure boot case but not for secure update without
secure boot.
2025-09-16 10:16:37 +05:30
harshal.patil
476f8f6f51 feat(bootloader_support): Support Secure Boot using ECDSA-P384 curve 2025-07-25 14:25:31 +05:30
Mahavir Jain
fa02f84c3e Merge branch 'docs/fix_secure_download_mode_unsupported_esp32_v5.5' into 'release/v5.5'
fix(bootloader): Fix documentation as ESP32 does not support secure download mode (v5.5)

See merge request espressif/esp-idf!40213
2025-07-22 14:49:14 +05:30
Jiang Jiang Jian
3c39b32195 Chip/support esp32c61 v5.5 2025-07-22 12:21:36 +08:00
harshal.patil
0644f453be fix(bootlaoder): Fix documentation as ESP32 does not support secure download mode 2025-06-30 10:26:36 +05:30
Konstantin Kondrashov
6f82f332fd fix(log): Fix bin log config available only for log version 2 2025-05-16 09:33:36 +03:00
Marius Vikhammer
066f6263fe Merge branch 'bugfix/clean_up_core_todos' into 'master'
change(core): clean-up leftover todo items in code

See merge request espressif/esp-idf!38651
2025-04-24 15:06:43 +08:00
Marius Vikhammer
503a9faa9f change(core): clean-up leftover todo items in code 2025-04-23 16:15:19 +08:00
Konstantin Kondrashov
204046e799 feat(log): Add binary logging support 2025-04-23 15:46:34 +08:00
laokaiyao
0abc755342 feat(rom): update rom for c5 eco2
Breaking: Starting from this commit, ESP-IDF can only support ESP32-C5 v1.0 (ECO2)
2025-04-16 11:01:36 +08:00
laokaiyao
db85cd02be refactor(esp32c61): bus_monitor backward compatible refactor 2025-04-08 22:50:04 +08:00
Chen Jichang
6c4271d4bb feat(esp32h4): disable unsupported build 2025-03-28 14:41:29 +08:00
Chen Jichang
45ba78940f feat(esp32h4): finnal introduce hello world 2025-03-19 18:48:41 +08:00
nilesh.kale
652879ff06 feat: enable flash encryption support for esp32h21 2025-03-13 10:37:11 +05:30
harshal.patil
a6ea9bcd41 fix(secure_boot): Fix SB verification failure when sig block and key digest mismatch
- Secure boot V2 verification failed when multiple keys are used to sign the bootloader
  and the application is signed with a key other than the first key that is used to
  sign the bootloader.
- The issue was introduced as a regression from the commit `ff16ce43`.
- Added a QEMU test for recreating the issue.
- Made SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT independent of SECURE_BOOT_BUILD_SIGNED_BINARIES.
2025-03-04 11:26:51 +05:30
harshal.patil
c7f86301e6 change(bootloader): Increase the iram_seg size of bootloader to fit NVS encryption 2025-01-29 18:51:29 +05:30
Konstantin Kondrashov
b994f33f51 feat(log): Updates timestamp APIs 2025-01-08 14:46:53 +08:00
Konstantin Kondrashov
a5bc08fb55 feat(log): Use esp_log func in all LOG macros 2025-01-08 14:46:53 +08:00
gaoxu
25731d0c1e feat(esp32h21): finnal introduce hello world support 2024-12-30 20:14:40 +08:00
Omar Chebib
28f1b18675 fix(bootloader): add a new property that contains the default linker scripts 2024-12-25 12:41:15 +08:00
Mahavir Jain
6a4a124d65 Merge branch 'feature/enable_rsa_based_secure_boot_for_c5_eco1' into 'master'
feat(bootloader_support): enabled RSA based secure boot scheme for ESP32C5 ECO1

Closes IDF-10453 and IDF-11441

See merge request espressif/esp-idf!35104
2024-12-04 18:00:34 +08:00
nilesh.kale
1e11340061 feat(bootloader_support): enabled RSA based secure boot scheme for ESP32C5 ECO1
This commit enabled RSA based secure boot scheme for ESP32C5 ECO1 module.
This update also adds a check to ensure the selected secure boot scheme is
valid for ECO0 modules.
2024-12-03 16:48:56 +05:30
harshal.patil
f02dc64ce6 feat(bootloader_support): Permanently enable pseudo rounds function for XTS-AES during start-up 2024-12-03 11:17:54 +05:30
Alexey Lapshin
888b5f7e8d feat(newlib): add picolibc support 2024-12-02 21:35:56 +07:00
Laukik Hase
66f880fc1c feat(esp_tee): Support for ESP-TEE - bootloader component 2024-12-02 10:09:53 +05:30
Konstantin Kondrashov
816a0da0fd feat(bootloader): Adds bootloader anti rollback configs 2024-11-08 13:53:24 +02:00
Konstantin Kondrashov
bb329c4e53 feat(bootloader): Move rollback configs into a separate menu 2024-11-07 19:25:58 +02:00
Omar Chebib
e33bcaa6d3 feat(bootloader): use idf property to specify extra components directories 2024-11-01 13:52:01 +08:00
Omar Chebib
775c65a6b7 feat(bootloader): add the possibility to specify extra components directories 2024-11-01 13:52:01 +08:00
Laukik Hase
5328dcd00c change(build): Add a new CMake flag NON_OS_BUILD for non-FreeRTOS builds 2024-10-21 19:03:30 +05:30
Peter Dragun
2c458f3af1 feat(tools): Add auto color to monitor and disable colors from chip logs
ANSI color codes are handled on the host side instead of the chip side. This
will result in shorter log messages transmitted over serial.
2024-10-01 11:46:20 +02:00
Guillaume Souchere
ab4e658af6 fix(bootloader): Update pin range for factory reset and app test
Update the range for pin selection of BOOTLOADER_NUM_PIN_APP_TEST
and BOOTLOADER_NUM_PIN_FACTORY_RESET based on the selected target.

Closes https://github.com/espressif/esp-idf/issues/14508
2024-09-06 07:18:46 +02:00
Marius Vikhammer
289ceff0e0 docs(build): update comments regarding -Os/Oz for kconfig compiler option 2024-08-27 13:41:34 +08:00
harshal.patil
03a15664ee change(bootloader_support/secure_boot): Improve description of the config SECURE_BOOT_V2_ALLOW_EFUSE_RD_DIS
Co-authored-by: Zhang Shuxian <zhangshuxian@espressif.com>
2024-08-21 16:32:54 +05:30
Jan Beran
a7141f75d7 fix: Fix condition checking if secure boot signing key exists 2024-08-09 08:38:38 +02:00
Jan Beran
01ee296db0 fix: fix various errors in Kconfig files 2024-07-17 11:33:22 +02:00